Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/57D1-FcycXuuNW6XxXKLETAixz0.roa
File: 57D1-FcycXuuNW6XxXKLETAixz0.roa (raw, json)
Hash identifier: /4lC8wDpcpK5yREdvZh/PaNa6nsYi/Qt/NCA/L19aQA=
Subject key identifier: E7:B0:F5:F8:57:32:71:7B:AE:35:6E:97:C5:72:8B:11:30:22:C7:3D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183A815A4083C3928D465E966C38E5291EF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/57D1-FcycXuuNW6XxXKLETAixz0.roa
Signing time: Wed 05 Oct 2022 12:18:54 +0000
ROA not before: Wed 05 Oct 2022 12:18:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 212.193.24.0/22 maxlen: 24
194.87.216.0/24 maxlen: 24
194.87.218.0/24 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:15:a4:08:3c:39:28:d4:65:e9:66:c3:8e:52:91:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 5 12:18:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7b0f5f85732717bae356e97c5728b113022c73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9a:55:f0:d2:a6:0d:3e:c1:b6:44:8b:0d:ca:
02:2d:c2:ab:1e:17:55:63:01:74:3d:d2:b1:ed:bc:
ca:20:69:fe:2d:94:39:13:e3:1c:57:30:34:97:db:
fd:b8:6b:30:11:1f:4d:07:8e:bd:a2:97:f3:87:ad:
91:8b:8d:0a:e9:ac:57:46:f2:26:cf:ac:1b:88:91:
17:9c:ce:14:f4:39:4d:52:2e:3b:17:7d:07:43:70:
45:2d:38:57:b6:d1:24:b3:ad:b4:21:77:3e:12:bc:
30:27:d4:68:e6:cf:7b:e4:5c:9e:69:77:03:dc:c8:
62:31:a0:52:c3:43:53:1b:f7:b8:86:04:40:a8:21:
6a:cf:0e:5b:3a:cc:10:c8:2b:cf:cc:92:cc:ca:86:
95:36:02:01:90:73:f5:86:01:70:d4:91:b9:61:4b:
55:e8:ce:75:44:20:c9:7d:99:7f:7d:f5:f1:7f:63:
70:0c:c1:cf:01:a0:6f:79:a2:a6:d8:60:77:f3:fc:
e0:7b:eb:23:91:3c:6b:b1:bf:9e:96:c5:19:3d:c2:
b3:ee:d3:b1:00:76:5a:3d:3e:08:98:6c:41:52:72:
91:80:6f:22:6a:66:50:43:4a:9d:11:1c:35:ae:83:
2b:4a:5c:f1:6d:6f:fe:2a:d5:bb:f0:1b:3f:de:27:
f5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B0:F5:F8:57:32:71:7B:AE:35:6E:97:C5:72:8B:11:30:22:C7:3D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/57D1-FcycXuuNW6XxXKLETAixz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.36.0/22
194.87.216.0/24
194.87.218.0/24
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.25.0-195.133.27.255
195.133.59.0/24
212.192.14.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:0b:89:4c:18:26:a4:c1:6b:86:03:9f:c1:67:95:37:04:74:
08:e6:3a:c3:cb:2d:94:a9:94:c3:9d:6f:0b:4b:a2:79:ef:ee:
64:13:56:a0:fb:54:00:f6:73:ba:d4:67:a8:54:11:d8:2a:8b:
62:4d:d5:2c:9f:58:e0:e4:ec:6a:b0:d8:21:ed:bc:f0:d1:f2:
e8:7f:4c:61:9a:6a:c5:4c:00:49:2b:04:7a:04:7e:08:88:72:
9a:35:70:e1:68:ac:4a:09:82:90:5f:c6:de:b5:b9:cd:0a:f3:
1d:f0:7b:60:3a:d0:4b:c3:dd:01:dc:82:37:72:13:bf:55:18:
45:04:e6:01:26:bc:35:2b:ba:ef:ab:3a:2d:23:ec:f9:ed:37:
1f:42:8b:77:67:35:c9:48:4b:1e:1c:bc:d8:3c:ce:0d:9a:57:
43:42:7a:99:f8:d1:f3:40:71:1c:b9:f5:72:63:72:9a:61:c7:
c6:d9:ad:82:a2:ba:47:9a:09:71:40:7e:79:e1:73:0f:4b:05:
b8:63:fa:35:60:c9:f2:7b:09:65:10:b2:ce:1a:20:b8:0d:8c:
11:7a:8e:1d:99:71:5c:c6:42:11:7d:8f:d5:e6:d0:fd:50:a6:
b0:ca:7a:1c:15:eb:0d:a5:60:23:68:1b:1d:fc:84:fe:55:c8:
2a:f1:68:ba
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYOoFaQIPDko1GXpZsOOUpHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDA1MTIxODU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2IwZjVmODU3MzI3MTdiYWUzNTZlOTdjNTcyOGIxMTMwMjJjNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZpV8NKmDT7BtkSLDcoCLcKrHhdV
YwF0PdKx7bzKIGn+LZQ5E+McVzA0l9v9uGswER9NB469opfzh62Ri40K6axXRvIm
z6wbiJEXnM4U9DlNUi47F30HQ3BFLThXttEks620IXc+ErwwJ9Ro5s975FyeaXcD
3MhiMaBSw0NTG/e4hgRAqCFqzw5bOswQyCvPzJLMyoaVNgIBkHP1hgFw1JG5YUtV
6M51RCDJfZl/ffXxf2NwDMHPAaBveaKm2GB38/zge+sjkTxrsb+elsUZPcKz7tOx
AHZaPT4ImGxBUnKRgG8iamZQQ0qdERw1roMrSlzxbW/+KtW78Bs/3if11QIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOew9fhXMnF7rjVul8VyixEwIsc9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNTdEMS1GY3ljWHV1Tlc2WHhYS0xFVEFpeHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAwlcfAwQC
wlckAwQAwlfYAwQAwlfaAwQAwlfhAwQAwocgAwQAwocmAwQAwodoAwQAw4UJAwQA
w4UVMAwDBADDhRkDBALDhRgDBADDhTsDBADUwA4DBALUwRgwDQYJKoZIhvcNAQEL
BQADggEBABsLiUwYJqTBa4YDn8FnlTcEdAjmOsPLLZSplMOdbwtLonnv7mQTVqD7
VAD2c7rUZ6hUEdgqi2JN1SyfWODk7Gqw2CHtvPDR8uh/TGGaasVMAEkrBHoEfgiI
cpo1cOForEoJgpBfxt61uc0K8x3we2A60EvD3QHcgjdyE79VGEUE5gEmvDUruu+r
Oi0j7PntNx9Ci3dnNclISx4cvNg8zg2aV0NCepn40fNAcRy59XJjcpphx8bZrYKi
ukeaCXFAfnnhcw9LBbhj+jVgyfJ7CWUQss4aILgNjBF6jh2ZcVzGQhF9j9Xm0P1Q
prDKehwV6w2lYCNoGx38hP5VyCrxaLo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-ams.rpki-client.org