Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-NZFeQK0cK_QeoTJnzeqs3YbQyc.roa
File: 1-NZFeQK0cK_QeoTJnzeqs3YbQyc.roa (raw, json)
Hash identifier: Rvyei4/p2hm2gv5w5Qlf/tUuu5jqlrJ0BUQEekZQYSQ=
Subject key identifier: F8:D6:45:79:02:B4:70:AF:D0:7A:84:C9:9F:37:AA:B3:76:1B:43:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018331D2063C2C2484F776C6543EDD49981A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-NZFeQK0cK_QeoTJnzeqs3YbQyc.roa
Signing time: Mon 12 Sep 2022 13:09:51 +0000
ROA not before: Mon 12 Sep 2022 13:09:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.135.18.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
195.133.12.0/22 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:d2:06:3c:2c:24:84:f7:76:c6:54:3e:dd:49:98:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 12 13:09:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8d6457902b470afd07a84c99f37aab3761b4327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cc:5d:07:e4:b0:29:0b:8a:a7:e7:18:56:02:
53:ad:05:64:7b:6b:97:23:23:31:3a:79:9e:2a:48:
a4:6c:2f:64:45:a1:7e:2f:7a:5c:7d:df:dd:af:60:
53:da:e3:45:9d:e1:74:99:d3:f7:3b:56:66:ce:de:
b2:82:6b:d7:a2:c3:d9:b7:eb:6d:43:28:cd:14:dd:
81:f7:8f:b0:3a:e9:63:9d:4a:bb:13:a1:09:18:6d:
3a:8e:51:87:d2:67:ac:a5:1b:76:3c:fb:cd:b4:82:
1b:1a:c9:bc:55:91:ed:04:15:c8:86:0c:4f:5e:86:
3e:c5:45:9a:71:49:4c:9f:66:73:32:13:e7:11:70:
f4:7c:20:ee:4b:2c:6a:26:9a:23:67:4e:94:4f:f8:
70:96:8f:f6:f0:06:7e:c4:0f:e8:38:d3:7a:9b:28:
b7:1c:05:62:6f:d4:09:9d:36:cf:8e:27:f8:6f:bd:
58:1e:a8:33:87:b7:a0:52:cd:67:1e:86:f3:76:68:
d0:bb:29:7a:6f:9e:93:3e:f0:83:e5:49:2e:42:36:
ca:2b:73:6b:1b:45:b0:6c:2b:b9:cb:d0:b7:24:be:
f1:92:ff:ad:17:e6:87:c1:fb:13:93:10:56:5d:ec:
dd:20:80:ad:bd:7c:a6:dc:e3:20:a6:09:86:73:d4:
a6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D6:45:79:02:B4:70:AF:D0:7A:84:C9:9F:37:AA:B3:76:1B:43:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-NZFeQK0cK_QeoTJnzeqs3YbQyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.45.0/24
193.124.90.0/24
193.124.203.0/24
194.58.45.0/24
194.87.1.0/24
194.87.24.0/22
194.87.179.0/24
194.87.198.0/24
194.87.219.0/24
194.87.222.0/23
194.135.18.0/24
194.135.23.0/24
195.133.12.0/22
195.133.80.0/24
Signature Algorithm: sha256WithRSAEncryption
35:79:aa:97:b1:58:4e:29:49:ba:7e:93:97:0e:de:91:5c:31:
b3:ef:7f:f9:4f:9b:1f:29:9a:fe:78:8c:c6:43:c2:b6:c1:b1:
ea:34:d4:9c:f1:e4:a4:ee:53:88:31:e6:e3:59:bb:a4:56:7d:
61:b2:41:37:69:d4:4c:3f:a1:a4:d7:7e:2e:69:46:e0:cd:42:
cf:f4:f1:a6:db:71:34:30:71:55:b6:e2:34:19:90:29:80:14:
d2:21:c2:dd:d3:02:61:24:4a:90:fe:e7:7b:30:ea:7c:8a:3c:
e7:ff:02:cd:94:bb:c2:fc:11:73:62:9b:64:c0:3d:f4:a9:af:
5b:7e:41:41:bd:25:b7:84:07:4c:b3:2e:1b:94:b8:6b:63:3b:
0e:e1:13:50:a7:c8:3b:a8:a5:52:35:de:24:d1:d9:cf:85:79:
fc:c1:8d:45:84:41:43:62:25:0d:b1:c3:a5:e0:ca:46:83:14:
b2:01:5f:16:a9:50:ba:6e:d3:09:af:8c:d5:32:c5:b5:24:41:
b3:40:78:30:63:57:62:cc:65:b7:1d:4a:f9:64:21:9a:c4:69:
b2:5c:36:3d:b2:2e:8d:13:86:02:61:b0:ac:f0:cd:1d:48:99:
be:e4:24:60:2f:db:e2:fd:f5:83:60:87:15:fd:0c:eb:1e:81:
79:53:ad:5c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYMx0gY8LCSE93bGVD7dSZgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTEyMTMwOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQ2NDU3OTAyYjQ3MGFmZDA3YTg0Yzk5ZjM3YWFiMzc2MWI0MzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcxdB+SwKQuKp+cYVgJTrQVke2uX
IyMxOnmeKkikbC9kRaF+L3pcfd/dr2BT2uNFneF0mdP3O1Zmzt6ygmvXosPZt+tt
QyjNFN2B94+wOuljnUq7E6EJGG06jlGH0mespRt2PPvNtIIbGsm8VZHtBBXIhgxP
XoY+xUWacUlMn2ZzMhPnEXD0fCDuSyxqJpojZ06UT/hwlo/28AZ+xA/oONN6myi3
HAVib9QJnTbPjif4b71YHqgzh7egUs1nHobzdmjQuyl6b56TPvCD5UkuQjbKK3Nr
G0WwbCu5y9C3JL7xkv+tF+aHwfsTkxBWXezdIICtvXym3OMgpgmGc9Sm6wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPjWRXkCtHCv0HqEyZ83qrN2G0MnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1OWkZlUUswY0tfUWVvVEpuemVxczNZYlF5Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAMB8
rQMEAMB8sgMEAsB8tAMEAsB8vAMEAMB80QMEAMF8AwMEAMF8LQMEAMF8WgMEAMF8
ywMEAMI6LQMEAMJXAQMEAsJXGAMEAMJXswMEAMJXxgMEAMJX2wMEAcJX3gMEAMKH
EgMEAMKHFwMEAsOFDAMEAMOFUDANBgkqhkiG9w0BAQsFAAOCAQEANXmql7FYTilJ
un6Tlw7ekVwxs+9/+U+bHyma/niMxkPCtsGx6jTUnPHkpO5TiDHm41m7pFZ9YbJB
N2nUTD+hpNd+LmlG4M1Cz/TxpttxNDBxVbbiNBmQKYAU0iHC3dMCYSRKkP7nezDq
fIo85/8CzZS7wvwRc2KbZMA99KmvW35BQb0lt4QHTLMuG5S4a2M7DuETUKfIO6il
UjXeJNHZz4V5/MGNRYRBQ2IlDbHDpeDKRoMUsgFfFqlQum7TCa+M1TLFtSRBs0B4
MGNXYsxltx1K+WQhmsRpslw2PbIujROGAmGwrPDNHUiZvuQkYC/b4v31g2CHFf0M
6x6BeVOtXA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org