Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6zH7kzvLAwP4nwblN5sRv1NfbRE.roa
File: 6zH7kzvLAwP4nwblN5sRv1NfbRE.roa (raw, json)
Hash identifier: bqfNJOYOZpYbjDGTB6woDGcFJ/VxHVKpoPGXqfCoxvY=
Subject key identifier: EB:31:FB:93:3B:CB:03:03:F8:9F:06:E5:37:9B:11:BF:53:5F:6D:11
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01851171F5577AA32881593EEE92D6DB709F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6zH7kzvLAwP4nwblN5sRv1NfbRE.roa
Signing time: Wed 14 Dec 2022 16:22:39 +0000
ROA not before: Wed 14 Dec 2022 16:22:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 195.133.29.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:71:f5:57:7a:a3:28:81:59:3e:ee:92:d6:db:70:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 14 16:22:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb31fb933bcb0303f89f06e5379b11bf535f6d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5e:c4:da:e7:ed:db:9d:99:c7:cb:93:5e:11:
f8:25:23:1b:7d:3a:01:38:a0:25:2b:ce:13:92:90:
71:97:ec:d7:0e:c0:a2:b9:bf:96:67:d0:e9:5d:d4:
4b:16:1d:a8:9b:82:10:92:29:3e:8d:2c:5b:ae:06:
fb:86:ef:69:5d:ac:70:82:2d:a7:51:50:d2:f4:87:
0b:10:7a:6d:c1:0c:2e:25:09:2f:f1:5f:a5:b2:b8:
b2:73:6d:bb:4e:27:08:32:4e:ea:b7:3f:3b:cb:02:
20:77:db:bb:eb:1d:a3:f6:09:ab:24:fe:5e:e1:68:
7a:f9:c3:e7:b7:60:3d:19:f3:6e:25:b4:98:f6:ba:
5a:4c:01:99:53:75:1b:fb:e8:32:9d:5b:8e:e3:01:
46:67:95:54:e1:29:cc:52:d1:58:ff:e9:5a:42:fc:
47:6b:29:32:91:93:89:e3:e8:0c:2f:cd:c9:70:8e:
45:61:53:70:fb:a0:f9:98:c3:7f:6c:68:7a:d7:39:
12:d8:7e:1a:15:ad:40:d9:ab:fd:62:ff:75:f7:fe:
d1:74:a8:94:92:c8:7c:40:84:da:20:7d:83:4b:c7:
a0:84:ac:23:46:49:a8:53:c1:99:c9:a6:16:9d:d3:
d0:a1:92:48:6e:11:93:ba:20:91:5e:ea:d1:a9:27:
8f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:31:FB:93:3B:CB:03:03:F8:9F:06:E5:37:9B:11:BF:53:5F:6D:11
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6zH7kzvLAwP4nwblN5sRv1NfbRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.91.0/24
193.124.95.0/24
195.58.55.0/24
195.133.29.0/24
Signature Algorithm: sha256WithRSAEncryption
12:da:7a:6d:31:f1:10:1c:ab:61:ae:31:e7:3d:ea:04:75:d6:
94:51:71:3b:2d:4c:a7:ce:05:35:0d:32:fb:8f:aa:c7:cb:e3:
09:c2:18:f9:c1:fc:99:59:ca:58:f3:b4:56:eb:d7:cd:b1:fb:
f4:0a:d8:ec:59:10:b9:f9:09:f5:d4:df:78:90:67:28:c0:e8:
3b:7a:51:2f:3e:9b:cc:dc:0e:26:65:5e:85:94:b3:6f:d8:e8:
2e:d3:bf:ea:16:eb:c9:26:3b:eb:0c:47:30:24:ed:ee:f1:a4:
77:1f:78:aa:40:b5:44:00:11:c9:7f:53:54:50:9c:84:64:18:
74:8c:1e:6f:f1:bc:9c:46:28:b3:98:51:9e:ed:1b:4b:91:15:
2d:ae:e6:fc:ab:8f:a6:9c:f3:87:36:22:b5:da:78:d6:06:0b:
fd:4b:05:b5:95:b6:43:73:b8:c2:0f:19:0c:68:44:e8:71:eb:
9d:d3:74:b1:ca:1a:e4:bf:8d:2e:86:ad:e7:77:7e:21:74:83:
ec:56:92:7b:e6:5c:8f:9c:6b:96:40:85:48:f7:aa:c5:49:13:
9e:0c:08:f0:03:9a:58:44:27:1e:04:28:c2:d2:9d:3d:d7:c8:
25:50:ef:3e:f7:ac:bf:09:23:35:e4:25:63:66:94:97:32:52:
5f:e2:f3:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYURcfVXeqMogVk+7pLW23CfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE0MTYyMjM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjMxZmI5MzNiY2IwMzAzZjg5ZjA2ZTUzNzliMTFiZjUzNWY2ZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF7E2uft252Zx8uTXhH4JSMbfToB
OKAlK84TkpBxl+zXDsCiub+WZ9DpXdRLFh2om4IQkik+jSxbrgb7hu9pXaxwgi2n
UVDS9IcLEHptwQwuJQkv8V+lsriyc227TicIMk7qtz87ywIgd9u76x2j9gmrJP5e
4Wh6+cPnt2A9GfNuJbSY9rpaTAGZU3Ub++gynVuO4wFGZ5VU4SnMUtFY/+laQvxH
aykykZOJ4+gML83JcI5FYVNw+6D5mMN/bGh61zkS2H4aFa1A2av9Yv919/7RdKiU
ksh8QITaIH2DS8eghKwjRkmoU8GZyaYWndPQoZJIbhGTuiCRXurRqSePvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOsx+5M7ywMD+J8G5TebEb9TX20RMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNnpIN2t6dkxBd1A0bndibE41c1J2MU5mYlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxbAwQA
wXxfAwQAwzo3AwQAw4UdMA0GCSqGSIb3DQEBCwUAA4IBAQAS2nptMfEQHKthrjHn
PeoEddaUUXE7LUynzgU1DTL7j6rHy+MJwhj5wfyZWcpY87RW69fNsfv0CtjsWRC5
+Qn11N94kGcowOg7elEvPpvM3A4mZV6FlLNv2Ogu07/qFuvJJjvrDEcwJO3u8aR3
H3iqQLVEABHJf1NUUJyEZBh0jB5v8bycRiizmFGe7RtLkRUtrub8q4+mnPOHNiK1
2njWBgv9SwW1lbZDc7jCDxkMaEToceud03Sxyhrkv40uhq3nd34hdIPsVpJ75lyP
nGuWQIVI96rFSROeDAjwA5pYRCceBCjC0p0918glUO8+96y/CSM15CVjZpSXMlJf
4vN/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org