Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-8-WtvggztYFvlWPTFPhtAlEDu4.roa
File: 1-8-WtvggztYFvlWPTFPhtAlEDu4.roa (raw, json)
Hash identifier: M7hzohaDsMMGMmj7xkbOjHrRth/68aowPpIs8INSkm4=
Subject key identifier: FB:CF:96:B6:F8:20:CE:D6:05:BE:55:8F:4C:53:E1:B4:09:44:0E:EE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018476971A2780AD11E86393D0DB1E5FE31A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-8-WtvggztYFvlWPTFPhtAlEDu4.roa
Signing time: Mon 14 Nov 2022 14:42:04 +0000
ROA not before: Mon 14 Nov 2022 14:42:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:97:1a:27:80:ad:11:e8:63:93:d0:db:1e:5f:e3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 14:42:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbcf96b6f820ced605be558f4c53e1b409440eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b6:16:a8:e8:b4:59:25:f7:d0:2c:7d:08:77:
3c:d5:c9:38:a2:df:f3:2e:14:0f:69:a1:b7:ef:2c:
76:51:cb:1b:2c:c4:c4:9e:c9:a9:e0:dd:29:bd:52:
8b:6b:d5:1c:20:32:76:d1:4a:1f:5e:c2:68:08:e9:
55:7f:c7:cd:c4:c1:14:64:ab:2c:d9:f8:6f:ad:b9:
34:f1:1e:ed:4e:15:f6:59:93:f3:ae:9d:cd:a9:c5:
89:b7:15:66:63:69:48:28:9b:89:6e:cf:4d:66:0f:
a7:4e:7a:e3:95:8b:cf:13:e4:b2:ce:03:1d:01:b0:
79:e3:26:ce:4b:1b:33:0f:d9:a4:9a:b5:e7:90:07:
8d:4c:82:1a:f0:55:7b:09:65:9f:2a:fc:ef:59:3d:
2f:27:1c:ba:65:a7:81:1d:17:68:bb:6b:92:37:d9:
e8:7a:bd:08:f5:57:8a:6b:28:45:8c:f6:90:be:c3:
cb:5d:31:e1:77:1a:a5:ac:ab:1a:8b:b6:cc:bf:41:
85:4c:a0:a5:11:98:c2:b4:50:be:8a:72:ed:8f:14:
10:4e:ac:e3:c7:f0:ff:8f:bc:27:3a:4b:e8:14:73:
fc:56:a5:a9:32:9f:75:0a:c4:68:0d:71:b8:3b:65:
5f:57:8e:cc:08:09:af:bd:c3:15:b3:69:4c:ad:5b:
5e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:CF:96:B6:F8:20:CE:D6:05:BE:55:8F:4C:53:E1:B4:09:44:0E:EE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-8-WtvggztYFvlWPTFPhtAlEDu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.47.0/24
193.124.125.0/24
193.124.201.0/24
194.87.37.0/24
194.87.126.0/24
194.87.162.0/24
194.87.207.0/24
195.58.63.0/24
195.133.73.0/24
195.133.195.0/24
Signature Algorithm: sha256WithRSAEncryption
16:dc:cd:14:cb:6d:a1:50:54:08:25:29:ab:21:7a:aa:f7:4d:
2c:97:b2:c6:25:bb:3a:e4:9d:b1:bb:e9:63:5c:6f:3b:a5:55:
84:e5:ff:8d:e9:1e:61:af:f1:38:e0:af:37:7c:4b:70:0d:dc:
b2:f6:2e:3d:ee:78:2d:90:45:d5:a9:18:85:80:41:32:73:4c:
e3:f6:ef:c7:de:c9:da:ad:9b:72:7f:14:db:eb:95:35:5a:95:
b4:3c:46:eb:01:17:ed:cd:4f:ca:58:40:d0:a0:49:d8:d8:22:
29:f3:e1:c5:b4:92:36:a0:fd:5a:10:bb:41:fe:ba:f8:56:2a:
82:88:f6:1b:6f:8c:14:59:45:51:f9:88:b1:fe:3d:93:1b:df:
5c:14:a3:1b:1e:d6:34:95:28:f3:e1:8d:4b:af:4b:0a:bc:fa:
c8:7f:be:78:a5:89:c7:34:19:6f:d6:e5:23:eb:a9:a8:a2:03:
ef:9b:44:e2:f8:94:05:9f:da:3d:3e:38:4c:9f:73:c7:9c:f3:
24:f9:4f:fc:65:e4:23:c6:3f:52:54:aa:f9:2c:c3:c2:7f:44:
77:db:7c:7b:91:82:6f:67:6a:78:dd:f4:4f:b1:43:d6:7d:2f:
69:d6:6d:1a:b4:2c:1d:1d:93:1c:e5:2e:1b:ac:81:2f:3f:95:
8b:d5:ef:28
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYR2lxongK0R6GOT0NseX+MaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE0MTQ0MjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmNmOTZiNmY4MjBjZWQ2MDViZTU1OGY0YzUzZTFiNDA5NDQwZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurYWqOi0WSX30Cx9CHc81ck4ot/z
LhQPaaG37yx2UcsbLMTEnsmp4N0pvVKLa9UcIDJ20UofXsJoCOlVf8fNxMEUZKss
2fhvrbk08R7tThX2WZPzrp3NqcWJtxVmY2lIKJuJbs9NZg+nTnrjlYvPE+SyzgMd
AbB54ybOSxszD9mkmrXnkAeNTIIa8FV7CWWfKvzvWT0vJxy6ZaeBHRdou2uSN9no
er0I9VeKayhFjPaQvsPLXTHhdxqlrKsai7bMv0GFTKClEZjCtFC+inLtjxQQTqzj
x/D/j7wnOkvoFHP8VqWpMp91CsRoDXG4O2VfV47MCAmvvcMVs2lMrVtebwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFPvPlrb4IM7WBb5Vj0xT4bQJRA7uMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS04LVd0dmdnenRZRnZsV1BURlBodEFsRUR1NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAMF8BAME
AMF8LwMEAMF8fQMEAMF8yQMEAMJXJQMEAMJXfgMEAMJXogMEAMJXzwMEAMM6PwME
AMOFSQMEAMOFwzANBgkqhkiG9w0BAQsFAAOCAQEAFtzNFMttoVBUCCUpqyF6qvdN
LJeyxiW7OuSdsbvpY1xvO6VVhOX/jekeYa/xOOCvN3xLcA3csvYuPe54LZBF1akY
hYBBMnNM4/bvx97J2q2bcn8U2+uVNVqVtDxG6wEX7c1PylhA0KBJ2NgiKfPhxbSS
NqD9WhC7Qf66+FYqgoj2G2+MFFlFUfmIsf49kxvfXBSjGx7WNJUo8+GNS69LCrz6
yH++eKWJxzQZb9blI+upqKID75tE4viUBZ/aPT44TJ9zx5zzJPlP/GXkI8Y/UlSq
+SzDwn9Ed9t8e5GCb2dqeN30T7FD1n0vadZtGrQsHR2THOUuG6yBLz+Vi9XvKA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:48 2023 by rpki-client on console-ams.rpki-client.org