Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FQ4hKSJ3KWrMK1baKTtI3UYzJNw.roa
File: FQ4hKSJ3KWrMK1baKTtI3UYzJNw.roa (raw, json)
Hash identifier: LI2knJKQHM5geaua9qzeBTfJVoYk6kpglkn59mjbVcg=
Subject key identifier: 15:0E:21:29:22:77:29:6A:CC:2B:56:DA:29:3B:48:DD:46:33:24:DC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01838EBD3C34F203A34CCB99B49D6C68E10C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FQ4hKSJ3KWrMK1baKTtI3UYzJNw.roa
Signing time: Fri 30 Sep 2022 14:11:49 +0000
ROA not before: Fri 30 Sep 2022 14:11:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212598
IP address blocks: 194.87.209.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.58.33.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8e:bd:3c:34:f2:03:a3:4c:cb:99:b4:9d:6c:68:e1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 30 14:11:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=150e21292277296acc2b56da293b48dd463324dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:04:98:1e:d0:1e:20:3d:f5:aa:16:7b:6f:98:
c9:e9:3a:f0:0f:e3:e1:ff:4c:8b:04:c6:35:11:c1:
35:51:8d:e7:17:04:d3:e9:35:63:e6:93:c7:d5:95:
7a:75:b5:04:a8:8d:75:6f:ae:7f:b4:ef:85:ff:e0:
70:bc:db:d1:96:6a:08:0a:ab:cf:8a:98:15:1e:c7:
d2:a0:28:c3:e1:5d:a5:89:0a:bb:8a:33:ff:b9:93:
13:b3:a8:0e:47:ab:67:ef:1b:fb:3c:b9:55:07:60:
21:2b:3f:62:3d:d0:47:9e:ae:5d:3a:d7:e4:f2:0d:
d4:06:74:68:29:57:cd:3a:33:39:72:89:8c:8d:72:
1e:b7:bc:85:5d:ae:78:a3:ab:ee:de:ab:3a:49:a0:
56:c0:93:88:31:c5:c9:4a:c3:1f:a9:5d:03:c7:42:
09:e0:ed:6c:7d:ee:00:f3:66:b9:5d:e2:0a:7a:43:
cb:45:fb:b4:41:80:df:5e:79:5e:6e:2c:38:7b:bb:
13:0d:3b:cc:aa:04:1c:35:a2:67:5e:51:e4:94:77:
13:b3:21:e1:e6:73:6f:0d:88:a2:d7:4c:88:e9:f4:
44:e1:8a:8b:7f:2e:83:6a:a4:4c:cc:82:37:f3:ee:
63:d0:de:84:3b:be:ac:57:67:f8:04:4f:76:2b:9a:
f1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:0E:21:29:22:77:29:6A:CC:2B:56:DA:29:3B:48:DD:46:33:24:DC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FQ4hKSJ3KWrMK1baKTtI3UYzJNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.33.0/24
194.87.36.0/24
194.87.39.0/24
194.87.137.0/24
194.87.182.0/24
194.87.209.0/24
195.133.35.0/24
Signature Algorithm: sha256WithRSAEncryption
11:f6:1c:78:cc:89:89:14:bc:c4:a6:93:6a:47:98:4e:38:a3:
3f:3d:4f:72:2f:b4:da:ff:cb:96:14:bd:2d:b4:26:26:88:09:
ee:7c:c1:cd:d4:fe:89:22:d9:b8:d0:e6:a6:79:79:40:56:50:
13:1a:a2:8e:03:db:e2:ce:74:f6:67:1b:a2:f4:a7:76:9e:42:
e1:44:e7:ea:a3:67:cf:95:df:a8:19:1b:e2:8d:a3:32:28:5a:
57:27:64:8d:d4:50:2f:5b:ed:4b:01:0c:f4:d6:80:81:00:c2:
9a:2f:dc:7d:72:fa:21:4e:6d:a0:f8:74:b8:24:79:fe:f9:23:
2c:11:c8:67:cd:11:83:6f:29:5a:95:00:2c:1b:df:63:52:77:
ec:ba:4e:10:c7:db:d8:99:84:97:a0:b0:60:6a:0a:89:f4:cf:
c9:45:48:95:57:5f:21:7a:0b:ef:54:ce:bb:99:5c:0c:62:53:
eb:c2:fd:4e:1b:35:54:0d:80:5f:94:cc:cb:0a:d1:d7:40:00:
cf:76:d7:89:2b:2b:3a:5e:54:f1:1f:10:31:1b:2c:59:ae:bc:
8a:bf:1f:9e:f2:f9:3b:f7:ff:03:5c:7e:95:97:93:d5:8f:d9:
61:46:bd:20:09:4c:cd:42:14:d0:ca:43:df:fe:25:fd:99:36:
7e:8e:1f:47
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYOOvTw08gOjTMuZtJ1saOEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTMwMTQxMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBlMjEyOTIyNzcyOTZhY2MyYjU2ZGEyOTNiNDhkZDQ2MzMyNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQSYHtAeID31qhZ7b5jJ6TrwD+Ph
/0yLBMY1EcE1UY3nFwTT6TVj5pPH1ZV6dbUEqI11b65/tO+F/+BwvNvRlmoICqvP
ipgVHsfSoCjD4V2liQq7ijP/uZMTs6gOR6tn7xv7PLlVB2AhKz9iPdBHnq5dOtfk
8g3UBnRoKVfNOjM5comMjXIet7yFXa54o6vu3qs6SaBWwJOIMcXJSsMfqV0Dx0IJ
4O1sfe4A82a5XeIKekPLRfu0QYDfXnlebiw4e7sTDTvMqgQcNaJnXlHklHcTsyHh
5nNvDYii10yI6fRE4YqLfy6DaqRMzII38+5j0N6EO76sV2f4BE92K5rxiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBUOISkidylqzCtW2ik7SN1GMyTcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRlE0aEtTSjNLV3JNSzFiYUtUdEkzVVl6Sk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwjohAwQA
wlckAwQAwlcnAwQAwleJAwQAwle2AwQAwlfRAwQAw4UjMA0GCSqGSIb3DQEBCwUA
A4IBAQAR9hx4zImJFLzEppNqR5hOOKM/PU9yL7Ta/8uWFL0ttCYmiAnufMHN1P6J
Itm40OameXlAVlATGqKOA9viznT2Zxui9Kd2nkLhROfqo2fPld+oGRvijaMyKFpX
J2SN1FAvW+1LAQz01oCBAMKaL9x9cvohTm2g+HS4JHn++SMsEchnzRGDbylalQAs
G99jUnfsuk4Qx9vYmYSXoLBgagqJ9M/JRUiVV18hegvvVM67mVwMYlPrwv1OGzVU
DYBflMzLCtHXQADPdteJKys6XlTxHxAxGyxZrryKvx+e8vk79/8DXH6Vl5PVj9lh
Rr0gCUzNQhTQykPf/iX9mTZ+jh9H
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org