Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6o6pnOPih6288s4OyLUhs9_3ZUc.roa
File: 6o6pnOPih6288s4OyLUhs9_3ZUc.roa (raw, json)
Hash identifier: 2JgXUodGWY03JOofl8IVzwcyxN54+abbGitHkd5RlyA=
Subject key identifier: EA:8E:A9:9C:E3:E2:87:AD:BC:F2:CE:0E:C8:B5:21:B3:DF:F7:65:47
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0F2109BB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6o6pnOPih6288s4OyLUhs9_3ZUc.roa
Signing time: Thu 17 Mar 2022 07:52:40 +0000
ROA not before: Thu 17 Mar 2022 07:52:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.22.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.32.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
212.192.0.0/21 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.25.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
194.87.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253823419 (0xf2109bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 17 07:52:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea8ea99ce3e287adbcf2ce0ec8b521b3dff76547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:61:01:c9:36:1a:9e:7c:c9:92:91:d9:a4:
6c:f4:19:90:1b:f7:45:22:b9:eb:aa:ab:9e:db:b9:
7f:14:71:ff:42:ba:91:5a:62:23:79:d8:e9:7b:b6:
3a:01:81:cb:15:5f:18:36:b8:dd:de:56:40:0e:52:
a8:12:06:d5:30:da:90:4d:06:63:0f:96:68:af:af:
ae:bb:e7:65:c7:ae:ea:ee:7b:b5:ff:bd:85:87:0f:
90:8c:aa:b7:d5:2f:8b:f2:35:24:d1:9f:f5:4b:e7:
58:5e:60:13:47:e9:b8:bb:30:be:e8:9e:ea:fb:f5:
b9:9f:38:71:4d:90:c3:18:58:36:20:ae:18:fa:64:
f2:96:2e:32:90:e8:d3:c0:9d:cb:48:39:f1:43:6b:
90:91:36:98:ea:b7:41:76:06:06:b3:08:c8:be:d1:
32:2a:47:46:f3:9c:71:20:62:2a:a1:e6:b7:5f:fe:
fa:44:79:68:6c:5c:d7:4c:96:6f:48:43:c9:06:10:
3e:fc:9c:e5:b6:17:e4:f0:2f:5d:3b:7a:18:03:ed:
84:f1:4e:2a:7d:bc:af:b8:68:42:85:af:c6:4b:b1:
76:8c:df:bd:be:53:be:9a:73:a1:59:ca:1c:83:e2:
b1:db:10:21:ba:4d:32:e7:47:d0:9e:87:65:e4:f3:
83:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8E:A9:9C:E3:E2:87:AD:BC:F2:CE:0E:C8:B5:21:B3:DF:F7:65:47
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6o6pnOPih6288s4OyLUhs9_3ZUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.22.0/24
194.87.36.0/22
194.87.72.0/22
194.87.118.0/23
194.135.32.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.0.0/21
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
72:4f:00:ef:74:0c:d9:ac:1a:8f:a7:e3:30:88:f5:c4:6d:55:
18:01:0c:9d:ed:6e:9f:28:47:b1:97:d9:0f:e2:90:23:33:b5:
f3:86:9e:63:3c:71:3d:0b:90:86:e0:dc:fa:7e:cb:76:15:03:
cc:66:f1:95:12:79:26:6d:5f:2f:0c:78:d2:09:35:40:93:10:
18:63:56:6e:bd:da:b4:e0:7e:80:03:ca:cc:1e:9a:9e:04:b4:
22:cb:27:20:16:5b:57:e3:ed:aa:46:8c:df:69:35:70:fd:c8:
87:18:8f:86:b0:cc:1c:31:a3:1b:07:e7:00:b3:54:2d:46:0c:
1c:99:38:65:22:68:70:c4:5d:db:32:51:2a:72:23:e4:9f:db:
16:bd:44:2c:75:61:86:9f:94:7d:9e:68:1d:f6:60:c9:61:78:
f0:68:a4:35:47:64:91:e3:47:51:c5:4e:45:12:d2:c7:2d:04:
af:d2:f9:3e:54:13:c6:62:de:8c:61:a8:6d:b3:e0:43:31:25:
6e:38:a2:27:d6:91:67:1b:93:ab:5e:4a:c7:47:55:af:93:1e:
41:71:4f:dd:5a:1e:13:b4:61:fe:8f:0c:dd:74:85:7d:0d:76:
da:88:2f:4d:28:95:68:a2:76:68:e4:b4:5d:24:93:5b:d5:cf:
05:d1:a3:31
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEDyEJuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDMx
NzA3NTI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWE4ZWE5OWNlM2Uy
ODdhZGJjZjJjZTBlYzhiNTIxYjNkZmY3NjU0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtdYQHJNhqefMmSkdmkbPQZkBv3RSK566qrntu5fxRx/0K6
kVpiI3nY6Xu2OgGByxVfGDa43d5WQA5SqBIG1TDakE0GYw+WaK+vrrvnZceu6u57
tf+9hYcPkIyqt9Uvi/I1JNGf9UvnWF5gE0fpuLswvuie6vv1uZ84cU2QwxhYNiCu
GPpk8pYuMpDo08Cdy0g58UNrkJE2mOq3QXYGBrMIyL7RMipHRvOccSBiKqHmt1/+
+kR5aGxc10yWb0hDyQYQPvyc5bYX5PAvXTt6GAPthPFOKn28r7hoQoWvxkuxdozf
vb5TvppzoVnKHIPisdsQIbpNMudH0J6HZeTzg00CAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBTqjqmc4+KHrbzyzg7ItSGz3/dlRzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
LzZvNnBuT1BpaDYyODhzNE95TFVoczlfM1pVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAMFscAMEAMJXFgMEAsJXJAMEAsJX
SAMEAcJXdgMEAMKHIDAMAwQAw4UZAwQCw4UYAwQAw4U3AwQAw4U7AwQD1MAAAwQA
1MECMA0GCSqGSIb3DQEBCwUAA4IBAQByTwDvdAzZrBqPp+MwiPXEbVUYAQyd7W6f
KEexl9kP4pAjM7Xzhp5jPHE9C5CG4Nz6fst2FQPMZvGVEnkmbV8vDHjSCTVAkxAY
Y1Zuvdq04H6AA8rMHpqeBLQiyycgFltX4+2qRozfaTVw/ciHGI+GsMwcMaMbB+cA
s1QtRgwcmThlImhwxF3bMlEqciPkn9sWvUQsdWGGn5R9nmgd9mDJYXjwaKQ1R2SR
40dRxU5FEtLHLQSv0vk+VBPGYt6MYahts+BDMSVuOKIn1pFnG5OrXkrHR1Wvkx5B
cU/dWh4TtGH+jwzddIV9DXbaiC9NKJVoonZo5LRdJJNb1c8F0aMx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:56 2023 by rpki-client on console-fra.rpki-client.org