Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1_VWDBrfVWRlrNKDXU5qkD67RVU.roa
File: 1_VWDBrfVWRlrNKDXU5qkD67RVU.roa (raw, json)
Hash identifier: oMzHK+BP3oO1GBDZQpNv5OjtQccn69VOYc80v1LmS44=
Subject key identifier: D7:F5:56:0C:1A:DF:55:64:65:AC:D2:83:5D:4E:6A:90:3E:BB:45:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183D0CAD247D5374BD122F2A975C520829E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1_VWDBrfVWRlrNKDXU5qkD67RVU.roa
Signing time: Thu 13 Oct 2022 10:01:36 +0000
ROA not before: Thu 13 Oct 2022 10:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213028
IP address blocks: 194.135.124.0/24 maxlen: 24
194.87.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:ca:d2:47:d5:37:4b:d1:22:f2:a9:75:c5:20:82:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 13 10:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7f5560c1adf556465acd2835d4e6a903ebb4555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0d:9e:bc:f5:35:d0:a3:54:63:d4:46:fa:26:
47:95:59:23:62:3e:57:f6:87:14:b6:a1:9f:7d:c1:
35:ec:84:f9:3d:69:67:c2:db:90:ca:c4:35:2b:3c:
ef:94:7f:7a:d9:79:75:74:cc:8b:e3:5c:53:ba:fc:
3d:ea:7d:c3:73:58:88:fd:5e:a3:71:1a:be:1c:63:
16:5a:e8:05:86:f2:a7:02:8f:35:c6:61:c9:c9:0a:
ce:08:b3:3e:f0:0d:79:0d:df:ae:9d:d9:0a:30:bb:
e9:7e:db:3b:fe:5a:9c:bb:a4:2b:1e:3d:f7:57:f8:
33:80:57:a7:96:38:b7:5e:0c:bb:b6:88:d5:26:ea:
5d:5b:50:a5:76:7c:c4:3b:cc:ce:de:6e:b2:06:d0:
e0:47:de:e2:a5:f2:55:da:03:f3:9c:1b:23:e9:0e:
59:f0:55:43:10:12:16:8e:54:e2:3f:3b:45:8e:ef:
3b:1b:2b:86:01:b0:c4:b5:1b:f6:8d:ea:2c:24:e8:
7b:6f:ce:c6:44:36:48:a2:97:82:fc:62:49:06:92:
17:a2:b0:3c:89:fb:28:00:74:d8:83:08:7d:9a:13:
6f:97:ed:65:2b:21:96:38:4e:84:99:3a:9a:0f:7f:
81:e7:a4:49:87:5a:a1:7c:ab:c8:09:b7:47:cf:d8:
5a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F5:56:0C:1A:DF:55:64:65:AC:D2:83:5D:4E:6A:90:3E:BB:45:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1_VWDBrfVWRlrNKDXU5qkD67RVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.74.0/24
194.135.124.0/24
Signature Algorithm: sha256WithRSAEncryption
03:0d:ab:69:9d:69:aa:b9:80:db:ed:c5:43:78:32:eb:fe:eb:
2d:ff:1b:12:0b:12:cd:67:9a:ca:62:59:e5:f6:25:81:1a:0e:
d1:14:7f:f6:9c:c5:dc:2a:20:94:2c:65:e8:0d:32:35:7c:cf:
e1:fb:13:b2:0f:db:60:64:46:09:20:3d:d2:7c:5c:78:58:f9:
07:66:75:37:ea:fd:5d:1d:1f:f8:5c:46:5c:4a:ae:21:71:91:
19:94:10:3e:92:38:85:ea:5c:25:eb:6a:50:eb:0c:c3:eb:52:
3f:69:f0:f3:00:ac:2f:30:c4:4e:1d:8c:95:68:ac:d3:8a:85:
9c:78:85:03:15:60:72:a1:98:4d:bf:40:44:c6:e9:f5:e4:bc:
d5:be:08:8b:ff:c6:07:58:91:8e:ec:f3:ce:c9:0a:dc:ff:57:
6c:f6:d4:d1:91:21:39:51:be:32:18:9a:62:e5:5b:1f:32:61:
70:04:dd:82:af:26:ef:ce:f3:47:8b:ab:a7:e6:ea:2a:6e:6c:
f0:ae:cf:66:4c:5b:af:34:41:60:cf:2e:ff:02:d7:65:e0:3f:
99:99:3a:21:0a:3d:48:4f:96:6f:58:89:f3:7c:23:56:e7:90:
5b:13:cf:db:49:6f:26:c6:51:0a:13:33:ce:65:60:2a:79:0b:
a3:d1:9c:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPQytJH1TdL0SLyqXXFIIKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEzMTAwMTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2Y1NTYwYzFhZGY1NTY0NjVhY2QyODM1ZDRlNmE5MDNlYmI0NTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw2evPU10KNUY9RG+iZHlVkjYj5X
9ocUtqGffcE17IT5PWlnwtuQysQ1KzzvlH962Xl1dMyL41xTuvw96n3Dc1iI/V6j
cRq+HGMWWugFhvKnAo81xmHJyQrOCLM+8A15Dd+undkKMLvpfts7/lqcu6QrHj33
V/gzgFenlji3Xgy7tojVJupdW1CldnzEO8zO3m6yBtDgR97ipfJV2gPznBsj6Q5Z
8FVDEBIWjlTiPztFju87GyuGAbDEtRv2jeosJOh7b87GRDZIopeC/GJJBpIXorA8
ifsoAHTYgwh9mhNvl+1lKyGWOE6EmTqaD3+B56RJh1qhfKvICbdHz9haYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNf1Vgwa31VkZazSg11OapA+u0VVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMV9WV0RCcmZWV1Jsck5LRFhVNXFrRDY3UlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldKAwQA
wod8MA0GCSqGSIb3DQEBCwUAA4IBAQADDatpnWmquYDb7cVDeDLr/ust/xsSCxLN
Z5rKYlnl9iWBGg7RFH/2nMXcKiCULGXoDTI1fM/h+xOyD9tgZEYJID3SfFx4WPkH
ZnU36v1dHR/4XEZcSq4hcZEZlBA+kjiF6lwl62pQ6wzD61I/afDzAKwvMMROHYyV
aKzTioWceIUDFWByoZhNv0BExun15LzVvgiL/8YHWJGO7PPOyQrc/1ds9tTRkSE5
Ub4yGJpi5VsfMmFwBN2CrybvzvNHi6un5uoqbmzwrs9mTFuvNEFgzy7/Atdl4D+Z
mTohCj1IT5ZvWInzfCNW55BbE8/bSW8mxlEKEzPOZWAqeQuj0ZzR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org