Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-Z3cDfvzGI7GyzHKikIEgil1DBA.roa
File: 1-Z3cDfvzGI7GyzHKikIEgil1DBA.roa (raw, json)
Hash identifier: IWLCSdfAJ0oQJ/1r7JLCmwMgyEsWu/WzFIX6kw5E9XU=
Subject key identifier: F9:9D:DC:0D:FB:F3:18:8E:C6:CB:31:CA:8A:42:04:82:29:75:0C:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0F172CF0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-Z3cDfvzGI7GyzHKikIEgil1DBA.roa
Signing time: Tue 15 Mar 2022 12:58:11 +0000
ROA not before: Tue 15 Mar 2022 12:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 195.133.77.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253177072 (0xf172cf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 15 12:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f99ddc0dfbf3188ec6cb31ca8a42048229750c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7e:e8:5d:0a:b7:77:d3:70:23:00:b9:5a:c4:
3e:af:d8:17:72:f7:9b:b5:c9:12:aa:06:cf:0d:d7:
6f:34:74:be:ca:43:b2:dd:b9:bc:3b:39:fe:4e:60:
26:a9:e4:95:09:72:88:54:9c:01:b0:f4:66:57:9e:
78:15:47:0f:6a:b4:54:35:2b:3e:26:ca:e4:88:00:
8d:d3:ac:aa:df:aa:ae:fd:e9:93:e9:06:b4:d2:63:
79:40:fe:d3:40:c2:0a:ce:87:08:a9:6c:97:20:7c:
29:76:f7:ef:48:c4:5e:ff:c7:16:40:02:8c:1d:c5:
ec:82:b1:56:07:ae:02:e0:d9:9d:ba:c8:a9:69:59:
1a:b8:ae:af:b9:b5:7f:6e:e1:e6:c8:56:47:45:91:
a3:82:89:81:28:5c:29:10:9f:51:6e:70:f6:ae:84:
70:3b:69:4c:fa:a1:f8:a4:0e:40:f1:e6:de:f3:76:
c3:6e:2d:07:f4:3a:61:aa:5a:4e:4a:3e:48:6d:cc:
07:42:db:4f:cb:bd:e9:2c:db:74:28:bf:51:e3:f3:
5f:7e:7e:e9:e2:9b:fb:74:33:1e:ac:34:90:2e:55:
de:14:df:01:7e:50:d3:54:8f:a7:a7:01:4b:f2:dd:
41:61:ea:d8:00:39:d6:f9:18:e4:c7:5d:75:41:ce:
a7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9D:DC:0D:FB:F3:18:8E:C6:CB:31:CA:8A:42:04:82:29:75:0C:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-Z3cDfvzGI7GyzHKikIEgil1DBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.227.0/24
195.133.77.0/24
Signature Algorithm: sha256WithRSAEncryption
76:cf:61:ee:86:84:54:06:e7:62:27:e0:3b:a4:14:7d:23:95:
3b:88:18:e9:06:18:20:ef:1e:00:42:91:e1:b3:3c:93:02:14:
55:c6:4d:26:13:20:a3:68:85:44:3d:67:7f:6f:82:9e:f2:49:
9c:90:2a:a1:c5:ca:f0:39:79:f7:6b:d0:32:f0:00:00:2b:3e:
ef:30:5c:b5:e4:05:d9:16:0e:e2:15:40:99:49:ac:3d:b9:73:
8d:2a:39:73:b6:d5:8e:f2:6b:19:ec:63:48:c2:3e:89:23:81:
a0:59:a3:ce:c8:da:3e:d2:55:e2:ef:39:20:7b:c9:bb:56:95:
69:98:3b:5e:33:4b:cd:d1:a6:5e:8d:86:e8:14:21:03:c3:ac:
f7:19:79:88:a1:d1:cb:11:0a:b6:1e:de:88:15:1c:0f:fd:45:
6f:06:60:f0:25:aa:7a:36:f4:26:fe:ff:ed:59:44:d4:4c:e5:
ad:41:51:76:e5:41:56:8b:51:23:b6:64:a2:7a:55:65:48:3f:
80:40:7f:97:7c:49:b5:a1:b3:7b:cb:4d:a8:bc:35:62:23:d1:
19:17:31:af:7c:f2:9d:82:7f:00:ae:b8:ca:1e:92:b3:70:28:
64:c1:f4:eb:d9:6e:de:4d:f9:c9:4b:a8:29:ef:49:21:24:e2:
85:1c:da:ac
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEDxcs8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDMx
NTEyNTgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk5ZGRjMGRmYmYz
MTg4ZWM2Y2IzMWNhOGE0MjA0ODIyOTc1MGMxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALl+6F0Kt3fTcCMAuVrEPq/YF3L3m7XJEqoGzw3XbzR0vspD
st25vDs5/k5gJqnklQlyiFScAbD0ZleeeBVHD2q0VDUrPibK5IgAjdOsqt+qrv3p
k+kGtNJjeUD+00DCCs6HCKlslyB8KXb370jEXv/HFkACjB3F7IKxVgeuAuDZnbrI
qWlZGriur7m1f27h5shWR0WRo4KJgShcKRCfUW5w9q6EcDtpTPqh+KQOQPHm3vN2
w24tB/Q6YapaTko+SG3MB0LbT8u96SzbdCi/UePzX35+6eKb+3QzHqw0kC5V3hTf
AX5Q01SPp6cBS/LdQWHq2AA51vkY5MdddUHOp+cCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT5ndwN+/MYjsbLMcqKQgSCKXUMEDAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
LzEtWjNjRGZ2ekdJN0d5ekhLaWtJRWdpbDFEQkEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAw
L2UxNDQ3YS04ZjE4LTRhODAtYTQyMi01YTQyNDI4ZjExNDMvMS9OV2tQWGpMVnlH
cng0VFNkX1U2TTdyY09Hc2MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADCV+MDBADDhU0wDQYJKoZIhvcN
AQELBQADggEBAHbPYe6GhFQG52In4DukFH0jlTuIGOkGGCDvHgBCkeGzPJMCFFXG
TSYTIKNohUQ9Z39vgp7ySZyQKqHFyvA5efdr0DLwAAArPu8wXLXkBdkWDuIVQJlJ
rD25c40qOXO21Y7yaxnsY0jCPokjgaBZo87I2j7SVeLvOSB7ybtWlWmYO14zS83R
pl6NhugUIQPDrPcZeYih0csRCrYe3ogVHA/9RW8GYPAlqno29Cb+/+1ZRNRM5a1B
UXblQVaLUSO2ZKJ6VWVIP4BAf5d8SbWhs3vLTai8NWIj0RkXMa988p2CfwCuuMoe
krNwKGTB9OvZbt5N+clLqCnvSSEk4oUc2qw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org