Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3X9FUYa1m1yG7-_w0WfLfd7z7b0.roa
File: 3X9FUYa1m1yG7-_w0WfLfd7z7b0.roa (raw, json)
Hash identifier: Jn3aIaBkEjAhE+QD5jAIkda6AynpEXLk/uzssE/v3J4=
Subject key identifier: DD:7F:45:51:86:B5:9B:5C:86:EF:EF:F0:D1:67:CB:7D:DE:F3:ED:BD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185257530F4A65456BEF46C6733634268DF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3X9FUYa1m1yG7-_w0WfLfd7z7b0.roa
Signing time: Sun 18 Dec 2022 13:38:35 +0000
ROA not before: Sun 18 Dec 2022 13:38:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:25:75:30:f4:a6:54:56:be:f4:6c:67:33:63:42:68:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 18 13:38:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd7f455186b59b5c86efeff0d167cb7ddef3edbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:be:16:5e:00:10:4f:d8:dc:8b:cd:0c:7c:c7:
70:10:09:ee:14:91:36:ef:cf:e9:5e:ce:cd:29:d8:
d3:5c:79:72:fe:cf:b7:eb:c3:6e:e7:d5:fb:1a:e6:
56:41:8e:da:fc:6e:68:d8:de:99:52:49:e3:22:80:
3d:35:29:da:67:2a:53:ca:65:36:f7:c6:36:c2:13:
ac:af:cf:9c:1e:81:20:27:98:a3:3b:81:37:fe:69:
83:74:d0:ec:ec:28:bc:a2:53:44:71:2f:00:d7:1f:
e4:85:14:53:a4:37:ba:ec:0d:53:d8:5e:70:39:4a:
46:0b:fb:c4:6c:16:5c:0b:03:ea:09:02:8c:05:4e:
48:34:f6:20:7f:41:97:3d:22:be:28:03:80:f4:61:
98:df:c3:ff:e4:e3:08:dc:85:70:e0:0b:f6:01:07:
34:be:3d:c9:da:c3:e3:5a:26:0a:07:af:15:8b:3d:
66:e4:ba:99:11:f9:58:74:81:f0:99:c5:9f:4f:a0:
d4:d5:63:1e:f5:76:21:a4:b0:20:89:79:87:a6:19:
8f:c1:e4:d5:33:b2:76:f9:31:cd:3a:bc:66:93:ba:
04:5e:a7:ee:0b:14:ee:0a:74:93:56:6d:7c:4f:86:
8d:56:96:6e:4d:e4:9f:4f:5d:fc:90:52:a8:81:69:
04:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7F:45:51:86:B5:9B:5C:86:EF:EF:F0:D1:67:CB:7D:DE:F3:ED:BD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3X9FUYa1m1yG7-_w0WfLfd7z7b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.205.0/24
194.87.64.0/24
194.87.207.0/24
212.192.7.0/24
Signature Algorithm: sha256WithRSAEncryption
50:9d:6f:b4:47:8c:98:0e:66:44:eb:d5:33:e5:61:1b:4a:4c:
b7:ab:65:c3:3e:31:97:e7:6b:a5:b0:28:80:b9:21:f6:10:0a:
81:44:1d:ee:73:cb:15:aa:90:f7:71:3a:77:48:07:da:67:a4:
95:6d:6e:de:f7:3f:f5:43:33:0a:29:b9:a8:c4:03:f4:23:75:
3f:e2:37:a3:f4:63:37:bc:1e:63:69:dc:0c:09:85:58:03:68:
c2:47:c7:b0:24:eb:16:23:0a:90:9d:d9:63:98:97:a0:cc:28:
a9:b3:9c:b9:4a:4c:fe:7a:63:ff:99:d3:5b:42:0c:bf:91:ba:
4f:9b:48:91:fa:64:29:c8:5a:0b:09:39:1b:c6:0d:87:3e:68:
1b:fa:03:5a:53:99:c9:a4:b5:6c:57:6a:0b:53:82:4d:98:93:
e6:a6:25:84:5f:a5:ca:36:14:09:29:e2:7c:80:2a:7e:f7:83:
05:5c:63:10:99:fd:32:66:5b:1c:b3:e1:59:35:9f:dc:69:32:
cc:4e:18:f2:3d:0a:66:a0:28:5c:73:5f:7a:c1:fe:da:6f:29:
52:02:34:03:d1:2c:df:0d:e8:fe:55:46:38:30:b9:a1:90:a6:
45:12:75:06:a9:d6:6e:fc:b2:ad:6b:fa:38:26:bc:03:86:cb:
cf:42:52:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUldTD0plRWvvRsZzNjQmjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE4MTMzODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdmNDU1MTg2YjU5YjVjODZlZmVmZjBkMTY3Y2I3ZGRlZjNlZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL4WXgAQT9jci80MfMdwEAnuFJE2
78/pXs7NKdjTXHly/s+368Nu59X7GuZWQY7a/G5o2N6ZUknjIoA9NSnaZypTymU2
98Y2whOsr8+cHoEgJ5ijO4E3/mmDdNDs7Ci8olNEcS8A1x/khRRTpDe67A1T2F5w
OUpGC/vEbBZcCwPqCQKMBU5INPYgf0GXPSK+KAOA9GGY38P/5OMI3IVw4Av2AQc0
vj3J2sPjWiYKB68Viz1m5LqZEflYdIHwmcWfT6DU1WMe9XYhpLAgiXmHphmPweTV
M7J2+THNOrxmk7oEXqfuCxTuCnSTVm18T4aNVpZuTeSfT138kFKogWkEBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN1/RVGGtZtchu/v8NFny33e8+29MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM1g5RlVZYTFtMXlHNy1fdzBXZkxmZDd6N2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzNAwQA
wldAAwQAwlfPAwQA1MAHMA0GCSqGSIb3DQEBCwUAA4IBAQBQnW+0R4yYDmZE69Uz
5WEbSky3q2XDPjGX52ulsCiAuSH2EAqBRB3uc8sVqpD3cTp3SAfaZ6SVbW7e9z/1
QzMKKbmoxAP0I3U/4jej9GM3vB5jadwMCYVYA2jCR8ewJOsWIwqQndljmJegzCip
s5y5Skz+emP/mdNbQgy/kbpPm0iR+mQpyFoLCTkbxg2HPmgb+gNaU5nJpLVsV2oL
U4JNmJPmpiWEX6XKNhQJKeJ8gCp+94MFXGMQmf0yZlscs+FZNZ/caTLMThjyPQpm
oChcc196wf7abylSAjQD0SzfDej+VUY4MLmhkKZFEnUGqdZu/LKta/o4JrwDhsvP
QlLq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org