Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6P3lcWetXygXo5fmXNz3TfY1MhM.roa
File: 6P3lcWetXygXo5fmXNz3TfY1MhM.roa (raw, json)
Hash identifier: VLImbkUqxWT91dTQrvHQSlRsJZVq9omACItN1KF1xRA=
Subject key identifier: E8:FD:E5:71:67:AD:5F:28:17:A3:97:E6:5C:DC:F7:4D:F6:35:32:13
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184565791BE4E4A994FD691ADC0982A27C9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6P3lcWetXygXo5fmXNz3TfY1MhM.roa
Signing time: Tue 08 Nov 2022 08:24:50 +0000
ROA not before: Tue 08 Nov 2022 08:24:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.82.0/24 maxlen: 24
185.72.9.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:57:91:be:4e:4a:99:4f:d6:91:ad:c0:98:2a:27:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 08:24:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8fde57167ad5f2817a397e65cdcf74df6353213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1b:db:96:83:be:c7:55:1c:3d:4a:77:f6:3b:
cf:16:22:ed:76:ec:cc:44:32:74:d9:ba:32:7e:f6:
5d:d6:47:98:45:2a:24:fe:04:43:78:68:3a:88:c3:
e7:3a:11:50:e2:96:b1:5f:bf:c3:64:94:ee:06:44:
14:a1:7b:9f:bf:b3:a7:44:fe:45:87:bc:f3:c5:66:
00:fc:7b:23:fb:c7:10:9b:86:a3:1b:bc:8c:91:2b:
1d:31:8c:83:6a:a8:bb:05:95:cb:24:68:e6:93:1a:
41:ec:f1:c1:8f:bb:ad:bd:8b:3b:bc:4d:16:d8:6c:
7b:c5:e2:66:5c:74:07:59:19:10:cd:33:41:9a:e4:
75:53:b5:5c:d7:6b:ea:28:a3:32:00:88:fe:ff:39:
be:0b:c0:cb:c5:f8:6c:01:91:25:f7:51:0c:c6:1e:
bf:8e:85:bf:d3:fa:51:e8:7a:15:51:b7:3c:d7:48:
ee:8d:91:4b:d5:ed:35:bc:16:7c:72:fc:e7:ce:e9:
cc:2b:ad:33:e2:5f:d2:33:7b:be:3d:54:b0:53:ce:
b2:a6:2a:11:93:e4:e5:1c:a2:35:60:11:1c:90:35:
b0:9b:f4:38:d1:6b:3f:99:ae:1a:88:fb:ba:f3:3f:
83:d0:ad:13:33:c8:46:6d:8e:b9:85:b4:51:80:41:
ba:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:FD:E5:71:67:AD:5F:28:17:A3:97:E6:5C:DC:F7:4D:F6:35:32:13
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6P3lcWetXygXo5fmXNz3TfY1MhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.9.0/24
194.87.73.0/24
194.87.90.0/24
194.87.181.0/24
194.87.198.0/24
195.133.82.0/24
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:84:93:38:de:86:b0:32:4e:0d:f2:bc:f5:be:72:45:59:4f:
23:ad:ff:8e:ee:17:3c:c8:91:23:00:cb:b1:3a:da:7e:c8:a4:
1d:81:64:84:1c:b8:3b:3e:91:9e:93:ad:cf:33:9e:2a:ad:2f:
78:18:b7:67:53:15:2c:b3:8f:e4:b7:cd:f8:63:15:f8:3a:cb:
be:d7:72:b9:42:4e:6a:90:3d:06:bc:b0:91:54:48:75:61:dc:
cc:d1:3d:10:39:1a:a6:1a:63:f1:14:83:55:3a:8f:20:e0:ec:
79:11:0b:3d:84:e5:52:a3:0b:e2:5c:4d:11:e0:5f:70:92:bf:
8c:84:49:fc:db:d4:10:7e:53:db:4b:72:43:34:67:f4:81:dd:
8f:d5:91:f7:bf:ff:33:f2:26:05:55:56:53:52:98:ba:11:e6:
c0:01:fe:99:0a:25:c5:6b:ae:73:27:b7:d3:81:1e:cb:f6:7a:
cf:cf:2a:e4:06:57:fc:fa:53:39:59:52:b8:ab:02:bf:a0:90:
97:fe:c2:e5:aa:ac:b5:7f:f8:08:8a:ba:e3:36:86:ef:78:88:
73:03:9a:00:ca:9d:c9:f9:5f:22:ec:97:6d:de:54:81:93:13:
9e:b3:17:42:b1:43:23:39:1e:34:56:e2:ff:91:3e:1c:86:ee:
58:ef:d6:d0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYRWV5G+TkqZT9aRrcCYKifJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA4MDgyNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGZkZTU3MTY3YWQ1ZjI4MTdhMzk3ZTY1Y2RjZjc0ZGY2MzUzMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBvbloO+x1UcPUp39jvPFiLtduzM
RDJ02boyfvZd1keYRSok/gRDeGg6iMPnOhFQ4paxX7/DZJTuBkQUoXufv7OnRP5F
h7zzxWYA/Hsj+8cQm4ajG7yMkSsdMYyDaqi7BZXLJGjmkxpB7PHBj7utvYs7vE0W
2Gx7xeJmXHQHWRkQzTNBmuR1U7Vc12vqKKMyAIj+/zm+C8DLxfhsAZEl91EMxh6/
joW/0/pR6HoVUbc810jujZFL1e01vBZ8cvznzunMK60z4l/SM3u+PVSwU86ypioR
k+TlHKI1YBEckDWwm/Q40Ws/ma4aiPu68z+D0K0TM8hGbY65hbRRgEG6AQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOj95XFnrV8oF6OX5lzc9032NTITMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNlAzbGNXZXRYeWdYbzVmbVhOejNUZlkxTWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAuUgJAwQA
wldJAwQAwldaAwQAwle1AwQAwlfGAwQAw4VSAwQA1MEAMA0GCSqGSIb3DQEBCwUA
A4IBAQAPhJM43oawMk4N8rz1vnJFWU8jrf+O7hc8yJEjAMuxOtp+yKQdgWSEHLg7
PpGek63PM54qrS94GLdnUxUss4/kt834YxX4Osu+13K5Qk5qkD0GvLCRVEh1YdzM
0T0QORqmGmPxFINVOo8g4Ox5EQs9hOVSowviXE0R4F9wkr+MhEn829QQflPbS3JD
NGf0gd2P1ZH3v/8z8iYFVVZTUpi6EebAAf6ZCiXFa65zJ7fTgR7L9nrPzyrkBlf8
+lM5WVK4qwK/oJCX/sLlqqy1f/gIirrjNobveIhzA5oAyp3J+V8i7Jdt3lSBkxOe
sxdCsUMjOR40VuL/kT4chu5Y79bQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-ams.rpki-client.org