Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9NLv7hKDkN0ZIMGsQY8n8peMXqc.roa
File: 9NLv7hKDkN0ZIMGsQY8n8peMXqc.roa (raw, json)
Hash identifier: Q8nOuew5uaIon5VrDbGqb/6tnsoIm/Fd36+o6Cu6HgY=
Subject key identifier: F4:D2:EF:EE:12:83:90:DD:19:20:C1:AC:41:8F:27:F2:97:8C:5E:A7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01849EFA532DE500DF423020E93FC8123081
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9NLv7hKDkN0ZIMGsQY8n8peMXqc.roa
Signing time: Tue 22 Nov 2022 10:55:16 +0000
ROA not before: Tue 22 Nov 2022 10:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:fa:53:2d:e5:00:df:42:30:20:e9:3f:c8:12:30:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 22 10:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4d2efee128390dd1920c1ac418f27f2978c5ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cb:f0:ea:85:4d:f5:7e:85:0f:f4:45:a5:ab:
f7:ae:ae:54:ea:0f:04:38:64:2b:29:fe:f2:97:72:
c3:bc:30:20:00:81:fa:e9:7c:80:de:ff:9f:55:48:
c2:7f:1c:5b:7a:10:c9:05:93:72:b1:ac:cf:ae:5c:
3a:22:f0:38:6a:86:84:71:05:5a:17:7e:9c:42:59:
9e:b6:1f:a6:db:3d:d6:63:87:7f:2f:71:87:a9:ac:
59:1e:b3:d9:7c:cf:55:87:3f:b8:04:7f:0a:04:5e:
70:99:c1:a4:07:74:a5:94:28:74:7f:da:01:6f:b5:
58:33:20:46:06:99:9e:3f:9e:37:a3:9f:a4:4f:4e:
81:a2:22:c5:1b:50:9d:13:c1:65:4c:5e:1e:b8:62:
5b:02:b4:75:0f:5d:61:bb:34:85:3a:35:d1:d1:6d:
a5:36:2f:0c:24:67:9c:eb:4d:30:a8:26:21:49:02:
e2:4b:36:f1:29:f7:a3:2a:6c:c9:d0:20:34:21:ec:
c1:44:c9:bc:f3:d9:b4:db:bf:da:67:4f:c5:37:7a:
15:2c:d6:77:c8:4a:fb:47:5d:7a:77:c8:09:e9:7e:
20:3c:0d:ee:e4:fc:4c:b7:b1:f4:7e:47:91:87:55:
af:b7:98:4a:b2:e6:51:99:5e:92:1f:f8:16:33:7a:
5c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D2:EF:EE:12:83:90:DD:19:20:C1:AC:41:8F:27:F2:97:8C:5E:A7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9NLv7hKDkN0ZIMGsQY8n8peMXqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.1.0/24
194.87.38.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/23
194.135.23.0/24
195.58.35.0/24
195.133.0.0/24
195.133.35.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
21:5d:7c:b1:9b:e5:a9:65:39:39:31:6b:97:ea:88:fa:9c:6e:
48:94:58:1b:9d:4c:6b:45:72:45:3b:8d:c2:54:e7:8f:b9:09:
6d:05:ee:62:9c:47:b8:90:d6:26:40:24:13:38:d4:5e:bd:04:
ed:a9:b0:54:16:2b:0a:57:49:db:e6:28:29:da:91:99:6d:3f:
68:79:51:67:7f:6b:38:2f:03:22:3d:85:df:b5:d1:85:f9:f4:
af:bf:57:9a:f4:37:35:0a:e7:0f:5e:39:2f:d0:15:03:d7:d2:
bd:d6:dd:52:af:17:c4:f6:4e:4a:d7:37:66:3f:b8:d6:f3:e0:
83:36:3c:d7:0e:05:35:a3:23:6b:b0:af:f3:21:d0:4e:aa:47:
c4:e0:b2:82:d9:c7:ae:c0:13:36:29:e3:1e:26:d8:6c:de:6c:
2e:4d:42:95:ee:05:c6:48:1c:df:47:13:11:27:49:f9:57:2c:
6d:be:ba:0c:41:8d:54:93:5c:05:6b:75:3f:df:4d:e8:c9:db:
ae:35:7b:59:59:21:85:28:76:3d:cd:9a:54:9e:40:60:42:19:
97:e3:12:c5:26:29:8b:c7:2d:17:b0:c9:7a:8e:8d:d1:c4:ea:
89:28:bc:ff:81:4e:25:e2:8c:8a:db:0e:ce:bf:b0:c1:2d:98:
b0:af:d7:de
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYSe+lMt5QDfQjAg6T/IEjCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIyMTA1NTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQyZWZlZTEyODM5MGRkMTkyMGMxYWM0MThmMjdmMjk3OGM1ZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcvw6oVN9X6FD/RFpav3rq5U6g8E
OGQrKf7yl3LDvDAgAIH66XyA3v+fVUjCfxxbehDJBZNysazPrlw6IvA4aoaEcQVa
F36cQlmeth+m2z3WY4d/L3GHqaxZHrPZfM9Vhz+4BH8KBF5wmcGkB3SllCh0f9oB
b7VYMyBGBpmeP543o5+kT06BoiLFG1CdE8FlTF4euGJbArR1D11huzSFOjXR0W2l
Ni8MJGec600wqCYhSQLiSzbxKfejKmzJ0CA0IezBRMm889m027/aZ0/FN3oVLNZ3
yEr7R116d8gJ6X4gPA3u5PxMt7H0fkeRh1Wvt5hKsuZRmV6SH/gWM3pcCwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPTS7+4Sg5DdGSDBrEGPJ/KXjF6nMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOU5MdjdoS0RrTjBaSU1Hc1FZOG44cGVNWHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwXwDAwQA
wlcBAwQAwlcmAwQAwldJAwQBwleCAwQAwlemAwQAwleoAwQBwleyAwQAwocXAwQA
wzojAwQAw4UAAwQAw4UjAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQAhXXyxm+Wp
ZTk5MWuX6oj6nG5IlFgbnUxrRXJFO43CVOePuQltBe5inEe4kNYmQCQTONRevQTt
qbBUFisKV0nb5igp2pGZbT9oeVFnf2s4LwMiPYXftdGF+fSvv1ea9Dc1CucPXjkv
0BUD19K91t1SrxfE9k5K1zdmP7jW8+CDNjzXDgU1oyNrsK/zIdBOqkfE4LKC2ceu
wBM2KeMeJths3mwuTUKV7gXGSBzfRxMRJ0n5VyxtvroMQY1Uk1wFa3U/303oyduu
NXtZWSGFKHY9zZpUnkBgQhmX4xLFJimLxy0XsMl6jo3RxOqJKLz/gU4l4oyK2w7O
v7DBLZiwr9fe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org