Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9oGT-Erbim2jmogiTtH1GcAAGOY.roa
File: 9oGT-Erbim2jmogiTtH1GcAAGOY.roa (raw, json)
Hash identifier: gYdOP88rAo54U/hd/4BtyaZTcCVYhIZ0zLWrVk9N8Ag=
Subject key identifier: F6:81:93:F8:4A:DB:8A:6D:A3:9A:88:22:4E:D1:F5:19:C0:00:18:E6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852ABCAD701764E2A3E1E8AC5B32C5979F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9oGT-Erbim2jmogiTtH1GcAAGOY.roa
Signing time: Mon 19 Dec 2022 14:14:46 +0000
ROA not before: Mon 19 Dec 2022 14:14:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:bc:ad:70:17:64:e2:a3:e1:e8:ac:5b:32:c5:97:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 14:14:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f68193f84adb8a6da39a88224ed1f519c00018e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:60:0a:c3:92:06:43:45:b2:6b:a4:24:cb:53:
40:84:61:ef:13:eb:15:e4:84:f6:f7:cd:c7:6c:2a:
3e:c9:a3:52:88:e9:b2:a9:7c:06:7f:a3:d9:c5:3e:
5f:d9:b4:c6:26:b5:8a:eb:47:c3:38:20:da:ec:18:
bb:1a:e0:9b:0f:9a:4b:47:6d:42:fa:68:fa:7c:60:
c3:62:21:dc:c4:19:a7:cb:f6:30:fb:8f:ea:72:83:
0c:9b:70:83:0c:2d:a6:0c:3a:9b:2a:c0:6e:be:95:
3c:6b:5e:b4:73:f0:bd:79:9f:25:46:b1:35:3f:59:
37:99:0d:a9:6e:88:19:19:ad:fa:cb:70:82:e6:0e:
bb:1c:55:69:f3:d9:1d:4c:37:11:95:32:b3:30:c2:
7c:a7:04:4f:0c:d7:14:bd:3f:e8:88:58:29:80:05:
12:f2:22:01:75:9c:68:6c:5b:9d:74:44:d0:d7:58:
27:e4:df:3f:54:50:ac:0b:58:68:35:18:d4:8f:75:
d2:2c:cf:95:ac:35:28:c6:fb:64:a9:da:d6:37:2d:
00:3a:64:45:66:61:d4:70:f4:7b:d5:a4:47:14:c7:
22:c0:35:9a:28:d8:37:80:da:a7:93:a2:b2:3d:41:
bd:94:19:02:64:21:53:b7:7f:39:22:33:8d:39:a2:
13:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:81:93:F8:4A:DB:8A:6D:A3:9A:88:22:4E:D1:F5:19:C0:00:18:E6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9oGT-Erbim2jmogiTtH1GcAAGOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.1.0/24
194.87.38.0/24
194.87.42.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/23
194.87.187.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/24
195.58.56.0/24
195.133.0.0/24
195.133.30.0/24
195.133.35.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:7a:06:94:df:d3:91:6c:c1:4a:6b:5c:ad:fd:68:e2:4d:1b:
19:bd:c9:9f:d0:65:d5:97:84:34:81:d4:f6:89:a0:a7:90:ee:
a0:30:c0:0d:0d:e4:1e:bd:60:f5:a1:b1:ee:37:59:49:83:ba:
22:d0:a7:dd:33:c1:ec:51:90:22:09:0d:11:cd:64:f2:f5:24:
0e:ab:9b:13:01:5c:90:42:b6:b9:71:a9:e7:86:35:93:f4:32:
64:a0:48:cc:07:9d:ca:b5:c1:3d:1d:d1:b2:c9:3a:b0:54:ad:
b9:5c:79:69:6b:68:8b:21:f8:42:fd:2d:ce:dd:49:90:00:7d:
d2:31:37:e9:e9:ee:cd:60:86:b9:ec:1c:c9:48:d5:3b:ca:95:
b7:00:81:40:96:a9:b8:b3:17:93:00:52:7d:65:8e:38:45:f6:
d8:66:6a:ff:c0:00:b8:6f:c1:01:fb:8f:95:02:79:e3:dd:7f:
d0:d4:a2:05:9b:4f:ad:6b:a9:94:a2:85:b1:b9:a0:55:57:7c:
f5:c5:1b:d7:18:08:36:f5:41:ae:a6:56:73:c3:21:5e:10:45:
35:f4:af:e0:3b:ff:fe:02:96:c4:92:c3:59:ee:32:19:74:c1:
88:ff:e7:8a:ed:c5:9f:2b:60:82:2e:99:82:3e:84:8a:2e:0e:
ec:d1:fd:38
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYUqvK1wF2Tio+HorFsyxZefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE5MTQxNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjgxOTNmODRhZGI4YTZkYTM5YTg4MjI0ZWQxZjUxOWMwMDAxOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmAKw5IGQ0Wya6Qky1NAhGHvE+sV
5IT2983HbCo+yaNSiOmyqXwGf6PZxT5f2bTGJrWK60fDOCDa7Bi7GuCbD5pLR21C
+mj6fGDDYiHcxBmny/Yw+4/qcoMMm3CDDC2mDDqbKsBuvpU8a160c/C9eZ8lRrE1
P1k3mQ2pbogZGa36y3CC5g67HFVp89kdTDcRlTKzMMJ8pwRPDNcUvT/oiFgpgAUS
8iIBdZxobFuddETQ11gn5N8/VFCsC1hoNRjUj3XSLM+VrDUoxvtkqdrWNy0AOmRF
ZmHUcPR71aRHFMciwDWaKNg3gNqnk6KyPUG9lBkCZCFTt385IjONOaITTwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFPaBk/hK24pto5qIIk7R9RnAABjmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOW9HVC1FcmJpbTJqbW9naVR0SDFHY0FBR09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAMF8
AwMEAMJXAQMEAMJXJgMEAMJXKgMEAMJXSQMEAcJXggMEAMJXpgMEAMJXqAMEAcJX
sgMEAMJXuwMEAMKHEgMEAMKHFzAMAwQAwzojAwQAwzokAwQAwzoyAwQAwzo4AwQA
w4UAAwQAw4UeAwQAw4UjAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQBKegaU39OR
bMFKa1yt/WjiTRsZvcmf0GXVl4Q0gdT2iaCnkO6gMMANDeQevWD1obHuN1lJg7oi
0KfdM8HsUZAiCQ0RzWTy9SQOq5sTAVyQQra5cannhjWT9DJkoEjMB53KtcE9HdGy
yTqwVK25XHlpa2iLIfhC/S3O3UmQAH3SMTfp6e7NYIa57BzJSNU7ypW3AIFAlqm4
sxeTAFJ9ZY44RfbYZmr/wAC4b8EB+4+VAnnj3X/Q1KIFm0+ta6mUooWxuaBVV3z1
xRvXGAg29UGuplZzwyFeEEU19K/gO//+ApbEksNZ7jIZdMGI/+eK7cWfK2CCLpmC
PoSKLg7s0f04
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org