Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2qF0GIH5byLXMfFIG8pOrTcR9ns.roa
File: 2qF0GIH5byLXMfFIG8pOrTcR9ns.roa (raw, json)
Hash identifier: fQ7GaKE/969U21ABJ/wartRPXRCfwosYGQ4hPFGJgMA=
Subject key identifier: DA:A1:74:18:81:F9:6F:22:D7:31:F1:48:1B:CA:4E:AD:37:11:F6:7B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183EA77DE953D493CC6B7808C794BDF8DE7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2qF0GIH5byLXMfFIG8pOrTcR9ns.roa
Signing time: Tue 18 Oct 2022 09:41:07 +0000
ROA not before: Tue 18 Oct 2022 09:41:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 193.124.3.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:77:de:95:3d:49:3c:c6:b7:80:8c:79:4b:df:8d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 18 09:41:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daa1741881f96f22d731f1481bca4ead3711f67b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:db:d4:41:8d:23:bf:63:24:b8:02:b8:97:7b:
19:3d:84:53:c5:6b:e2:91:79:ec:47:91:03:94:1d:
a9:ca:35:7c:8d:81:d9:74:88:6a:9c:4f:c1:88:0f:
a8:ad:85:81:95:5d:d7:37:5a:f1:71:3b:f5:1d:4a:
dd:5e:fa:3f:ee:7b:0b:a9:38:02:c7:b4:17:6b:8c:
86:ca:a3:da:94:84:d1:5b:41:a0:8a:2d:0b:f9:b8:
c5:1f:a3:a3:3e:11:b3:37:48:57:12:0c:21:c6:bb:
11:fe:6c:c1:49:66:8e:73:b8:d0:75:de:3d:ad:48:
0c:eb:10:55:cc:24:f6:40:12:bc:ca:80:82:3f:de:
c3:aa:64:c0:d9:1b:9e:df:34:6f:13:19:fb:36:5a:
91:fa:fd:33:46:6c:a1:20:7e:13:e7:6f:d5:e9:d4:
24:e0:45:ff:be:92:88:5b:fb:67:2b:4c:9e:bb:99:
e0:65:11:79:65:14:b1:14:44:a3:a7:4c:71:37:07:
da:db:0f:8a:0e:dd:fb:ba:11:04:c9:37:45:5e:96:
96:1c:63:ef:44:f6:aa:c3:d2:fd:87:72:b9:17:cb:
ce:16:1b:8c:ba:a7:72:1e:10:bc:3b:c4:ff:ad:97:
14:a3:91:63:bb:1b:ec:a1:c7:20:5a:3c:46:18:d2:
e1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A1:74:18:81:F9:6F:22:D7:31:F1:48:1B:CA:4E:AD:37:11:F6:7B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2qF0GIH5byLXMfFIG8pOrTcR9ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.118.0/24
194.87.160.0/24
194.87.187.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:50:73:34:ba:94:8c:c7:81:e2:e1:40:e6:64:e6:be:eb:20:
e7:94:2b:71:92:bd:9b:61:71:8f:85:de:7b:91:61:27:ae:d3:
e4:96:a9:1e:5f:97:74:bd:8b:0f:90:a1:ed:ae:07:23:7b:03:
8c:20:e9:35:d3:b1:b2:9c:b1:fc:f7:24:a5:7d:31:67:6c:b6:
2c:f3:42:fc:ee:71:ec:8b:08:b1:a3:ef:5e:1c:dc:c7:d7:5c:
1f:13:2b:7e:3f:21:4b:56:d7:51:fe:c7:03:1e:fa:e0:b6:8e:
56:8e:23:db:7e:6c:30:76:25:f3:24:4c:7d:19:02:5a:c8:5f:
b4:bd:5c:3e:15:f0:47:67:33:ec:3b:8f:60:df:00:04:b8:ec:
de:a3:ed:88:26:71:f6:3e:2b:f3:07:bc:b4:6a:6b:84:6e:66:
64:78:9f:6d:c4:9e:94:d2:e0:de:d9:80:04:18:c7:17:b0:30:
9c:9f:a1:d0:85:a0:df:5f:e6:df:33:e1:4e:3a:c6:c5:4f:01:
42:08:27:0b:45:b0:25:2a:12:b1:f0:a6:5c:3d:80:ae:7a:af:
11:6a:a7:d3:6d:37:5d:d7:35:40:e4:63:17:fc:18:b3:6d:73:
7f:fb:33:3d:6c:61:cf:6e:ff:f1:0c:10:25:06:d1:be:48:68:
04:0e:32:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPqd96VPUk8xreAjHlL343nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE4MDk0MTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWExNzQxODgxZjk2ZjIyZDczMWYxNDgxYmNhNGVhZDM3MTFmNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNvUQY0jv2MkuAK4l3sZPYRTxWvi
kXnsR5EDlB2pyjV8jYHZdIhqnE/BiA+orYWBlV3XN1rxcTv1HUrdXvo/7nsLqTgC
x7QXa4yGyqPalITRW0Ggii0L+bjFH6OjPhGzN0hXEgwhxrsR/mzBSWaOc7jQdd49
rUgM6xBVzCT2QBK8yoCCP97DqmTA2Rue3zRvExn7NlqR+v0zRmyhIH4T52/V6dQk
4EX/vpKIW/tnK0yeu5ngZRF5ZRSxFESjp0xxNwfa2w+KDt37uhEEyTdFXpaWHGPv
RPaqw9L9h3K5F8vOFhuMuqdyHhC8O8T/rZcUo5FjuxvsoccgWjxGGNLh2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNqhdBiB+W8i1zHxSBvKTq03EfZ7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMnFGMEdJSDVieUxYTWZGSUc4cE9yVGNSOW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwDAwQA
wld2AwQAwlegAwQAwle7MA0GCSqGSIb3DQEBCwUAA4IBAQAcUHM0upSMx4Hi4UDm
ZOa+6yDnlCtxkr2bYXGPhd57kWEnrtPklqkeX5d0vYsPkKHtrgcjewOMIOk107Gy
nLH89ySlfTFnbLYs80L87nHsiwixo+9eHNzH11wfEyt+PyFLVtdR/scDHvrgto5W
jiPbfmwwdiXzJEx9GQJayF+0vVw+FfBHZzPsO49g3wAEuOzeo+2IJnH2PivzB7y0
amuEbmZkeJ9txJ6U0uDe2YAEGMcXsDCcn6HQhaDfX+bfM+FOOsbFTwFCCCcLRbAl
KhKx8KZcPYCueq8RaqfTbTdd1zVA5GMX/BizbXN/+zM9bGHPbv/xDBAlBtG+SGgE
DjL+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org