Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2t8Lmb_PdAcu2Bw8YKcxIRrhG-g.roa
File: 2t8Lmb_PdAcu2Bw8YKcxIRrhG-g.roa (raw, json)
Hash identifier: 6NR/CMl0Z7mKf0sTb/LLlj08WIh7aLdqhcslpjeltP4=
Subject key identifier: DA:DF:0B:99:BF:CF:74:07:2E:D8:1C:3C:60:A7:31:21:1A:E1:1B:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018356416A091130F723573232F0110869F2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2t8Lmb_PdAcu2Bw8YKcxIRrhG-g.roa
Signing time: Mon 19 Sep 2022 14:57:51 +0000
ROA not before: Mon 19 Sep 2022 14:57:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:56:41:6a:09:11:30:f7:23:57:32:32:f0:11:08:69:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 19 14:57:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dadf0b99bfcf74072ed81c3c60a731211ae11be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b4:dd:93:d6:3e:8c:78:0a:c3:47:53:ae:42:
cc:55:b3:13:d2:20:b2:5a:69:72:0f:f9:7a:e2:e9:
e0:ba:8e:0a:59:2e:61:f6:52:88:ad:10:b3:02:31:
bb:ea:06:9d:0e:18:4e:f4:08:33:bb:d8:c9:c6:17:
10:95:92:78:2f:1b:63:aa:2f:f3:52:c5:ac:f7:bc:
f9:6e:09:11:1b:71:29:44:5b:94:91:5d:0a:23:49:
8f:6b:a2:e6:5c:e6:9f:2d:07:c1:aa:ac:44:42:53:
9b:d4:e9:8c:5b:ac:3c:59:50:29:93:76:1f:65:82:
08:1a:5b:ef:4c:b5:64:6f:19:0d:97:9f:a3:15:ff:
71:58:34:af:5b:c1:45:1e:96:66:c5:1f:f1:e1:61:
72:ab:ee:c6:a0:ba:8e:31:9a:6f:d9:ff:03:1b:9c:
17:51:d8:be:d8:b8:1b:0c:6f:0f:83:4b:fc:48:be:
69:85:92:ec:1b:e3:18:69:c1:b8:25:16:eb:e5:8d:
3d:9a:2d:e2:74:ac:5b:3e:a4:39:38:e8:67:cb:a2:
95:05:66:42:d4:a5:6e:d6:cc:26:d8:8c:1d:58:fa:
7a:40:04:9b:de:55:73:17:45:e8:0b:5b:2d:a0:1d:
8c:50:71:26:58:f4:25:0d:98:1d:66:70:88:9e:e5:
b5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DF:0B:99:BF:CF:74:07:2E:D8:1C:3C:60:A7:31:21:1A:E1:1B:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2t8Lmb_PdAcu2Bw8YKcxIRrhG-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.133.0/24
194.87.164.0/24
194.87.199.0/24
194.87.252.0/24
194.135.23.0/24
195.133.193.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:60:7a:c8:4e:3c:b9:ad:b1:13:95:98:50:a1:92:77:64:72:
34:39:dd:06:29:c8:13:9f:6b:22:6b:c1:a1:d5:ef:35:05:d6:
1a:7c:db:00:55:b0:2b:96:77:fd:a4:5e:1e:86:b8:49:fe:cd:
54:aa:11:a9:37:a6:55:b3:85:91:29:b6:38:a1:17:57:2e:bb:
9e:2b:aa:f4:f9:38:17:16:af:38:0f:60:68:a4:56:4e:49:c8:
0d:10:73:16:99:5a:ac:6c:c6:5d:86:61:52:13:77:e9:05:8c:
b9:99:ad:df:28:1d:e7:5b:f2:4f:6e:59:df:28:97:d0:46:79:
aa:37:fe:67:c9:5b:f4:d4:4d:9f:95:91:38:3b:33:07:58:ac:
06:83:cd:8e:35:55:09:41:04:6a:8e:b7:d1:c7:b2:11:51:9b:
67:89:95:ab:9e:1b:cf:31:67:96:37:8c:db:98:1b:f4:62:b6:
0d:c7:24:75:55:eb:fc:d9:07:d8:54:38:3e:0b:41:ae:7e:e7:
41:f9:7a:e8:53:8c:a7:05:5c:5a:6e:41:a9:fb:f4:19:4a:47:
4e:59:b9:d7:81:56:cf:69:8d:95:b4:71:4e:a8:94:f8:e3:bb:
2b:71:45:ca:0c:c1:46:5f:ff:9b:eb:27:88:cb:a2:09:90:9b:
80:ec:29:b4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYNWQWoJETD3I1cyMvARCGnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTE5MTQ1NzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRmMGI5OWJmY2Y3NDA3MmVkODFjM2M2MGE3MzEyMTFhZTExYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirTdk9Y+jHgKw0dTrkLMVbMT0iCy
WmlyD/l64unguo4KWS5h9lKIrRCzAjG76gadDhhO9Agzu9jJxhcQlZJ4Lxtjqi/z
UsWs97z5bgkRG3EpRFuUkV0KI0mPa6LmXOafLQfBqqxEQlOb1OmMW6w8WVApk3Yf
ZYIIGlvvTLVkbxkNl5+jFf9xWDSvW8FFHpZmxR/x4WFyq+7GoLqOMZpv2f8DG5wX
Udi+2LgbDG8Pg0v8SL5phZLsG+MYacG4JRbr5Y09mi3idKxbPqQ5OOhny6KVBWZC
1KVu1swm2IwdWPp6QASb3lVzF0XoC1stoB2MUHEmWPQlDZgdZnCInuW1iQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNrfC5m/z3QHLtgcPGCnMSEa4RvoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMnQ4TG1iX1BkQWN1MkJ3OFlLY3hJUnJoRy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXyFAwQA
wlekAwQAwlfHAwQAwlf8AwQAwocXAwQAw4XBAwQA1MECMA0GCSqGSIb3DQEBCwUA
A4IBAQCMYHrITjy5rbETlZhQoZJ3ZHI0Od0GKcgTn2sia8Gh1e81BdYafNsAVbAr
lnf9pF4ehrhJ/s1UqhGpN6ZVs4WRKbY4oRdXLrueK6r0+TgXFq84D2BopFZOScgN
EHMWmVqsbMZdhmFSE3fpBYy5ma3fKB3nW/JPblnfKJfQRnmqN/5nyVv01E2flZE4
OzMHWKwGg82ONVUJQQRqjrfRx7IRUZtniZWrnhvPMWeWN4zbmBv0YrYNxyR1Vev8
2QfYVDg+C0GufudB+XroU4ynBVxabkGp+/QZSkdOWbnXgVbPaY2VtHFOqJT447sr
cUXKDMFGX/+b6yeIy6IJkJuA7Cm0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org