Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AxaqfYQw9bvy7EwFHXGe9yKWMgA.roa
File: AxaqfYQw9bvy7EwFHXGe9yKWMgA.roa (raw, json)
Hash identifier: lf+tqG+rweSSN55D3hLEcOpPA0dcgkvTzhL4RBLJ7P4=
Subject key identifier: 03:16:AA:7D:84:30:F5:BB:F2:EC:4C:05:1D:71:9E:F7:22:96:32:00
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E1F59F2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AxaqfYQw9bvy7EwFHXGe9yKWMgA.roa
Signing time: Sat 01 Jan 2022 01:58:19 +0000
ROA not before: Sat 01 Jan 2022 01:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206316
IP address blocks: 195.133.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236935666 (0xe1f59f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0316aa7d8430f5bbf2ec4c051d719ef722963200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b6:7d:cb:91:2b:7d:37:33:b2:17:44:93:e1:
94:0a:8e:1d:57:9d:83:83:dd:a3:77:5c:b7:30:08:
b3:aa:3e:97:e6:dc:80:02:c6:de:5a:d1:7e:a3:6b:
82:53:9e:2b:9d:89:51:a4:60:b1:a2:6c:d9:26:ab:
3b:c7:81:df:23:4b:a7:da:cd:bf:91:4c:1f:98:de:
6f:57:e3:d9:c4:6c:46:11:f0:4f:bc:36:04:42:ae:
e9:82:bb:00:0c:7a:07:e5:4f:63:2e:dc:e3:04:d0:
64:be:56:e1:c7:79:85:d8:7a:9d:08:c4:bc:57:08:
45:7d:2a:bc:37:78:4b:dd:6f:a1:ad:82:a0:82:b3:
70:ba:a7:f4:43:01:48:c4:7f:5b:6b:a4:1f:3a:51:
d0:54:93:3f:4c:d0:bd:41:56:7d:a0:d3:6d:c1:74:
41:c4:10:aa:4e:05:a2:2e:00:9e:0d:4b:d3:93:03:
b6:1a:bd:ce:65:2e:85:f4:a1:56:06:65:ba:f1:da:
f9:93:6e:26:22:c6:27:70:df:c1:82:3a:af:41:80:
4d:fe:6f:a9:cf:65:14:76:69:9c:ae:db:70:7d:4c:
74:7f:0c:a3:2a:d5:67:e4:0a:f1:33:44:e7:df:54:
5b:f4:10:d3:db:f6:28:74:b9:cf:68:4c:d2:b7:e9:
17:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:16:AA:7D:84:30:F5:BB:F2:EC:4C:05:1D:71:9E:F7:22:96:32:00
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AxaqfYQw9bvy7EwFHXGe9yKWMgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.12.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:1a:5a:d0:e1:e4:16:19:d9:54:ca:c3:20:35:16:b2:6e:30:
c9:d6:7a:3f:e7:cd:49:4c:4c:78:7b:39:cf:25:0d:7b:d3:0a:
7d:da:f5:4c:d3:90:97:69:dd:c9:cb:4c:2c:f6:5f:c4:30:99:
dc:9a:4c:ce:b5:ad:4a:7a:19:89:84:51:9e:83:8d:5f:ed:cc:
65:ff:42:a2:b6:af:ac:43:9c:ef:17:e8:91:33:c0:53:6c:b6:
bb:45:cd:07:31:a6:4c:28:9b:35:7c:53:05:f8:09:56:f8:dc:
a9:45:48:05:f5:4f:64:0c:0b:09:dd:0d:0e:c6:4e:86:5b:4a:
c3:f1:9b:8e:93:51:66:ea:b2:31:0a:9e:d4:23:e0:2f:28:ee:
bf:a9:58:84:bf:a0:35:f6:8a:7b:75:50:72:1d:19:c8:fa:3d:
eb:97:82:3b:69:e4:b2:e9:b9:3c:c9:48:fe:57:98:3e:cb:81:
12:dd:54:10:07:77:02:f1:90:9e:35:e5:5b:0f:bb:1e:e0:f3:
43:00:f5:0a:b2:74:58:cc:fa:62:1a:5c:64:7e:03:1c:aa:2e:
8d:98:91:4f:13:c6:4e:cf:0d:1f:33:e5:ff:55:81:19:f4:1a:
d5:06:b5:86:1f:36:5f:9f:a9:e8:ba:fa:d4:27:86:7a:22:23:
15:f0:5b:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDh9Z8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDMxNmFhN2Q4NDMw
ZjViYmYyZWM0YzA1MWQ3MTllZjcyMjk2MzIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM62fcuRK303M7IXRJPhlAqOHVedg4Pdo3dctzAIs6o+l+bc
gALG3lrRfqNrglOeK52JUaRgsaJs2SarO8eB3yNLp9rNv5FMH5jeb1fj2cRsRhHw
T7w2BEKu6YK7AAx6B+VPYy7c4wTQZL5W4cd5hdh6nQjEvFcIRX0qvDd4S91voa2C
oIKzcLqn9EMBSMR/W2ukHzpR0FSTP0zQvUFWfaDTbcF0QcQQqk4Foi4Ang1L05MD
thq9zmUuhfShVgZluvHa+ZNuJiLGJ3DfwYI6r0GATf5vqc9lFHZpnK7bcH1MdH8M
oyrVZ+QK8TNE599UW/QQ09v2KHS5z2hM0rfpF/ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQDFqp9hDD1u/LsTAUdcZ73IpYyADAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L0F4YXFmWVF3OWJ2eTdFd0ZIWEdlOXlLV01nQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsOFDDANBgkqhkiG9w0BAQsFAAOC
AQEAHBpa0OHkFhnZVMrDIDUWsm4wydZ6P+fNSUxMeHs5zyUNe9MKfdr1TNOQl2nd
yctMLPZfxDCZ3JpMzrWtSnoZiYRRnoONX+3MZf9CoravrEOc7xfokTPAU2y2u0XN
BzGmTCibNXxTBfgJVvjcqUVIBfVPZAwLCd0NDsZOhltKw/GbjpNRZuqyMQqe1CPg
Lyjuv6lYhL+gNfaKe3VQch0ZyPo965eCO2nksum5PMlI/leYPsuBEt1UEAd3AvGQ
njXlWw+7HuDzQwD1CrJ0WMz6YhpcZH4DHKoujZiRTxPGTs8NHzPl/1WBGfQa1Qa1
hh82X5+p6Lr61CeGeiIjFfBbQQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org