Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2oXOllUeJCY1w023qSjRH5XWtC8.roa
File: 2oXOllUeJCY1w023qSjRH5XWtC8.roa (raw, json)
Hash identifier: cAQuVLPDw/JUxF46fxhdVq6ZNzUq/cgyCo0n2WWiHVM=
Subject key identifier: DA:85:CE:96:55:1E:24:26:35:C3:4D:B7:A9:28:D1:1F:95:D6:B4:2F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01849A265E2361C18BA1B04662C29E26431A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2oXOllUeJCY1w023qSjRH5XWtC8.roa
Signing time: Mon 21 Nov 2022 12:25:16 +0000
ROA not before: Mon 21 Nov 2022 12:25:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:26:5e:23:61:c1:8b:a1:b0:46:62:c2:9e:26:43:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 21 12:25:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da85ce96551e242635c34db7a928d11f95d6b42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:39:15:46:aa:65:28:0b:9e:83:13:e9:a5:7b:
cb:1d:8e:84:5f:33:75:d4:d8:9e:2f:e6:23:4e:e3:
9d:aa:e1:d7:a8:b7:65:ca:9d:0f:e8:94:3a:0a:f1:
4e:41:80:ef:14:f0:a2:fc:3f:a3:c2:cb:91:7c:ca:
55:4a:20:e1:4d:f8:83:bd:77:21:77:49:06:f0:57:
9c:dd:b2:a5:b5:85:c2:70:c0:36:2a:22:f2:7f:34:
bd:47:67:78:77:e0:d1:61:86:64:55:3b:0a:1d:a4:
95:81:df:28:89:8a:a8:fd:af:a8:30:c2:0f:dc:46:
6a:bc:78:4e:50:3b:ac:7e:0f:02:ea:9e:2c:e3:87:
53:46:67:cc:fb:83:7a:8f:6a:e4:f6:ce:da:7b:7d:
20:19:c4:c9:6d:57:26:73:45:e8:e0:37:77:7e:7d:
62:c0:92:20:81:5d:72:62:ed:14:92:a7:af:c4:96:
9a:56:cc:cc:8e:1b:c0:84:15:ae:0c:73:70:2b:b2:
f7:6b:b3:bc:47:f4:e3:fc:22:36:e1:df:4f:cb:33:
28:3d:f3:d2:e3:5c:7d:a3:9b:5b:86:a4:4a:11:b8:
09:c2:2a:e3:1b:35:bd:d7:f5:48:c8:d0:14:da:93:
ac:14:c5:59:70:84:d4:92:73:5c:ef:ad:ca:12:04:
ea:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:85:CE:96:55:1E:24:26:35:C3:4D:B7:A9:28:D1:1F:95:D6:B4:2F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2oXOllUeJCY1w023qSjRH5XWtC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.38.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/24
194.135.23.0/24
195.58.35.0/24
195.133.0.0/24
195.133.35.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
73:38:1e:77:9f:af:11:ad:c6:eb:42:83:76:15:c6:9c:48:74:
75:9b:2b:13:6f:28:b7:8b:e6:ac:70:e7:a4:c2:5b:ee:8c:69:
4c:24:36:cb:cf:20:bd:c6:70:59:fd:cf:2a:1c:24:cf:ce:48:
ef:a3:db:8d:dd:f7:71:89:01:1e:1d:14:75:f7:81:28:db:3a:
a1:15:e3:b4:ff:10:32:ac:49:f3:8b:25:3c:93:dc:0c:d1:48:
ad:9d:93:2b:9b:13:b5:db:9b:e0:e5:42:7f:7a:81:92:f5:24:
b4:d7:7d:bd:47:3d:92:a3:5f:4e:0d:54:86:0a:dc:4f:f6:5d:
1c:3f:d7:b1:c6:c0:be:48:af:a8:a2:7f:48:44:7e:f8:c9:50:
eb:65:7e:49:f2:a0:c1:e2:94:32:e5:dc:e4:dc:7e:bc:45:8d:
dd:e8:6d:ec:19:7d:17:63:06:e1:57:e5:57:2f:b4:d3:24:ec:
16:bf:45:fc:a1:5d:1e:93:d3:4d:e1:43:c6:51:f7:bf:c7:54:
c4:d6:0a:60:b1:13:eb:a5:bf:18:a5:b6:32:b9:14:02:bd:72:
03:1b:75:56:78:ac:d4:62:7d:88:77:95:60:a1:60:85:10:b1:
99:dc:e4:9f:94:f2:2b:48:a0:d2:e9:01:5a:04:be:55:ab:f3:
b8:bc:0f:16
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYSaJl4jYcGLobBGYsKeJkMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIxMTIyNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg1Y2U5NjU1MWUyNDI2MzVjMzRkYjdhOTI4ZDExZjk1ZDZiNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDkVRqplKAuegxPppXvLHY6EXzN1
1NieL+YjTuOdquHXqLdlyp0P6JQ6CvFOQYDvFPCi/D+jwsuRfMpVSiDhTfiDvXch
d0kG8Fec3bKltYXCcMA2KiLyfzS9R2d4d+DRYYZkVTsKHaSVgd8oiYqo/a+oMMIP
3EZqvHhOUDusfg8C6p4s44dTRmfM+4N6j2rk9s7ae30gGcTJbVcmc0Xo4Dd3fn1i
wJIggV1yYu0UkqevxJaaVszMjhvAhBWuDHNwK7L3a7O8R/Tj/CI24d9PyzMoPfPS
41x9o5tbhqRKEbgJwirjGzW91/VIyNAU2pOsFMVZcITUknNc763KEgTqZQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNqFzpZVHiQmNcNNt6ko0R+V1rQvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMm9YT2xsVWVKQ1kxdzAyM3FTalJINVhXdEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwXwDAwQA
wlcmAwQAwldJAwQBwleCAwQAwlemAwQAwleoAwQAwleyAwQAwocXAwQAwzojAwQA
w4UAAwQAw4UjAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQBzOB53n68RrcbrQoN2
FcacSHR1mysTbyi3i+ascOekwlvujGlMJDbLzyC9xnBZ/c8qHCTPzkjvo9uN3fdx
iQEeHRR194Eo2zqhFeO0/xAyrEnziyU8k9wM0UitnZMrmxO125vg5UJ/eoGS9SS0
1329Rz2So19ODVSGCtxP9l0cP9exxsC+SK+oon9IRH74yVDrZX5J8qDB4pQy5dzk
3H68RY3d6G3sGX0XYwbhV+VXL7TTJOwWv0X8oV0ek9NN4UPGUfe/x1TE1gpgsRPr
pb8YpbYyuRQCvXIDG3VWeKzUYn2Id5VgoWCFELGZ3OSflPIrSKDS6QFaBL5Vq/O4
vA8W
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org