Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/B7icRQKw1LADqsSIzio8faLX9_w.roa
File: B7icRQKw1LADqsSIzio8faLX9_w.roa (raw, json)
Hash identifier: QMk5+0W5i0FtdvwAueZRc/3uBZZquDPEN0ieS+k8tn8=
Subject key identifier: 07:B8:9C:45:02:B0:D4:B0:03:AA:C4:88:CE:2A:3C:7D:A2:D7:F7:FC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184BE85A98C05BDD4BA526AF31982BBE3B9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/B7icRQKw1LADqsSIzio8faLX9_w.roa
Signing time: Mon 28 Nov 2022 13:55:41 +0000
ROA not before: Mon 28 Nov 2022 13:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 194.87.180.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:85:a9:8c:05:bd:d4:ba:52:6a:f3:19:82:bb:e3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 28 13:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07b89c4502b0d4b003aac488ce2a3c7da2d7f7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:32:3a:e1:30:69:e9:16:4d:fc:b6:95:9f:97:
b5:f9:57:44:51:8e:4a:8b:94:e5:a0:62:29:79:85:
0d:52:78:56:5c:5b:e6:51:9f:9b:6f:68:44:18:db:
01:f2:bc:72:ab:ea:17:3e:98:89:e8:ed:71:f7:44:
e5:47:13:ac:e2:0c:43:50:b0:5b:e7:49:18:87:ba:
71:6e:f2:32:60:b5:ef:34:5c:6d:44:c0:20:9a:87:
0e:35:04:fd:40:c7:dd:32:04:33:90:44:1f:ef:00:
17:04:d5:7d:a8:6b:b2:03:4f:07:40:24:94:82:73:
78:25:26:7c:1a:b5:f9:ce:10:f1:52:43:7b:77:6b:
a3:18:13:ce:b8:b3:26:3a:75:0f:b1:10:60:6c:47:
3f:b4:4d:fe:a5:cc:30:a5:62:de:3e:46:6f:77:9b:
4e:8a:15:f7:2c:77:8e:5b:cd:57:cd:52:c9:d3:92:
45:9a:cc:ab:ff:bc:b2:e2:42:8a:31:64:42:0d:97:
15:cc:1a:ba:ff:5b:27:e0:86:4e:30:60:4b:7c:45:
5b:93:cc:36:f2:e7:53:78:27:fc:7e:0d:79:ad:70:
0a:47:66:8f:be:1e:04:30:cd:83:b3:d7:69:99:2a:
8d:cd:75:66:d3:93:16:03:5f:8a:71:9a:8b:13:cc:
90:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B8:9C:45:02:B0:D4:B0:03:AA:C4:88:CE:2A:3C:7D:A2:D7:F7:FC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/B7icRQKw1LADqsSIzio8faLX9_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.180.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:35:2a:47:5b:80:27:ed:d6:d6:ce:53:a3:00:37:04:0a:2f:
37:f8:7d:9f:87:1b:58:2c:d2:90:3d:fe:eb:31:6c:ae:90:9a:
73:5e:63:aa:42:39:26:d0:5e:16:60:2e:18:18:f8:3a:97:69:
bd:76:a7:b3:57:f9:52:44:46:71:70:8e:8d:00:a3:0a:94:5e:
12:17:cd:12:2f:fa:b8:62:26:5a:25:99:06:75:1d:ba:79:b7:
eb:e4:f3:f0:7a:08:5e:62:1c:35:e8:ad:91:c7:1d:ef:87:b9:
33:b7:f2:96:db:ee:43:2f:33:a0:ab:d0:7b:50:92:e4:b2:95:
ac:61:6e:c2:79:50:e0:81:39:70:a7:ec:cb:58:d1:c1:c5:ee:
36:7c:2a:c8:a3:6d:76:1a:37:24:20:3b:63:2c:9b:b0:70:0f:
16:8d:fb:ab:5d:16:d4:e6:c3:9f:5c:e3:c4:f8:50:f5:6d:63:
fd:26:f0:c7:cb:00:31:72:39:07:ad:c5:a3:91:a8:e8:a2:dc:
b1:50:86:ec:42:ac:15:2a:7b:a5:ee:8e:3e:30:61:31:d5:6a:
9a:b1:12:44:d4:46:36:8a:6f:6c:b0:77:fa:51:ba:04:64:20:
7a:3a:71:d0:70:94:10:e3:b7:72:d4:67:ff:19:97:89:14:07:
69:cc:a0:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS+hamMBb3UulJq8xmCu+O5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTI4MTM1NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2I4OWM0NTAyYjBkNGIwMDNhYWM0ODhjZTJhM2M3ZGEyZDdmN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzI64TBp6RZN/LaVn5e1+VdEUY5K
i5TloGIpeYUNUnhWXFvmUZ+bb2hEGNsB8rxyq+oXPpiJ6O1x90TlRxOs4gxDULBb
50kYh7pxbvIyYLXvNFxtRMAgmocONQT9QMfdMgQzkEQf7wAXBNV9qGuyA08HQCSU
gnN4JSZ8GrX5zhDxUkN7d2ujGBPOuLMmOnUPsRBgbEc/tE3+pcwwpWLePkZvd5tO
ihX3LHeOW81XzVLJ05JFmsyr/7yy4kKKMWRCDZcVzBq6/1sn4IZOMGBLfEVbk8w2
8udTeCf8fg15rXAKR2aPvh4EMM2Ds9dpmSqNzXVm05MWA1+KcZqLE8yQ/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAe4nEUCsNSwA6rEiM4qPH2i1/f8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQjdpY1JRS3cxTEFEcXNTSXppbzhmYUxYOV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwle0MA0G
CSqGSIb3DQEBCwUAA4IBAQAvNSpHW4An7dbWzlOjADcECi83+H2fhxtYLNKQPf7r
MWyukJpzXmOqQjkm0F4WYC4YGPg6l2m9dqezV/lSREZxcI6NAKMKlF4SF80SL/q4
YiZaJZkGdR26ebfr5PPwegheYhw16K2Rxx3vh7kzt/KW2+5DLzOgq9B7UJLkspWs
YW7CeVDggTlwp+zLWNHBxe42fCrIo212GjckIDtjLJuwcA8WjfurXRbU5sOfXOPE
+FD1bWP9JvDHywAxcjkHrcWjkajootyxUIbsQqwVKnul7o4+MGEx1WqasRJE1EY2
im9ssHf6UboEZCB6OnHQcJQQ47dy1Gf/GZeJFAdpzKAQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org