Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/80buTWRQHFwX9rvLQWk8OAcu1Og.roa
File: 80buTWRQHFwX9rvLQWk8OAcu1Og.roa (raw, json)
Hash identifier: D35swwei9MbqLhmqJaWGSxe3EIJM8/PUZrs+4AzDOtE=
Subject key identifier: F3:46:EE:4D:64:50:1C:5C:17:F6:BB:CB:41:69:3C:38:07:2E:D4:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01841358BFDF85B79D88907297B4BA870885
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/80buTWRQHFwX9rvLQWk8OAcu1Og.roa
Signing time: Wed 26 Oct 2022 08:11:34 +0000
ROA not before: Wed 26 Oct 2022 08:11:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:58:bf:df:85:b7:9d:88:90:72:97:b4:ba:87:08:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 26 08:11:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f346ee4d64501c5c17f6bbcb41693c38072ed4e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b3:fe:b6:ba:e3:7c:cf:65:00:52:f3:66:c8:
ab:56:95:9d:89:97:99:cf:03:cd:6f:85:6d:4f:29:
f3:28:2c:ea:e9:db:82:a1:dc:95:a6:cb:40:96:d8:
9d:81:46:97:4c:5d:32:20:ff:3a:34:da:fd:9e:22:
0a:c1:18:e8:65:72:f5:48:6c:2d:66:62:50:73:8a:
84:de:dc:d5:2b:57:ea:c9:c2:07:80:b3:27:dc:ff:
40:22:e7:91:1f:0d:42:2f:e4:ac:a1:26:d1:8c:c0:
0d:34:d0:bb:7a:00:90:67:70:47:f7:16:6a:45:9f:
0d:46:5c:5c:9f:99:97:95:8d:ad:49:53:fb:11:59:
ae:e8:f0:93:52:76:54:01:2b:b7:d5:66:d0:4b:b9:
a1:e3:98:46:1b:a2:0a:76:82:7d:58:1a:a0:74:2f:
7d:29:dd:58:26:a0:0a:c6:f4:0b:41:fd:70:77:b9:
cd:48:f5:33:2b:b1:b7:da:14:67:b1:9e:07:a6:9b:
90:8a:01:b5:fc:71:b6:65:d0:9c:b5:8c:35:3a:2e:
ed:7b:f1:d1:d9:4e:8a:56:28:b8:71:76:85:52:3a:
e1:32:53:cd:9d:64:74:37:01:fb:78:ec:e6:8e:16:
a8:67:72:50:8c:46:bb:b3:f5:f1:30:fd:84:85:32:
73:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:46:EE:4D:64:50:1C:5C:17:F6:BB:CB:41:69:3C:38:07:2E:D4:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/80buTWRQHFwX9rvLQWk8OAcu1Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.16.0/24
193.124.47.0/24
193.124.125.0/24
194.58.45.0/24
194.87.37.0/24
194.87.56.0/24
194.87.162.0/24
194.87.207.0/24
195.133.73.0/24
212.192.209.0/24
Signature Algorithm: sha256WithRSAEncryption
66:90:8c:e1:1c:a9:eb:9b:6c:e7:06:c1:40:52:28:24:88:19:
8d:f7:2d:cc:81:44:ce:d6:76:f0:3f:56:e7:3c:a8:e8:ec:59:
15:3c:2f:4d:2f:12:a1:e8:d7:49:ac:30:ba:2e:c9:98:7d:9d:
22:d1:90:bc:54:3b:2a:a3:84:7f:0c:10:7a:db:be:d5:12:5f:
13:88:66:49:a5:2e:ee:da:a2:cd:3a:76:85:6e:ff:c0:72:90:
80:bd:e9:ca:29:bd:17:8b:8c:e5:69:c4:56:f0:02:90:76:50:
20:be:b3:9f:60:c8:08:19:78:40:bb:ca:65:01:64:06:6b:17:
1e:c9:e0:68:04:10:74:3e:20:c9:44:3e:e8:fe:d4:c7:87:97:
fe:8e:fc:26:20:6d:24:5d:54:41:63:f2:08:4d:64:cf:92:cc:
9b:7b:4b:cf:e1:db:bf:ed:9e:07:d3:f5:4b:49:77:85:52:b8:
2e:ab:eb:41:ca:22:f4:e8:e0:58:00:f0:47:0f:56:9f:8f:b0:
b8:0a:03:1c:c6:43:49:d5:fd:42:12:c4:7c:8e:a5:6e:95:df:
10:fb:f3:56:e1:96:1b:b6:2a:a1:7a:fc:92:75:de:e3:69:61:
b7:6b:36:ac:1a:3f:2a:90:ed:e3:56:8a:fa:89:64:9c:d1:dc:
0e:e3:27:fa
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYQTWL/fhbediJByl7S6hwiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI2MDgxMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQ2ZWU0ZDY0NTAxYzVjMTdmNmJiY2I0MTY5M2MzODA3MmVkNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbP+trrjfM9lAFLzZsirVpWdiZeZ
zwPNb4VtTynzKCzq6duCodyVpstAltidgUaXTF0yIP86NNr9niIKwRjoZXL1SGwt
ZmJQc4qE3tzVK1fqycIHgLMn3P9AIueRHw1CL+SsoSbRjMANNNC7egCQZ3BH9xZq
RZ8NRlxcn5mXlY2tSVP7EVmu6PCTUnZUASu31WbQS7mh45hGG6IKdoJ9WBqgdC99
Kd1YJqAKxvQLQf1wd7nNSPUzK7G32hRnsZ4HppuQigG1/HG2ZdCctYw1Oi7te/HR
2U6KVii4cXaFUjrhMlPNnWR0NwH7eOzmjhaoZ3JQjEa7s/XxMP2EhTJz9wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPNG7k1kUBxcF/a7y0FpPDgHLtToMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvODBidVRXUlFIRndYOXJ2TFFXazhPQWN1MU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXwEAwQA
wXwQAwQAwXwvAwQAwXx9AwQAwjotAwQAwlclAwQAwlc4AwQAwleiAwQAwlfPAwQA
w4VJAwQA1MDRMA0GCSqGSIb3DQEBCwUAA4IBAQBmkIzhHKnrm2znBsFAUigkiBmN
9y3MgUTO1nbwP1bnPKjo7FkVPC9NLxKh6NdJrDC6LsmYfZ0i0ZC8VDsqo4R/DBB6
277VEl8TiGZJpS7u2qLNOnaFbv/AcpCAvenKKb0Xi4zlacRW8AKQdlAgvrOfYMgI
GXhAu8plAWQGaxceyeBoBBB0PiDJRD7o/tTHh5f+jvwmIG0kXVRBY/IITWTPksyb
e0vP4du/7Z4H0/VLSXeFUrguq+tByiL06OBYAPBHD1afj7C4CgMcxkNJ1f1CEsR8
jqVuld8Q+/NW4ZYbtiqhevySdd7jaWG3azasGj8qkO3jVor6iWSc0dwO4yf6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org