Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/94ghvjDjKdvE0f_6rHNN-tgpgN4.roa
File: 94ghvjDjKdvE0f_6rHNN-tgpgN4.roa (raw, json)
Hash identifier: 6l5mHzmxzl4enOrP+cUUdS7VHkzknc4gKUDTLlBqYhk=
Subject key identifier: F7:88:21:BE:30:E3:29:DB:C4:D1:FF:FA:AC:73:4D:FA:D8:29:80:DE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E872F38
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/94ghvjDjKdvE0f_6rHNN-tgpgN4.roa
Signing time: Fri 28 Jan 2022 00:31:52 +0000
ROA not before: Fri 28 Jan 2022 00:31:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.22.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.87.32.0/22 maxlen: 24
194.135.32.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
212.192.0.0/21 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.25.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
194.87.114.0/23 maxlen: 24
194.87.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 243740472 (0xe872f38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 28 00:31:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f78821be30e329dbc4d1fffaac734dfad82980de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bd:7d:a1:bd:ad:26:41:1b:85:e1:27:9e:f7:
a7:26:32:52:8f:e1:d5:64:de:0f:2a:dd:99:05:e0:
10:52:91:66:7c:cb:d1:08:a9:2f:2e:15:e4:3a:54:
ac:ac:37:c4:90:aa:36:36:4a:12:cf:14:89:33:84:
ed:ff:bb:5d:96:f2:ec:73:a0:6c:12:da:5e:a9:59:
2e:19:57:24:59:a6:3a:97:38:c9:31:cb:03:78:e4:
f2:47:6d:72:93:77:80:d3:34:a9:b6:00:36:93:8d:
1c:76:4d:e8:01:68:26:e3:56:14:05:25:ec:82:2b:
b3:d5:cb:34:e4:4f:be:4a:36:3f:8f:a2:f4:9f:c7:
74:75:ce:c4:99:64:d5:d8:b4:b0:41:c6:e9:46:9e:
6f:1a:21:8e:05:30:8f:42:8c:27:47:43:2a:c2:5a:
1a:53:0e:14:09:54:2f:96:94:c0:88:f0:77:cb:be:
74:4d:5b:6c:3f:e8:45:d7:ac:56:ac:12:c6:0a:72:
1b:1b:a8:cd:79:2a:ca:40:9b:b0:06:7a:d7:ae:7c:
19:55:74:4a:6a:c3:86:8e:1b:dc:50:9b:33:e3:c2:
29:8f:f1:46:31:0b:d5:d0:40:a6:7a:9e:d6:e8:0e:
dc:24:5a:63:35:fd:a7:4f:cc:58:76:af:f3:9d:24:
b2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:88:21:BE:30:E3:29:DB:C4:D1:FF:FA:AC:73:4D:FA:D8:29:80:DE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/94ghvjDjKdvE0f_6rHNN-tgpgN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.22.0/24
194.87.32.0/21
194.87.72.0/22
194.87.114.0/23
194.87.118.0/23
194.135.32.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.0.0/21
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
11:01:4d:38:59:ab:73:b2:bf:ec:00:37:6e:12:b9:3e:c2:1b:
ab:98:12:c2:b3:72:25:0b:d8:6d:10:c1:c5:0d:1e:c5:a7:9e:
26:4f:13:79:d6:45:e8:9a:87:88:97:51:51:43:01:87:a2:7f:
27:39:cd:ee:fd:a7:6a:c7:16:d1:b2:f9:04:b6:a1:1b:9d:6c:
4b:22:6b:e6:c0:04:b6:8d:6b:4b:5d:8a:78:b8:80:84:8e:11:
2a:a1:2b:bf:fd:f5:a3:c6:e1:42:33:28:5e:ed:26:57:92:b1:
24:10:e7:fe:03:de:5c:68:2e:d7:ef:77:10:2d:33:74:f1:0b:
30:b9:80:ee:7a:44:2c:46:9f:7a:5c:ce:0e:65:55:6a:98:13:
e6:f3:a1:0a:a4:be:41:36:1e:2b:c8:c4:76:f4:35:e1:e8:bf:
d2:37:65:71:c3:1a:5d:54:31:ec:b9:db:cd:ac:98:d5:9b:c9:
ba:a1:15:34:fc:01:2f:f0:2f:47:20:95:08:16:d8:a4:a8:94:
7d:f7:32:15:c9:6e:1e:e7:d2:41:26:29:e3:6d:e1:cf:a3:07:
93:59:44:94:6b:96:94:5e:e2:e3:ef:08:95:00:5e:d7:e3:94:
97:5b:10:52:c0:f5:a6:7d:ed:4c:21:43:68:6d:63:3c:85:a8:
97:c1:63:ef
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEDocvODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEy
ODAwMzE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc4ODIxYmUzMGUz
MjlkYmM0ZDFmZmZhYWM3MzRkZmFkODI5ODBkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALO9faG9rSZBG4XhJ573pyYyUo/h1WTeDyrdmQXgEFKRZnzL
0QipLy4V5DpUrKw3xJCqNjZKEs8UiTOE7f+7XZby7HOgbBLaXqlZLhlXJFmmOpc4
yTHLA3jk8kdtcpN3gNM0qbYANpONHHZN6AFoJuNWFAUl7IIrs9XLNORPvko2P4+i
9J/HdHXOxJlk1di0sEHG6UaebxohjgUwj0KMJ0dDKsJaGlMOFAlUL5aUwIjwd8u+
dE1bbD/oRdesVqwSxgpyGxuozXkqykCbsAZ61658GVV0SmrDho4b3FCbM+PCKY/x
RjEL1dBApnqe1ugO3CRaYzX9p0/MWHav850kssMCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBT3iCG+MOMp28TR//qsc0362CmA3jAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
Lzk0Z2h2akRqS2R2RTBmXzZySE5OLXRncGdONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAMFscAMEAMJXFgMEA8JXIAMEAsJX
SAMEAcJXcgMEAcJXdgMEAMKHIDAMAwQAw4UZAwQCw4UYAwQAw4U3AwQAw4U7AwQD
1MAAAwQA1MECMA0GCSqGSIb3DQEBCwUAA4IBAQARAU04Watzsr/sADduErk+whur
mBLCs3IlC9htEMHFDR7Fp54mTxN51kXomoeIl1FRQwGHon8nOc3u/adqxxbRsvkE
tqEbnWxLImvmwAS2jWtLXYp4uICEjhEqoSu//fWjxuFCMyhe7SZXkrEkEOf+A95c
aC7X73cQLTN08QswuYDuekQsRp96XM4OZVVqmBPm86EKpL5BNh4ryMR29DXh6L/S
N2VxwxpdVDHsudvNrJjVm8m6oRU0/AEv8C9HIJUIFtikqJR99zIVyW4e59JBJinj
beHPoweTWUSUa5aUXuLj7wiVAF7X45SXWxBSwPWmfe1MIUNobWM8haiXwWPv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org