Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Bh30obnJWlzWZjNKF09a5xPma7k.roa
File: Bh30obnJWlzWZjNKF09a5xPma7k.roa (raw, json)
Hash identifier: EgFhue4GGnjuv15os2SSVfC2SJmigp8eGw3zxho8JLE=
Subject key identifier: 06:1D:F4:A1:B9:C9:5A:5C:D6:66:33:4A:17:4F:5A:E7:13:E6:6B:B9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183CB0D675FEB4265BDCB2B8200E0DEBC7E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Bh30obnJWlzWZjNKF09a5xPma7k.roa
Signing time: Wed 12 Oct 2022 07:16:36 +0000
ROA not before: Wed 12 Oct 2022 07:16:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.124.226.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
193.124.49.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
212.192.16.0/21 maxlen: 24
195.58.56.0/21 maxlen: 24
194.87.192.0/22 maxlen: 22
212.193.4.0/22 maxlen: 24
212.193.8.0/22 maxlen: 24
194.87.124.0/22 maxlen: 24
194.87.120.0/22 maxlen: 24
194.87.41.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cb:0d:67:5f:eb:42:65:bd:cb:2b:82:00:e0:de:bc:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 12 07:16:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=061df4a1b9c95a5cd666334a174f5ae713e66bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ef:8f:a2:a7:c5:fe:b4:0f:79:d0:e1:51:e9:
79:90:3c:c2:36:0b:52:62:8f:62:8e:8a:4b:31:37:
b5:ac:c8:53:46:ff:75:29:36:5a:f8:a8:cf:3d:74:
51:7d:89:e0:dc:6e:7a:18:36:98:71:f3:4a:92:f9:
a4:71:8c:81:6b:1f:4c:41:72:40:72:6a:10:cb:9e:
c2:30:0a:5d:f2:79:38:7a:1a:3c:f9:34:4b:3c:ff:
38:61:0d:55:58:4c:b4:2e:d9:43:1b:63:38:65:7c:
e2:cd:ff:d2:ee:83:9e:c3:87:ea:4c:c1:06:0a:a3:
4b:7a:a2:05:07:b9:3b:51:d1:39:84:42:a1:6a:2b:
77:46:4f:40:cf:74:40:25:a6:c6:e9:65:2d:aa:5b:
55:2c:2a:b9:bd:5a:6c:ef:ad:cf:dd:44:2b:4c:88:
9d:5a:25:2f:21:9b:16:2b:98:56:3f:2d:72:00:9d:
f3:52:e6:01:e9:6a:8f:f0:e9:e4:6d:34:55:6a:1c:
4d:46:ea:91:bb:07:db:cb:4d:a8:3a:a3:89:b5:42:
bf:0c:80:ba:b7:9e:7c:24:17:b5:56:f8:64:28:c4:
a8:ee:e7:f4:e6:b7:09:b7:69:06:b5:e0:bf:ed:44:
08:99:42:d0:a0:d4:16:6c:03:17:20:42:92:7a:ec:
ca:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1D:F4:A1:B9:C9:5A:5C:D6:66:33:4A:17:4F:5A:E7:13:E6:6B:B9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Bh30obnJWlzWZjNKF09a5xPma7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
193.124.224.0-193.124.226.255
194.87.41.0/24
194.87.61.0/24
194.87.120.0/21
194.87.192.0/22
194.135.46.0/24
195.58.56.0/21
195.133.22.0/24
212.192.16.0/21
212.193.4.0-212.193.11.255
Signature Algorithm: sha256WithRSAEncryption
38:e2:96:d9:1e:15:1b:9c:cb:05:65:4c:f2:79:75:14:6f:cf:
00:29:e2:b5:aa:ca:a0:11:26:00:83:46:ad:67:71:ee:cf:43:
24:58:f5:ec:14:6f:50:47:f2:cf:57:10:8a:9d:2d:ba:f3:db:
6a:db:32:54:e9:d8:66:79:19:99:ad:ac:36:94:3e:5c:8f:0f:
80:fd:ac:73:11:07:86:67:ae:e7:cc:31:63:22:a6:ae:e4:a8:
10:7b:0e:59:d4:91:35:21:12:73:53:72:41:e2:ba:94:2e:54:
ea:ea:2a:95:6b:f0:2f:e2:93:d1:27:ce:0a:04:10:26:56:96:
d4:b0:03:f4:5f:cd:13:ff:f8:ad:a2:24:99:eb:22:1f:cc:ea:
4a:ac:68:b6:ff:58:e8:ca:18:2a:78:e6:bc:ab:89:6e:fe:e1:
c1:1c:52:c0:11:60:72:13:f8:2e:58:aa:59:ba:40:29:da:bc:
5e:4e:2d:4c:82:72:61:45:df:ad:f4:68:9e:49:a2:26:d4:c2:
5c:d8:f2:d7:4c:8d:9e:4e:fb:bd:70:bb:75:ff:b0:df:45:38:
d0:7f:99:b7:22:71:45:52:b9:54:3e:f3:21:35:26:5b:f7:1e:
a1:51:38:ca:4c:14:2a:f7:f2:4e:b0:e3:62:cf:94:8e:6b:56:
5d:14:84:ab
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYPLDWdf60JlvcsrggDg3rx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEyMDcxNjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjFkZjRhMWI5Yzk1YTVjZDY2NjMzNGExNzRmNWFlNzEzZTY2YmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe+PoqfF/rQPedDhUel5kDzCNgtS
Yo9ijopLMTe1rMhTRv91KTZa+KjPPXRRfYng3G56GDaYcfNKkvmkcYyBax9MQXJA
cmoQy57CMApd8nk4eho8+TRLPP84YQ1VWEy0LtlDG2M4ZXzizf/S7oOew4fqTMEG
CqNLeqIFB7k7UdE5hEKhait3Rk9Az3RAJabG6WUtqltVLCq5vVps763P3UQrTIid
WiUvIZsWK5hWPy1yAJ3zUuYB6WqP8OnkbTRVahxNRuqRuwfby02oOqOJtUK/DIC6
t558JBe1VvhkKMSo7uf05rcJt2kGteC/7UQImULQoNQWbAMXIEKSeuzKFwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAYd9KG5yVpc1mYzShdPWucT5mu5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQmgzMG9ibkpXbHpXWmpOS0YwOWE1eFBtYTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAwXwxMAwD
BAXBfOADBADBfOIDBADCVykDBADCVz0DBAPCV3gDBALCV8ADBADChy4DBAPDOjgD
BADDhRYDBAPUwBAwDAMEAtTBBAMEAtTBCDANBgkqhkiG9w0BAQsFAAOCAQEAOOKW
2R4VG5zLBWVM8nl1FG/PACnitarKoBEmAINGrWdx7s9DJFj17BRvUEfyz1cQip0t
uvPbatsyVOnYZnkZma2sNpQ+XI8PgP2scxEHhmeu58wxYyKmruSoEHsOWdSRNSES
c1NyQeK6lC5U6uoqlWvwL+KT0SfOCgQQJlaW1LAD9F/NE//4raIkmesiH8zqSqxo
tv9Y6MoYKnjmvKuJbv7hwRxSwBFgchP4LliqWbpAKdq8Xk4tTIJyYUXfrfRonkmi
JtTCXNjy10yNnk77vXC7df+w30U40H+ZtyJxRVK5VD7zITUmW/ceoVE4ykwUKvfy
TrDjYs+UjmtWXRSEqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:58 2023 by rpki-client on console-fra.rpki-client.org