Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F05DFFpw7Gg-7QktsBMsWnsKxic.roa
File: F05DFFpw7Gg-7QktsBMsWnsKxic.roa (raw, json)
Hash identifier: fvGnPYwrv+EGq8ZZYPPD82fr9+cZtbCiE8F/GQehh3Q=
Subject key identifier: 17:4E:43:14:5A:70:EC:68:3E:ED:09:2D:B0:13:2C:5A:7B:0A:C6:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 10680E43
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F05DFFpw7Gg-7QktsBMsWnsKxic.roa
Signing time: Fri 17 Jun 2022 12:37:45 +0000
ROA not before: Fri 17 Jun 2022 12:37:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.135.23.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 275254851 (0x10680e43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 17 12:37:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=174e43145a70ec683eed092db0132c5a7b0ac627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5f:65:0b:b7:64:11:8b:94:15:76:32:d9:17:
6e:b2:4d:7c:3a:96:70:88:84:64:4d:51:91:0d:35:
b2:b4:f4:74:95:c9:80:b3:9a:a3:28:c7:ee:d6:b9:
e1:51:86:73:59:e2:88:53:17:1b:2f:16:42:d7:b1:
5f:f4:17:37:4e:4c:8d:50:fa:84:e3:64:ee:64:bd:
a1:84:c2:90:6c:54:20:e5:94:8f:2b:c7:59:02:45:
4f:e5:36:ff:03:58:84:67:2a:5d:6f:9d:8f:45:f9:
1f:10:82:65:de:1c:53:ac:bd:55:50:45:7e:7e:33:
ea:65:ea:85:90:6a:8c:9c:4e:57:d6:8c:2c:91:7d:
a1:2f:eb:bc:ae:48:da:d5:62:22:28:c2:27:c9:e7:
79:05:49:03:70:dd:dd:86:e0:fa:bd:b4:e3:89:fb:
65:a0:04:44:bb:58:83:66:8b:31:5e:2a:89:68:3c:
71:4c:ad:86:61:ad:f7:67:eb:4a:a3:7a:bd:aa:3b:
2b:10:ea:08:cb:c6:cb:42:bb:51:fa:73:3a:b7:3c:
c9:e8:d9:a9:62:81:e6:5f:e3:d5:92:13:41:bf:96:
b7:5b:af:e0:10:05:98:64:d8:82:d7:4c:b5:25:e5:
0e:98:8c:ab:03:3a:75:58:f7:5e:bb:b9:e5:61:55:
9b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4E:43:14:5A:70:EC:68:3E:ED:09:2D:B0:13:2C:5A:7B:0A:C6:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F05DFFpw7Gg-7QktsBMsWnsKxic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.23.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:7a:ee:63:2d:e2:48:5a:66:c9:26:52:d8:8f:bc:43:dd:51:
31:b2:6d:19:8e:5f:92:14:bd:4e:dc:07:0b:38:20:d1:cc:06:
67:ff:e2:b7:c3:48:f2:58:35:ae:9e:8b:a6:1a:f8:74:a9:10:
64:1c:da:57:d7:79:e0:67:24:c8:9b:39:69:00:bb:31:08:5a:
95:b0:98:17:4c:64:c2:0e:75:61:2f:87:3d:04:12:d8:99:6f:
ed:58:90:22:83:1c:e3:9d:a7:4d:8b:f6:80:cb:d7:69:fa:d5:
b0:83:2c:24:9b:10:56:40:a3:15:59:d2:99:aa:69:f6:33:c5:
99:9f:a6:7d:b1:a6:47:82:1b:b8:d5:7a:80:1d:25:80:fb:85:
42:bc:a6:3a:59:37:19:91:3f:9c:5a:b2:bc:09:57:56:6a:a2:
12:81:41:38:56:4b:16:3c:f1:a3:03:80:24:2a:2e:53:39:0f:
d9:19:fb:bf:6d:bf:63:34:7a:a2:f0:7c:31:02:d7:f8:33:a6:
c2:31:5d:fa:d3:08:19:1b:8b:af:3f:cb:29:b9:ce:b7:ba:33:
68:8d:54:dc:57:8d:0e:a2:fe:05:21:46:81:fe:5b:4a:5c:07:
51:71:19:ec:cd:9d:fe:df:ed:8e:f5:fb:6a:5f:99:6f:fc:7c:
e8:dd:e8:4e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEGgOQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDYx
NzEyMzc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTc0ZTQzMTQ1YTcw
ZWM2ODNlZWQwOTJkYjAxMzJjNWE3YjBhYzYyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJfZQu3ZBGLlBV2MtkXbrJNfDqWcIiEZE1RkQ01srT0dJXJ
gLOaoyjH7ta54VGGc1niiFMXGy8WQtexX/QXN05MjVD6hONk7mS9oYTCkGxUIOWU
jyvHWQJFT+U2/wNYhGcqXW+dj0X5HxCCZd4cU6y9VVBFfn4z6mXqhZBqjJxOV9aM
LJF9oS/rvK5I2tViIijCJ8nneQVJA3Dd3Ybg+r2044n7ZaAERLtYg2aLMV4qiWg8
cUythmGt92frSqN6vao7KxDqCMvGy0K7UfpzOrc8yejZqWKB5l/j1ZITQb+Wt1uv
4BAFmGTYgtdMtSXlDpiMqwM6dVj3Xru55WFVmwsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQXTkMUWnDsaD7tCS2wEyxaewrGJzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L0YwNURGRnB3N0dnLTdRa3RzQk1zV25zS3hpYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMKHFwMEANTBAjANBgkqhkiG9w0B
AQsFAAOCAQEAXnruYy3iSFpmySZS2I+8Q91RMbJtGY5fkhS9TtwHCzgg0cwGZ//i
t8NI8lg1rp6Lphr4dKkQZBzaV9d54GckyJs5aQC7MQhalbCYF0xkwg51YS+HPQQS
2Jlv7ViQIoMc452nTYv2gMvXafrVsIMsJJsQVkCjFVnSmapp9jPFmZ+mfbGmR4Ib
uNV6gB0lgPuFQrymOlk3GZE/nFqyvAlXVmqiEoFBOFZLFjzxowOAJCouUzkP2Rn7
v22/YzR6ovB8MQLX+DOmwjFd+tMIGRuLrz/LKbnOt7ozaI1U3FeNDqL+BSFGgf5b
SlwHUXEZ7M2d/t/tjvX7al+Zb/x86N3oTg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org