Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DXJJjF2dPmu6kor5D3ljlQsycfA.roa
File: DXJJjF2dPmu6kor5D3ljlQsycfA.roa (raw, json)
Hash identifier: gz7wRDppeWFJMHV5ZTWsuaUHRxgImWze1dfxTS4u+P4=
Subject key identifier: 0D:72:49:8C:5D:9D:3E:6B:BA:92:8A:F9:0F:79:63:95:0B:32:71:F0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852F9EB9BD598DF360CE816421CABBE838
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DXJJjF2dPmu6kor5D3ljlQsycfA.roa
Signing time: Tue 20 Dec 2022 13:00:09 +0000
ROA not before: Tue 20 Dec 2022 13:00:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211373
IP address blocks: 193.108.112.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:9e:b9:bd:59:8d:f3:60:ce:81:64:21:ca:bb:e8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 13:00:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d72498c5d9d3e6bba928af90f7963950b3271f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e4:ab:0b:15:fb:06:81:fd:52:d2:92:9b:1f:
c9:d9:dd:39:ae:61:80:09:e0:62:a2:3b:1d:35:40:
31:e3:91:0c:bb:80:62:05:74:a3:a7:e1:54:4f:79:
de:23:a7:79:04:c4:6b:5a:fc:46:ab:ec:b4:28:f2:
fe:7d:68:13:e2:bf:87:72:a8:ae:96:0b:03:ef:03:
2f:5b:d3:0d:89:83:9d:74:f0:b4:0d:cd:93:7d:10:
6a:a5:fe:03:bd:70:4b:67:a0:02:8d:f6:78:89:04:
8f:02:39:b4:31:fd:49:8e:61:53:29:b3:91:48:2f:
57:e8:f8:c7:1e:b8:63:0c:e7:c4:5d:5f:dd:cb:01:
d7:6f:f6:96:a4:28:fb:17:d4:35:e4:b9:0a:8b:36:
71:49:a2:fc:42:14:7f:a3:31:7c:68:ab:79:78:85:
15:6b:00:50:4d:cd:d7:d0:5a:4d:b5:a9:68:11:38:
6e:c9:b8:1b:35:d3:87:4a:55:ce:7b:5f:42:f6:4f:
3b:93:40:64:80:3a:85:47:fa:03:09:4c:36:8b:85:
73:3e:58:c2:e4:72:5d:42:be:1c:86:15:7b:6e:7f:
60:b2:d3:22:40:a4:a9:46:16:ea:7c:28:64:d5:f9:
9c:74:f7:ce:c9:95:19:f2:5a:d1:e0:3e:1b:5e:0e:
3f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:72:49:8C:5D:9D:3E:6B:BA:92:8A:F9:0F:79:63:95:0B:32:71:F0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DXJJjF2dPmu6kor5D3ljlQsycfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.209.0/24
193.108.112.0/24
194.58.60.0/24
212.192.6.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b6:92:4e:99:b4:98:ee:d5:5a:df:d8:9d:36:4c:a0:99:81:
f6:12:c7:21:25:38:14:62:73:ef:17:47:bd:74:b6:e6:a0:bb:
85:21:10:8b:39:b9:27:a4:eb:49:3a:0c:b9:e2:ed:fc:b8:a2:
07:b5:1d:28:3a:5b:56:3b:06:ca:ae:63:39:87:2a:0c:86:fb:
bf:d4:d6:bc:43:7b:ba:3e:31:9d:01:ba:8e:4c:1a:cf:65:3c:
31:fd:20:a6:66:c8:fa:2c:de:a6:fc:79:40:cf:22:dd:ad:20:
a4:3c:1a:9b:82:96:7d:08:6e:f0:68:5d:d2:9b:33:05:81:1e:
ca:7b:e3:44:f6:37:63:af:4f:74:9b:a9:72:4a:f7:58:3f:46:
b9:b4:f4:31:48:4f:26:8e:06:dd:7f:1f:d8:ae:1c:be:12:db:
92:ef:99:3e:8f:ef:16:79:de:6e:ce:7c:fa:55:d8:90:c2:0f:
b7:04:7a:7a:79:63:8f:f1:90:e9:31:29:29:a5:54:f8:84:77:
f7:ea:98:45:15:a5:61:89:4c:f6:bc:7d:64:2e:46:e1:3a:cb:
1c:2c:04:43:80:9c:97:d0:49:5e:48:7b:8f:b3:11:af:11:ea:
3e:42:65:14:2d:18:97:c9:4e:c7:46:95:43:31:4f:00:24:0c:
f5:ed:d2:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUvnrm9WY3zYM6BZCHKu+g4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMTMwMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDcyNDk4YzVkOWQzZTZiYmE5MjhhZjkwZjc5NjM5NTBiMzI3MWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOSrCxX7BoH9UtKSmx/J2d05rmGA
CeBiojsdNUAx45EMu4BiBXSjp+FUT3neI6d5BMRrWvxGq+y0KPL+fWgT4r+Hcqiu
lgsD7wMvW9MNiYOddPC0Dc2TfRBqpf4DvXBLZ6ACjfZ4iQSPAjm0Mf1JjmFTKbOR
SC9X6PjHHrhjDOfEXV/dywHXb/aWpCj7F9Q15LkKizZxSaL8QhR/ozF8aKt5eIUV
awBQTc3X0FpNtaloEThuybgbNdOHSlXOe19C9k87k0BkgDqFR/oDCUw2i4VzPljC
5HJdQr4chhV7bn9gstMiQKSpRhbqfChk1fmcdPfOyZUZ8lrR4D4bXg4/9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA1ySYxdnT5rupKK+Q95Y5ULMnHwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRFhKSmpGMmRQbXU2a29yNUQzbGpsUXN5Y2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHzRAwQA
wWxwAwQAwjo8AwQA1MAGMA0GCSqGSIb3DQEBCwUAA4IBAQAptpJOmbSY7tVa39id
NkygmYH2EschJTgUYnPvF0e9dLbmoLuFIRCLObknpOtJOgy54u38uKIHtR0oOltW
OwbKrmM5hyoMhvu/1Na8Q3u6PjGdAbqOTBrPZTwx/SCmZsj6LN6m/HlAzyLdrSCk
PBqbgpZ9CG7waF3SmzMFgR7Ke+NE9jdjr090m6lySvdYP0a5tPQxSE8mjgbdfx/Y
rhy+EtuS75k+j+8Wed5uznz6VdiQwg+3BHp6eWOP8ZDpMSkppVT4hHf36phFFaVh
iUz2vH1kLkbhOsscLARDgJyX0EleSHuPsxGvEeo+QmUULRiXyU7HRpVDMU8AJAz1
7dIE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org