Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0iD1CPRNAJ8WD62pBm-ZqGaymn8.roa
File: 0iD1CPRNAJ8WD62pBm-ZqGaymn8.roa (raw, json)
Hash identifier: Z2E4i9meEi91YFBZ+die9U5Puqnnj7TEsAAmMcbNz7Y=
Subject key identifier: D2:20:F5:08:F4:4D:00:9F:16:0F:AD:A9:06:6F:99:A8:66:B2:9A:7F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E2766F3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0iD1CPRNAJ8WD62pBm-ZqGaymn8.roa
Signing time: Sat 01 Jan 2022 01:58:26 +0000
ROA not before: Sat 01 Jan 2022 01:58:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212871
IP address blocks: 194.87.124.0/22 maxlen: 24
194.87.120.0/22 maxlen: 24
193.124.49.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 237463283 (0xe2766f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d220f508f44d009f160fada9066f99a866b29a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dd:96:77:dd:86:69:b9:f5:0e:8b:32:bc:f0:
37:2e:0b:28:2a:c9:11:86:90:a6:d8:97:10:c3:d1:
70:71:88:49:5a:94:c1:16:a6:f4:33:14:38:a7:3e:
3f:b4:64:a8:84:9e:f1:50:69:72:bc:9d:97:d8:c4:
24:a1:f7:0b:3b:67:4d:7f:4e:3a:51:8b:70:00:8b:
fc:5a:95:9b:f7:29:99:9d:0f:06:5a:31:f5:69:62:
2d:09:cb:66:72:9e:72:94:55:4b:4e:ff:bb:e3:76:
eb:7c:f3:9c:75:5f:ea:4a:08:e8:54:10:a6:26:47:
2c:75:82:98:46:3d:e6:d1:4a:6c:83:ac:00:3f:61:
e4:0c:f3:71:60:c1:78:99:9e:34:51:ba:df:3f:ca:
a1:40:c7:29:cf:3f:73:2a:d2:79:c7:67:0c:6e:bd:
0a:5d:6e:7c:d7:4c:6a:5f:73:65:a7:00:aa:b5:2f:
aa:4c:bb:da:81:f9:1d:c5:99:3f:3f:e6:22:fd:2a:
f4:17:f3:59:b0:67:72:6b:62:42:81:07:22:fe:75:
92:26:60:ee:9f:9b:11:7c:f0:d7:2a:a5:89:31:34:
49:6c:20:1f:4f:40:04:a6:17:0f:71:6e:f8:0a:18:
0a:70:84:b9:b6:4c:33:a6:ce:c2:17:d0:44:39:20:
12:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:20:F5:08:F4:4D:00:9F:16:0F:AD:A9:06:6F:99:A8:66:B2:9A:7F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0iD1CPRNAJ8WD62pBm-ZqGaymn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
194.87.61.0/24
194.87.120.0/21
194.135.46.0/24
Signature Algorithm: sha256WithRSAEncryption
67:5d:70:e2:69:7b:78:4c:16:5d:3b:05:c1:3c:3a:c0:02:53:
3f:e6:eb:b0:5e:02:44:5d:34:ff:ca:cb:db:9d:d3:bc:ff:d2:
ca:0c:f3:f9:07:0e:4a:3b:87:47:bf:47:37:98:33:b5:9e:3a:
18:35:4c:d8:08:bb:06:68:b8:0c:69:b8:12:a9:de:9e:12:f2:
62:c1:12:62:8b:6f:51:97:c4:90:f8:0c:02:df:54:e8:ac:83:
08:f7:91:07:b7:32:ef:4f:49:2b:a8:66:68:5b:94:ea:dd:6e:
4d:cd:7f:27:a8:fb:e6:c3:df:1e:c8:fa:3c:d7:d1:33:a4:7b:
19:19:d4:e7:44:bc:8f:29:8e:65:46:d0:e4:5c:88:e2:90:e6:
a7:87:6e:2a:18:95:45:43:fd:81:ce:63:b6:f0:d3:5a:c0:f3:
ac:d4:fc:a8:88:83:92:a3:10:ef:aa:3c:6b:e1:5a:c5:1f:be:
d2:13:12:ce:b0:c3:14:9e:fa:6d:02:59:93:c4:43:60:d2:6f:
de:3b:f5:ef:71:29:e9:ab:5c:45:84:8a:17:a6:2e:2f:b8:09:
fa:0a:13:27:d4:35:7f:d1:f8:96:fc:42:e0:07:96:29:b5:fd:
a0:0d:7a:e4:e6:6d:62:ec:86:e8:78:f0:a3:85:c2:eb:b3:63:
4d:42:c1:61
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDidm8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIyMGY1MDhmNDRk
MDA5ZjE2MGZhZGE5MDY2Zjk5YTg2NmIyOWE3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrdlnfdhmm59Q6LMrzwNy4LKCrJEYaQptiXEMPRcHGISVqU
wRam9DMUOKc+P7RkqISe8VBpcrydl9jEJKH3CztnTX9OOlGLcACL/FqVm/cpmZ0P
Blox9WliLQnLZnKecpRVS07/u+N263zznHVf6koI6FQQpiZHLHWCmEY95tFKbIOs
AD9h5AzzcWDBeJmeNFG63z/KoUDHKc8/cyrSecdnDG69Cl1ufNdMal9zZacAqrUv
qky72oH5HcWZPz/mIv0q9BfzWbBncmtiQoEHIv51kiZg7p+bEXzw1yqliTE0SWwg
H09ABKYXD3Fu+AoYCnCEubZMM6bOwhfQRDkgEhsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTSIPUI9E0AnxYPrakGb5moZrKafzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
LzBpRDFDUFJOQUo4V0Q2MnBCbS1acUdheW1uOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMF8MQMEAMJXPQMEA8JXeAMEAMKH
LjANBgkqhkiG9w0BAQsFAAOCAQEAZ11w4ml7eEwWXTsFwTw6wAJTP+brsF4CRF00
/8rL253TvP/Sygzz+QcOSjuHR79HN5gztZ46GDVM2Ai7Bmi4DGm4EqnenhLyYsES
YotvUZfEkPgMAt9U6KyDCPeRB7cy709JK6hmaFuU6t1uTc1/J6j75sPfHsj6PNfR
M6R7GRnU50S8jymOZUbQ5FyI4pDmp4duKhiVRUP9gc5jtvDTWsDzrNT8qIiDkqMQ
76o8a+FaxR++0hMSzrDDFJ76bQJZk8RDYNJv3jv173Ep6atcRYSKF6YuL7gJ+goT
J9Q1f9H4lvxC4AeWKbX9oA165OZtYuyG6Hjwo4XC67NjTULBYQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:53 2023 by rpki-client on console-fra.rpki-client.org