Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/38g2pGnbzZMs_iDwGk3z_DwOI6w.roa
File: 38g2pGnbzZMs_iDwGk3z_DwOI6w.roa (raw, json)
Hash identifier: 5EqeYbD71q6X5WJzi+61Ti8gOlAQ61YoovnermFKXNY=
Subject key identifier: DF:C8:36:A4:69:DB:CD:93:2C:FE:20:F0:1A:4D:F3:FC:3C:0E:23:AC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852A27729E82E8178E478AA4ECAB044F7A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/38g2pGnbzZMs_iDwGk3z_DwOI6w.roa
Signing time: Mon 19 Dec 2022 11:31:46 +0000
ROA not before: Mon 19 Dec 2022 11:31:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213028
IP address blocks: 194.135.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:27:72:9e:82:e8:17:8e:47:8a:a4:ec:ab:04:4f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 11:31:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfc836a469dbcd932cfe20f01a4df3fc3c0e23ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fe:62:28:a6:56:59:a9:f8:4b:b1:29:ad:e4:
bb:e5:59:f5:a5:a2:19:85:46:62:94:ff:b4:24:30:
7a:1d:99:e3:60:c1:31:98:2d:f0:76:da:3b:df:0b:
8b:e4:1c:25:ad:6b:40:83:40:7b:cd:4d:5d:ce:ad:
aa:d7:f5:17:56:ec:af:9a:7b:8c:04:77:34:a0:24:
78:5d:3b:23:4a:3c:65:1e:b3:70:96:07:d2:de:cf:
77:fa:49:80:e7:b8:57:50:b0:8a:a7:d6:e6:5c:09:
2e:da:e6:0f:e7:46:84:5d:77:1a:0a:2e:28:34:1b:
65:08:0e:a3:9a:b9:bd:b9:e2:46:1d:ef:a6:96:d7:
6e:d9:8c:17:8f:32:01:8c:c8:c2:61:5e:b7:93:51:
d2:9f:98:a2:86:26:55:59:20:28:8e:a9:ae:35:bd:
ef:93:e7:fc:e9:71:fa:61:21:4d:a1:56:f9:f7:60:
44:eb:75:78:b0:7b:78:ac:75:4a:7c:f1:7f:f6:ac:
b5:7c:74:be:3e:67:f3:37:8f:e9:ca:7f:6b:1a:2b:
3c:ec:0f:d2:f7:fb:50:5e:e1:a9:17:ea:2d:f9:15:
89:ac:b5:81:3a:90:b5:6a:18:a6:35:8f:0a:e7:33:
74:4e:e5:05:aa:0c:92:70:e7:de:5f:44:f7:c5:5d:
49:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C8:36:A4:69:DB:CD:93:2C:FE:20:F0:1A:4D:F3:FC:3C:0E:23:AC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/38g2pGnbzZMs_iDwGk3z_DwOI6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.124.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ef:f8:ef:3c:b6:0c:73:9e:97:2b:95:38:45:7c:f5:fc:e0:
8b:a1:08:8d:78:63:65:20:9c:4a:dc:cc:ba:88:1d:4e:33:e2:
2c:86:26:71:b5:b3:42:78:da:59:74:0d:87:d8:39:53:84:02:
60:f2:ea:a0:10:49:83:36:77:68:9a:d5:70:42:3d:bb:7e:15:
25:bc:3a:9c:d6:e3:64:7a:cb:ca:92:14:c3:ab:a4:24:b6:7f:
ac:da:b7:a3:c7:34:69:e7:da:48:f4:ed:82:7b:0a:2a:41:95:
f6:4d:d0:2c:2d:4d:7d:6a:b7:9b:af:1f:79:4c:94:4e:58:20:
59:b1:bf:29:d7:0c:0f:0b:ea:4b:f4:ef:37:f6:f6:44:a9:21:
05:82:ef:86:c0:f1:2f:5e:75:52:76:c8:1b:73:35:e7:a2:73:
70:be:62:be:59:a8:69:2c:ee:9e:70:89:a4:20:00:f6:5a:8c:
ff:4a:07:b1:06:38:04:06:1c:14:8c:af:8e:76:7e:c0:c1:14:
f5:0c:3c:86:3b:30:f5:37:bd:16:9c:88:68:ff:45:fb:b8:63:
ce:bb:5c:d4:72:d8:6f:6a:2f:e4:ca:4c:70:1c:cc:2d:82:77:
dd:b4:cf:23:90:c9:82:6e:f7:da:ed:e9:a7:f6:f6:20:c9:64:
8a:90:be:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUqJ3KegugXjkeKpOyrBE96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE5MTEzMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmM4MzZhNDY5ZGJjZDkzMmNmZTIwZjAxYTRkZjNmYzNjMGUyM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf5iKKZWWan4S7EpreS75Vn1paIZ
hUZilP+0JDB6HZnjYMExmC3wdto73wuL5BwlrWtAg0B7zU1dzq2q1/UXVuyvmnuM
BHc0oCR4XTsjSjxlHrNwlgfS3s93+kmA57hXULCKp9bmXAku2uYP50aEXXcaCi4o
NBtlCA6jmrm9ueJGHe+mltdu2YwXjzIBjMjCYV63k1HSn5iihiZVWSAojqmuNb3v
k+f86XH6YSFNoVb592BE63V4sHt4rHVKfPF/9qy1fHS+PmfzN4/pyn9rGis87A/S
9/tQXuGpF+ot+RWJrLWBOpC1ahimNY8K5zN0TuUFqgyScOfeX0T3xV1JZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/INqRp282TLP4g8BpN8/w8DiOsMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzhnMnBHbmJ6Wk1zX2lEd0drM3pfRHdPSTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwod8MA0G
CSqGSIb3DQEBCwUAA4IBAQBv7/jvPLYMc56XK5U4RXz1/OCLoQiNeGNlIJxK3My6
iB1OM+IshiZxtbNCeNpZdA2H2DlThAJg8uqgEEmDNndomtVwQj27fhUlvDqc1uNk
esvKkhTDq6Qktn+s2rejxzRp59pI9O2CewoqQZX2TdAsLU19arebrx95TJROWCBZ
sb8p1wwPC+pL9O839vZEqSEFgu+GwPEvXnVSdsgbczXnonNwvmK+WahpLO6ecImk
IAD2Woz/SgexBjgEBhwUjK+Odn7AwRT1DDyGOzD1N70WnIho/0X7uGPOu1zUcthv
ai/kykxwHMwtgnfdtM8jkMmCbvfa7emn9vYgyWSKkL6u
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:55 2023 by rpki-client on console-fra.rpki-client.org