Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/nNX3K1Newm_g39sHkvs9FNEIiPM.roa
File: nNX3K1Newm_g39sHkvs9FNEIiPM.roa (raw, json)
Hash identifier: nF8s8VfC2nC/9ZKJrd3K3Rceio292SPeAeSkq93dMRM=
Subject key identifier: 9C:D5:F7:2B:53:5E:C2:6F:E0:DF:DB:07:92:FB:3D:14:D1:08:88:F3
Certificate issuer: /CN=7ddf809131ee56531939d05f607271bdf01d19b5
Certificate serial: 087599E0
Authority key identifier: 7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/nNX3K1Newm_g39sHkvs9FNEIiPM.roa
Signing time: Sat 01 Jan 2022 01:59:17 +0000
ROA not before: Sat 01 Jan 2022 01:59:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35360
IP address blocks: 45.66.4.0/22 maxlen: 24
2a09:5fc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141924832 (0x87599e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ddf809131ee56531939d05f607271bdf01d19b5
Validity
Not Before: Jan 1 01:59:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cd5f72b535ec26fe0dfdb0792fb3d14d10888f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fe:18:85:35:21:e6:6d:15:85:67:d5:a6:59:
16:5c:65:21:98:33:49:18:bb:26:df:29:0c:81:21:
52:9d:9c:16:09:17:dd:5f:cc:c5:7c:65:8d:85:32:
52:9f:00:f2:b6:07:0b:20:1c:0c:f8:b4:f3:e4:bb:
2e:bf:c3:56:2f:47:10:85:64:27:bb:08:2a:0e:06:
1d:e3:6d:15:5e:35:21:e1:7b:f7:30:91:92:0e:65:
43:3e:aa:be:4d:81:c5:ec:ca:e8:c0:cb:53:cd:a0:
03:ce:cc:12:21:2d:59:8c:03:62:30:9d:29:bc:05:
1c:be:84:85:3e:8a:50:91:ad:f2:6f:77:34:e1:76:
06:60:79:69:50:3f:5b:6a:90:2a:d3:19:78:b0:d2:
3f:07:29:10:0c:0d:fb:98:da:b6:4a:16:2a:95:f5:
c6:fb:08:72:4f:7c:ef:56:1e:8c:16:72:b5:bd:0d:
67:18:a3:e8:3a:57:aa:fe:ff:63:7a:9b:5c:a9:50:
42:f5:36:be:fd:64:eb:9c:eb:3f:1e:b1:d8:fd:e7:
3b:d0:0c:f9:5c:1c:cc:d7:d8:3f:fc:16:48:b3:73:
62:f3:a5:88:f5:5e:78:65:9d:29:55:06:0d:99:b2:
83:f1:23:d8:5f:9c:bf:52:06:6e:d8:50:c0:f4:d7:
c9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D5:F7:2B:53:5E:C2:6F:E0:DF:DB:07:92:FB:3D:14:D1:08:88:F3
X509v3 Authority Key Identifier:
keyid:7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/nNX3K1Newm_g39sHkvs9FNEIiPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/fd-AkTHuVlMZOdBfYHJxvfAdGbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.4.0/22
IPv6:
2a09:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:ee:c0:34:e5:a7:2d:dd:62:5d:20:3f:ec:9c:6e:16:ac:06:
06:bb:27:9f:df:67:e8:d5:f6:18:8d:72:9f:cb:15:dc:aa:d4:
41:4a:09:66:88:5b:10:1e:e7:09:1c:bd:07:d9:98:c4:0e:ea:
80:c8:b3:f9:29:d7:4b:4e:f6:c5:f0:e6:3c:2a:17:68:d1:a2:
1c:a7:b1:44:74:35:45:a0:ee:da:e9:16:b1:1f:16:90:34:da:
63:aa:55:71:af:27:d5:a1:50:d9:07:17:6c:78:54:43:b3:38:
7c:8d:3a:fc:12:fc:ea:06:e1:fc:f3:0e:70:a8:24:b7:71:95:
16:60:28:13:9a:5b:6e:4c:7d:19:0b:41:70:ce:c9:b3:c5:fa:
2d:7e:33:66:dd:8b:10:d8:65:9a:bf:00:13:e5:dc:0e:e2:2f:
24:c4:40:25:2c:e7:7f:62:9a:9a:13:a4:ee:10:60:a5:2c:fe:
45:15:2d:51:88:ba:a3:61:fc:53:6a:45:8c:1a:f5:fb:cd:e0:
db:b3:e6:9f:f2:4f:fd:a9:07:77:68:c9:38:a4:71:cc:1e:45:
6c:f9:d2:4a:3f:a6:9e:d0:93:52:46:cd:08:1f:b8:fc:18:83:
10:18:77:77:ba:3e:14:42:88:4e:4b:57:6a:b5:fa:68:0f:0e:
44:ac:77:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECHWZ4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGRmODA5MTMxZWU1NjUzMTkzOWQwNWY2MDcyNzFiZGYwMWQxOWI1MB4XDTIyMDEw
MTAxNTkxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNkNWY3MmI1MzVl
YzI2ZmUwZGZkYjA3OTJmYjNkMTRkMTA4ODhmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALD+GIU1IeZtFYVn1aZZFlxlIZgzSRi7Jt8pDIEhUp2cFgkX
3V/MxXxljYUyUp8A8rYHCyAcDPi08+S7Lr/DVi9HEIVkJ7sIKg4GHeNtFV41IeF7
9zCRkg5lQz6qvk2BxezK6MDLU82gA87MEiEtWYwDYjCdKbwFHL6EhT6KUJGt8m93
NOF2BmB5aVA/W2qQKtMZeLDSPwcpEAwN+5jatkoWKpX1xvsIck9871YejBZytb0N
Zxij6DpXqv7/Y3qbXKlQQvU2vv1k65zrPx6x2P3nO9AM+VwczNfYP/wWSLNzYvOl
iPVeeGWdKVUGDZmyg/Ej2F+cv1IGbthQwPTXyfECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSc1fcrU17Cb+Df2weS+z0U0QiI8zAfBgNVHSMEGDAWgBR934CRMe5WUxk5
0F9gcnG98B0ZtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZkLUFrVEh1VmxNWk9kQmZZSEp4dmZBZEdiVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvZTdlNjM1LWYyNTYtNDAwMS1iMDcxLWI5NGViOWU2YjllYi8x
L25OWDNLMU5ld21fZzM5c0hrdnM5Rk5FSWlQTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
ZTdlNjM1LWYyNTYtNDAwMS1iMDcxLWI5NGViOWU2YjllYi8xL2ZkLUFrVEh1VmxN
Wk9kQmZZSEp4dmZBZEdiVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1CBDANBAIAAjAHAwUDKglfwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmu7ANOWnLd1iXSA/7JxuFqwGBrsnn99n6NX2GI1y
n8sV3KrUQUoJZohbEB7nCRy9B9mYxA7qgMiz+SnXS072xfDmPCoXaNGiHKexRHQ1
RaDu2ukWsR8WkDTaY6pVca8n1aFQ2QcXbHhUQ7M4fI06/BL86gbh/PMOcKgkt3GV
FmAoE5pbbkx9GQtBcM7Js8X6LX4zZt2LENhlmr8AE+XcDuIvJMRAJSznf2KamhOk
7hBgpSz+RRUtUYi6o2H8U2pFjBr1+83g27Pmn/JP/akHd2jJOKRxzB5FbPnSSj+m
ntCTUkbNCB+4/BiDEBh3d7o+FEKITktXarX6aA8ORKx3DQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:29 2024 by rpki-client on console-ams.rpki-client.org