Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DBkeW3byHMm2jpB2gJfIpbF-NbQ.roa
File: DBkeW3byHMm2jpB2gJfIpbF-NbQ.roa (raw, json)
Hash identifier: BjsfNxX4PVhEE+CNI0xjqGdFrG25xDK7HeHn4N7gvis=
Subject key identifier: 0C:19:1E:5B:76:F2:1C:C9:B6:8E:90:76:80:97:C8:A5:B1:7E:35:B4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182B4F6979CFE2E685C97E3484AB112A75A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DBkeW3byHMm2jpB2gJfIpbF-NbQ.roa
Signing time: Fri 19 Aug 2022 07:17:15 +0000
ROA not before: Fri 19 Aug 2022 07:17:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 193.124.133.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b4:f6:97:9c:fe:2e:68:5c:97:e3:48:4a:b1:12:a7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 19 07:17:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c191e5b76f21cc9b68e90768097c8a5b17e35b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:71:0a:23:d0:2d:06:1d:f4:be:83:36:3f:fe:
34:37:90:a0:b8:70:2d:19:3b:4b:e9:ef:d1:71:d4:
10:c6:8b:5e:56:ae:97:f2:64:cd:da:86:3f:ee:f0:
14:fc:9c:b2:ce:42:c0:53:04:12:02:59:68:f9:db:
bd:c1:40:6b:9c:ed:60:18:94:f6:9c:15:db:46:69:
be:04:b8:2e:96:12:53:fc:e0:1e:0c:0d:ae:9f:be:
71:31:c7:b5:fc:91:f4:44:48:c6:62:66:90:0b:cc:
37:84:35:7f:af:75:19:0c:57:f5:2c:c8:1d:7a:6c:
39:b6:6f:64:df:69:ca:1d:44:2e:4a:d4:35:d3:80:
a3:67:d2:1c:aa:af:8e:ae:01:91:9f:20:ed:27:4f:
77:8f:20:29:c4:e6:9a:e6:65:20:da:fe:0d:d6:8f:
ed:0d:4b:c6:cc:fb:72:23:91:f9:1a:42:fe:1a:f0:
83:90:d1:c3:3e:af:5d:de:2d:8b:70:92:9b:b1:c3:
3e:e0:4e:78:41:9a:ac:3e:71:42:84:dc:82:86:1b:
6b:7e:28:8d:bc:d5:c2:79:11:c7:13:23:84:bc:24:
75:cd:3b:b8:3a:57:3c:8f:52:82:74:53:25:d0:3e:
72:9a:48:c7:a2:27:cc:b7:b6:13:6c:12:ba:77:35:
20:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:19:1E:5B:76:F2:1C:C9:B6:8E:90:76:80:97:C8:A5:B1:7E:35:B4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DBkeW3byHMm2jpB2gJfIpbF-NbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.133.0/24
194.135.23.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:8a:ba:7b:e8:e2:9d:9e:62:0b:2f:22:a5:bd:71:7a:3a:a9:
4c:55:6d:b5:2b:10:c4:65:8e:50:30:de:86:df:63:ad:dd:39:
d3:af:9f:c6:34:ed:2b:3a:ff:fa:df:f2:b8:7d:d8:b1:da:43:
6a:38:b7:fa:eb:46:b8:8f:ff:f8:98:c6:e7:95:ff:3e:a6:6c:
b4:f6:d6:a9:19:66:51:cb:7b:f5:79:db:81:40:58:3a:c9:28:
7a:ff:88:66:91:69:e9:b8:55:c2:02:0c:94:53:8a:26:b2:11:
08:19:0b:81:98:bf:1a:09:96:46:3d:0a:f5:ef:d3:fe:92:a7:
6f:4b:47:07:b5:93:53:4e:9b:b8:39:8b:b6:19:2d:77:34:67:
04:dc:ab:27:47:7e:7c:5b:67:38:47:a0:e8:48:e2:c3:ac:6b:
ee:13:73:02:ab:25:b3:83:eb:d8:be:2d:88:25:09:45:c0:19:
27:4d:09:88:b3:8e:f9:68:d9:b6:66:db:e0:8e:af:ff:83:57:
e2:a6:40:78:01:ec:d5:36:be:b3:25:d1:9e:1e:cb:79:0b:13:
49:c0:01:54:00:08:ed:7f:c4:2b:0d:0a:f9:95:b3:56:3f:71:
7f:67:23:89:0c:ee:b9:2a:09:e1:15:9e:d0:ef:4c:84:48:a0:
3a:f4:8f:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYK09pec/i5oXJfjSEqxEqdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODE5MDcxNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE5MWU1Yjc2ZjIxY2M5YjY4ZTkwNzY4MDk3YzhhNWIxN2UzNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnEKI9AtBh30voM2P/40N5CguHAt
GTtL6e/RcdQQxoteVq6X8mTN2oY/7vAU/JyyzkLAUwQSAllo+du9wUBrnO1gGJT2
nBXbRmm+BLgulhJT/OAeDA2un75xMce1/JH0REjGYmaQC8w3hDV/r3UZDFf1LMgd
emw5tm9k32nKHUQuStQ104CjZ9Icqq+OrgGRnyDtJ093jyApxOaa5mUg2v4N1o/t
DUvGzPtyI5H5GkL+GvCDkNHDPq9d3i2LcJKbscM+4E54QZqsPnFChNyChhtrfiiN
vNXCeRHHEyOEvCR1zTu4Olc8j1KCdFMl0D5ymkjHoifMt7YTbBK6dzUg+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAwZHlt28hzJto6QdoCXyKWxfjW0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvREJrZVczYnlITW0yanBCMmdKZklwYkYtTmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXyFAwQA
wocXAwQA1MECMA0GCSqGSIb3DQEBCwUAA4IBAQALirp76OKdnmILLyKlvXF6OqlM
VW21KxDEZY5QMN6G32Ot3TnTr5/GNO0rOv/63/K4fdix2kNqOLf660a4j//4mMbn
lf8+pmy09tapGWZRy3v1eduBQFg6ySh6/4hmkWnpuFXCAgyUU4omshEIGQuBmL8a
CZZGPQr179P+kqdvS0cHtZNTTpu4OYu2GS13NGcE3KsnR358W2c4R6DoSOLDrGvu
E3MCqyWzg+vYvi2IJQlFwBknTQmIs475aNm2Ztvgjq//g1fipkB4AezVNr6zJdGe
Hst5CxNJwAFUAAjtf8QrDQr5lbNWP3F/ZyOJDO65KgnhFZ7Q70yESKA69I8c
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:58 2023 by rpki-client on console-fra.rpki-client.org