Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EkwAx71VBO_M6o8TQSn19SnUVFk.roa
File: EkwAx71VBO_M6o8TQSn19SnUVFk.roa (raw, json)
Hash identifier: ldsxm5umYjU9N43qAUnLin8lbGp0iFT4FYjMZ44SXZk=
Subject key identifier: 12:4C:00:C7:BD:55:04:EF:CC:EA:8F:13:41:29:F5:F5:29:D4:54:59
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182B4FD0047E95368E4EB86A4FC49C39178
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EkwAx71VBO_M6o8TQSn19SnUVFk.roa
Signing time: Fri 19 Aug 2022 07:24:15 +0000
ROA not before: Fri 19 Aug 2022 07:24:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 194.87.7.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b4:fd:00:47:e9:53:68:e4:eb:86:a4:fc:49:c3:91:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 19 07:24:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=124c00c7bd5504efccea8f134129f5f529d45459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ba:a2:59:a4:9a:07:2e:37:05:73:6f:e7:83:
a4:0a:f0:ae:86:3f:03:9a:b0:e7:ad:3a:6a:27:b4:
a9:7d:58:f2:cf:c7:69:df:ef:2d:82:ed:23:14:e5:
1f:a0:02:3c:94:10:18:7c:90:dd:5c:c7:40:9f:08:
40:4a:c0:32:bb:8c:9d:e2:ef:ea:04:5a:d8:91:de:
35:a5:c3:c7:29:10:70:87:8d:19:ff:f8:e3:dd:8e:
2a:d6:b6:78:aa:c7:03:55:ad:02:b6:2b:a7:10:e9:
4c:27:36:1e:e9:4d:b3:c7:81:f4:c8:c3:c8:13:f8:
aa:33:f4:b8:cc:2d:02:b3:36:23:a1:57:c6:76:a2:
04:c1:46:6b:6e:a4:f5:5b:6a:e7:67:90:77:e6:79:
21:f8:a6:45:58:c0:93:12:24:bf:93:ae:85:eb:2e:
41:4c:b1:32:1e:ca:49:f0:0c:3d:45:7d:3c:57:c3:
21:b4:d0:72:61:82:00:68:1a:9a:0d:4b:06:c6:b3:
08:0f:0d:7b:f3:7c:5e:e7:f9:84:ec:63:d2:e7:b2:
5c:42:00:16:e9:ab:67:26:f3:e0:7c:79:53:f2:8a:
ac:5c:04:0e:96:6d:d7:c9:2d:c5:42:5e:03:bd:b9:
58:c3:02:8b:81:e3:0f:76:67:c8:01:3b:bc:ce:a2:
2b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4C:00:C7:BD:55:04:EF:CC:EA:8F:13:41:29:F5:F5:29:D4:54:59
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EkwAx71VBO_M6o8TQSn19SnUVFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.7.0/24
194.87.16.0/24
194.87.117.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:00:78:c8:03:40:d1:53:bc:e8:03:ad:75:56:71:52:42:e8:
47:ae:60:13:44:18:48:c1:74:4b:24:1f:84:74:ae:68:33:fe:
af:98:f1:16:ba:a5:fc:9a:b5:e5:c3:42:c2:a9:84:9b:72:43:
67:bc:77:3a:b0:e4:19:2c:e4:1f:88:0a:8d:09:a1:56:2f:c4:
c7:ad:29:12:78:5d:74:ea:63:50:8e:22:f8:53:25:f0:e1:cb:
8c:60:d7:0d:ee:85:8b:82:58:f7:91:b2:3e:48:e9:75:07:88:
df:8c:6c:a5:00:e0:0c:14:ee:1b:69:75:37:2a:a5:f6:54:73:
e1:99:57:a8:df:28:61:74:c4:7c:2e:dc:4f:04:29:db:f5:25:
73:4d:cf:58:08:4e:1c:74:02:5f:a5:a2:19:81:40:cf:42:72:
6f:f2:20:33:fd:66:fb:cc:54:6e:88:71:fb:3a:27:af:67:f1:
1f:f3:1f:c0:d4:98:f1:4b:19:4d:ec:21:bc:2a:49:b1:4a:59:
12:4f:c7:c3:28:16:27:03:3e:17:0b:a4:8c:ab:18:2c:c7:9a:
3a:3b:e5:90:2b:d9:16:a0:80:bf:83:7e:db:59:c3:4b:23:40:
a8:cd:34:4c:ac:39:59:dc:e3:6d:89:20:16:6d:af:d4:89:2d:
90:62:50:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYK0/QBH6VNo5OuGpPxJw5F4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODE5MDcyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjRjMDBjN2JkNTUwNGVmY2NlYThmMTM0MTI5ZjVmNTI5ZDQ1NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7qiWaSaBy43BXNv54OkCvCuhj8D
mrDnrTpqJ7SpfVjyz8dp3+8tgu0jFOUfoAI8lBAYfJDdXMdAnwhASsAyu4yd4u/q
BFrYkd41pcPHKRBwh40Z//jj3Y4q1rZ4qscDVa0CtiunEOlMJzYe6U2zx4H0yMPI
E/iqM/S4zC0CszYjoVfGdqIEwUZrbqT1W2rnZ5B35nkh+KZFWMCTEiS/k66F6y5B
TLEyHspJ8Aw9RX08V8MhtNByYYIAaBqaDUsGxrMIDw1783xe5/mE7GPS57JcQgAW
6atnJvPgfHlT8oqsXAQOlm3XyS3FQl4DvblYwwKLgeMPdmfIATu8zqIriQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBJMAMe9VQTvzOqPE0Ep9fUp1FRZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRWt3QXg3MVZCT19NNm84VFFTbjE5U25VVkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcHAwQA
wlcQAwQAwld1MA0GCSqGSIb3DQEBCwUAA4IBAQA+AHjIA0DRU7zoA611VnFSQuhH
rmATRBhIwXRLJB+EdK5oM/6vmPEWuqX8mrXlw0LCqYSbckNnvHc6sOQZLOQfiAqN
CaFWL8THrSkSeF106mNQjiL4UyXw4cuMYNcN7oWLglj3kbI+SOl1B4jfjGylAOAM
FO4baXU3KqX2VHPhmVeo3yhhdMR8LtxPBCnb9SVzTc9YCE4cdAJfpaIZgUDPQnJv
8iAz/Wb7zFRuiHH7OievZ/Ef8x/A1JjxSxlN7CG8KkmxSlkST8fDKBYnAz4XC6SM
qxgsx5o6O+WQK9kWoIC/g37bWcNLI0CozTRMrDlZ3ONtiSAWba/UiS2QYlDl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:59 2023 by rpki-client on console-fra.rpki-client.org