Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ANwmxdTuW-My0EUEbinS5qK1b_g.roa
File: ANwmxdTuW-My0EUEbinS5qK1b_g.roa (raw, json)
Hash identifier: bvpwcAivBMm4tt7LLU3gbPbYZjtf8L5i5/KzoOcd71Y=
Subject key identifier: 00:DC:26:C5:D4:EE:5B:E3:32:D0:45:04:6E:29:D2:E6:A2:B5:6F:F8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183EA7FDF205D6F69E160D45B06DCC70F4E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ANwmxdTuW-My0EUEbinS5qK1b_g.roa
Signing time: Tue 18 Oct 2022 09:49:52 +0000
ROA not before: Tue 18 Oct 2022 09:49:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:7f:df:20:5d:6f:69:e1:60:d4:5b:06:dc:c7:0f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 18 09:49:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00dc26c5d4ee5be332d045046e29d2e6a2b56ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5c:c3:74:4f:6f:7c:1b:3b:74:02:3c:45:b8:
43:05:c1:a7:48:49:5a:7c:2b:3e:62:ff:74:c7:dc:
b0:41:3d:21:69:97:6a:cf:be:38:28:07:23:4e:c3:
ea:17:d0:14:5c:ed:2a:21:fa:4c:2d:65:5f:fc:42:
35:44:28:0e:90:22:0a:7d:82:4e:fe:fc:50:14:b0:
e2:fd:bd:b0:eb:a0:06:11:89:c1:24:46:4f:44:fb:
f8:7c:2a:dc:3b:fe:40:3b:38:02:3f:5c:b4:a2:18:
f5:69:f9:82:f3:cb:3e:26:8f:12:21:14:50:58:df:
d9:14:60:ce:6e:f2:15:d8:2e:61:ce:44:4a:e2:c1:
78:97:87:5b:06:7a:c6:2e:af:f9:d9:20:fd:44:22:
a7:9a:e4:e2:a0:ec:d3:7b:1d:cd:13:b6:f6:ba:96:
75:0b:48:73:9b:48:42:1b:44:6f:25:b4:7c:bc:2d:
da:5e:6f:41:ec:88:91:1f:76:58:80:4a:f8:0a:3c:
f7:e2:77:c1:09:35:a2:67:2c:fa:75:90:c4:98:85:
71:be:79:0a:ae:31:9e:c8:c6:11:79:4f:58:73:9c:
58:46:73:90:dd:5d:2e:4b:ac:91:3d:81:f5:c3:0e:
a2:5c:fa:30:37:12:53:e0:41:d0:b6:b0:41:d0:a5:
5d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DC:26:C5:D4:EE:5B:E3:32:D0:45:04:6E:29:D2:E6:A2:B5:6F:F8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ANwmxdTuW-My0EUEbinS5qK1b_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
193.124.90.0/24
193.124.133.0/24
194.87.199.0/24
194.87.252.0/24
194.135.23.0/24
195.133.193.0/24
212.192.5.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:e2:ee:08:fd:08:f7:69:9e:cb:54:35:71:db:43:3e:30:39:
f5:29:3a:09:00:f1:53:21:ed:5d:27:9c:f4:3e:d9:32:25:d6:
4e:32:ec:2e:3b:86:92:d2:7e:bb:48:42:e3:f7:52:e6:11:c8:
f8:49:3e:95:c3:94:01:3f:9b:c6:52:48:3a:91:86:dd:e6:61:
e0:f5:fc:d9:77:ea:62:c6:fd:35:9b:e0:c5:ec:ed:8d:dc:c0:
c3:7c:62:4d:8b:82:34:b8:74:a3:a7:8a:6b:0c:5b:d9:11:47:
b7:24:00:c2:e9:09:8b:0e:73:b6:67:66:31:10:8f:cc:f2:d3:
c1:05:16:4f:1a:ab:8e:4b:b4:f5:17:8b:3e:d8:ed:1c:01:82:
f7:92:bb:ac:c2:1a:de:dc:43:22:bb:e7:de:b0:af:d8:f1:29:
64:91:28:c8:70:a7:eb:1b:91:40:e2:fb:95:94:8f:6c:0e:1c:
c7:c5:0b:c1:7a:f1:2c:09:f5:a5:c4:93:2f:7b:6b:f5:99:c2:
25:be:bf:79:8e:3a:ff:ff:8b:2f:e1:79:b1:74:c3:41:99:df:
66:e1:c5:88:42:96:f7:a0:9c:cc:0c:05:39:39:44:50:d7:7f:
99:0e:5b:ca:2a:05:de:71:45:10:b2:a0:6f:10:65:78:5b:99:
76:ed:d0:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYPqf98gXW9p4WDUWwbcxw9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE4MDk0OTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRjMjZjNWQ0ZWU1YmUzMzJkMDQ1MDQ2ZTI5ZDJlNmEyYjU2ZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVzDdE9vfBs7dAI8RbhDBcGnSEla
fCs+Yv90x9ywQT0haZdqz744KAcjTsPqF9AUXO0qIfpMLWVf/EI1RCgOkCIKfYJO
/vxQFLDi/b2w66AGEYnBJEZPRPv4fCrcO/5AOzgCP1y0ohj1afmC88s+Jo8SIRRQ
WN/ZFGDObvIV2C5hzkRK4sF4l4dbBnrGLq/52SD9RCKnmuTioOzTex3NE7b2upZ1
C0hzm0hCG0RvJbR8vC3aXm9B7IiRH3ZYgEr4Cjz34nfBCTWiZyz6dZDEmIVxvnkK
rjGeyMYReU9Yc5xYRnOQ3V0uS6yRPYH1ww6iXPowNxJT4EHQtrBB0KVdEQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFADcJsXU7lvjMtBFBG4p0uaitW/4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQU53bXhkVHVXLU15MEVVRWJpblM1cUsxYl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwHy0AwQA
wXxaAwQAwXyFAwQAwlfHAwQAwlf8AwQAwocXAwQAw4XBAwQA1MAFAwQA1MECMA0G
CSqGSIb3DQEBCwUAA4IBAQBs4u4I/Qj3aZ7LVDVx20M+MDn1KToJAPFTIe1dJ5z0
PtkyJdZOMuwuO4aS0n67SELj91LmEcj4ST6Vw5QBP5vGUkg6kYbd5mHg9fzZd+pi
xv01m+DF7O2N3MDDfGJNi4I0uHSjp4prDFvZEUe3JADC6QmLDnO2Z2YxEI/M8tPB
BRZPGquOS7T1F4s+2O0cAYL3kruswhre3EMiu+fesK/Y8SlkkSjIcKfrG5FA4vuV
lI9sDhzHxQvBevEsCfWlxJMve2v1mcIlvr95jjr//4sv4XmxdMNBmd9m4cWIQpb3
oJzMDAU5OURQ13+ZDlvKKgXecUUQsqBvEGV4W5l27dAJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org