Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/37-8pPAj5ge4y659GGahkbljASE.roa
File: 37-8pPAj5ge4y659GGahkbljASE.roa (raw, json)
Hash identifier: 0+3FuoisupRRxsnmGgFxRVVU6FkeYcNXEXzt+5TrqWA=
Subject key identifier: DF:BF:BC:A4:F0:23:E6:07:B8:CB:AE:7D:18:66:A1:91:B9:63:01:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0EA64BF6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/37-8pPAj5ge4y659GGahkbljASE.roa
Signing time: Tue 08 Feb 2022 14:30:32 +0000
ROA not before: Tue 08 Feb 2022 14:30:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 212.193.30.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245779446 (0xea64bf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 8 14:30:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfbfbca4f023e607b8cbae7d1866a191b9630121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d8:40:b8:ae:21:84:46:7c:29:5d:67:a1:fa:
2c:f8:60:f0:0a:71:9d:8c:f1:18:b9:c0:b3:18:2c:
c7:ed:2e:2e:54:ce:ad:19:fc:a4:19:ae:38:b9:4c:
2b:29:f5:3f:04:d9:e7:cd:b4:89:00:44:dc:41:be:
f6:dc:78:57:ea:42:86:02:c7:f8:09:72:ad:3b:07:
2b:8d:ec:8d:88:16:3a:db:aa:23:84:55:7d:2d:8c:
80:a8:cc:5b:02:f8:35:46:4b:f5:52:2a:08:8e:f0:
cf:ac:bc:b6:28:fb:ae:a9:57:a7:9f:64:00:31:70:
6e:8b:1e:04:df:54:0c:0c:27:80:4d:a5:75:21:1e:
a7:4a:9f:a7:c6:eb:6f:20:6a:ee:b1:05:e7:d3:3d:
e0:0c:cb:e2:65:52:77:aa:10:41:1f:6d:c4:c0:14:
b9:80:f4:5f:91:ab:f4:25:d2:24:48:3c:34:6f:15:
e1:45:1b:14:48:5e:f9:6c:d4:7e:e2:0f:33:54:d3:
30:bd:92:fe:33:83:b9:02:4a:4e:ed:62:f3:3b:3f:
3d:24:74:68:78:d4:73:4f:ce:43:a0:fc:94:ae:d8:
3b:53:85:e4:7f:54:8d:db:48:2b:06:6c:73:d0:1b:
fa:84:29:f8:93:9c:15:c9:b4:23:bf:e2:d2:e4:01:
34:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:BF:BC:A4:F0:23:E6:07:B8:CB:AE:7D:18:66:A1:91:B9:63:01:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/37-8pPAj5ge4y659GGahkbljASE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.84.0/22
195.133.18.0/24
195.133.38.0/24
195.133.40.0/24
212.192.241.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
17:53:54:d2:55:a7:13:8b:bd:c8:85:c7:12:1f:03:89:64:0a:
6a:04:b5:b1:7a:f3:ff:e9:b6:67:a2:3f:46:34:68:c1:c4:0c:
e2:19:85:79:0c:67:b0:24:d6:72:3d:40:44:15:dc:63:dd:3a:
15:4f:28:27:3a:29:01:26:4e:e3:bd:59:df:20:0b:ce:a9:e0:
ad:75:ee:33:fa:82:62:fd:1d:4b:ec:8c:83:39:7c:95:c1:8d:
d6:5c:e9:bd:97:2c:bf:0e:fb:28:86:46:57:d4:73:e2:84:7d:
d9:26:bb:93:28:c9:e5:78:65:46:83:ed:e0:54:9b:45:40:42:
f0:63:a5:1a:ec:29:f9:6e:9d:b0:7a:b2:72:e4:4f:e7:9c:c5:
5a:d6:02:de:e6:05:4c:9d:42:48:39:30:8d:95:4e:c5:9c:c6:
2c:10:c8:d2:53:90:1f:57:02:38:22:49:ad:50:fb:e6:a9:f4:
cb:11:78:7f:de:b6:55:6b:bb:99:e1:7f:a6:26:28:20:9c:09:
0a:24:df:89:7c:72:a2:56:82:ba:df:dc:c7:98:b5:01:d0:85:
1a:20:a4:e3:bf:3c:15:69:09:e7:0c:52:03:07:40:52:ec:98:
c6:1c:7f:ac:38:ae:35:35:fd:51:82:eb:ea:41:1c:a0:fd:1d:
a8:6e:e6:9b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEDqZL9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDIw
ODE0MzAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZiZmJjYTRmMDIz
ZTYwN2I4Y2JhZTdkMTg2NmExOTFiOTYzMDEyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLYQLiuIYRGfCldZ6H6LPhg8ApxnYzxGLnAsxgsx+0uLlTO
rRn8pBmuOLlMKyn1PwTZ5820iQBE3EG+9tx4V+pChgLH+AlyrTsHK43sjYgWOtuq
I4RVfS2MgKjMWwL4NUZL9VIqCI7wz6y8tij7rqlXp59kADFwboseBN9UDAwngE2l
dSEep0qfp8brbyBq7rEF59M94AzL4mVSd6oQQR9txMAUuYD0X5Gr9CXSJEg8NG8V
4UUbFEhe+WzUfuIPM1TTML2S/jODuQJKTu1i8zs/PSR0aHjUc0/OQ6D8lK7YO1OF
5H9UjdtIKwZsc9Ab+oQp+JOcFcm0I7/i0uQBND0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTfv7yk8CPmB7jLrn0YZqGRuWMBITAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
LzM3LThwUEFqNWdlNHk2NTlHR2Foa2JsakFTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAsJXVAMEAMOFEgMEAMOFJgMEAMOF
KAMEANTA8QMEANTBHjANBgkqhkiG9w0BAQsFAAOCAQEAF1NU0lWnE4u9yIXHEh8D
iWQKagS1sXrz/+m2Z6I/RjRowcQM4hmFeQxnsCTWcj1ARBXcY906FU8oJzopASZO
471Z3yALzqngrXXuM/qCYv0dS+yMgzl8lcGN1lzpvZcsvw77KIZGV9Rz4oR92Sa7
kyjJ5XhlRoPt4FSbRUBC8GOlGuwp+W6dsHqycuRP55zFWtYC3uYFTJ1CSDkwjZVO
xZzGLBDI0lOQH1cCOCJJrVD75qn0yxF4f962VWu7meF/piYoIJwJCiTfiXxyolaC
ut/cx5i1AdCFGiCk4788FWkJ5wxSAwdAUuyYxhx/rDiuNTX9UYLr6kEcoP0dqG7m
mw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org