Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GlZNJLBb9-hyIuqYj1IeO2DRYrU.roa
File: GlZNJLBb9-hyIuqYj1IeO2DRYrU.roa (raw, json)
Hash identifier: VD/CdSEL1e9WH37riWxwu3HcadvWf3H8LaNjpRb5r1E=
Subject key identifier: 1A:56:4D:24:B0:5B:F7:E8:72:22:EA:98:8F:52:1E:3B:60:D1:62:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840FF3E30CD52BD93A32696507BABD1767
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GlZNJLBb9-hyIuqYj1IeO2DRYrU.roa
Signing time: Tue 25 Oct 2022 16:22:32 +0000
ROA not before: Tue 25 Oct 2022 16:22:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
212.193.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:f3:e3:0c:d5:2b:d9:3a:32:69:65:07:ba:bd:17:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 16:22:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a564d24b05bf7e87222ea988f521e3b60d162b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:51:bf:10:ae:54:d3:fb:c7:94:ae:62:c6:01:
12:cc:2b:b9:47:cd:aa:8e:09:94:2b:21:1e:1f:c4:
17:2f:15:2f:84:c4:aa:45:6b:3e:ba:85:aa:a5:02:
25:53:c5:1f:14:c2:fb:29:ea:14:e3:45:96:a7:00:
52:0b:32:e0:1e:97:88:57:13:73:b8:b8:a9:3f:41:
3a:a5:e9:a1:7d:0f:07:ff:01:ea:05:28:78:e8:4c:
5c:34:33:64:40:50:7f:b0:f1:dd:de:43:80:41:fc:
3e:ac:68:c7:a7:b2:5a:3d:c6:23:2e:2f:2d:91:3a:
c6:ab:26:60:d8:c1:88:33:78:bb:a2:0d:52:ce:40:
b2:e6:6b:aa:e6:43:07:59:2a:0e:2f:65:8e:31:b0:
c0:48:52:fa:ac:4b:17:fa:5c:d3:c9:ad:b2:f4:4e:
64:69:e1:ba:b7:b4:92:7f:f0:ce:f6:ba:b3:74:f3:
4d:70:b0:10:53:e4:17:b4:b0:e1:55:db:a0:9a:1b:
fd:5a:19:be:06:2d:cf:58:de:b2:a2:b6:4b:8a:3b:
b8:bc:71:1a:41:5c:c0:d3:81:a5:cb:dd:21:71:e1:
60:1c:64:69:69:17:9a:23:00:3c:b9:65:4f:b4:de:
58:77:89:e7:80:c5:ab:0a:0a:70:81:4a:e2:db:7f:
c3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:56:4D:24:B0:5B:F7:E8:72:22:EA:98:8F:52:1E:3B:60:D1:62:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GlZNJLBb9-hyIuqYj1IeO2DRYrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.87.84.0/22
194.87.122.0/24
194.87.151.0/24
194.87.177.0/24
194.87.205.0/24
195.133.18.0/24
195.133.38.0/24
195.133.40.0/24
212.192.8.0/24
212.192.30.0/24
212.193.7.0/24
Signature Algorithm: sha256WithRSAEncryption
65:b3:d0:3d:8a:4c:47:86:a7:9f:d4:91:56:ae:68:81:cd:9c:
97:c3:c2:41:70:bf:f1:0c:9f:34:e3:2b:b5:87:e4:17:04:61:
27:85:92:64:09:0a:70:20:f0:59:e8:d1:c9:e9:a5:84:65:8a:
59:c2:18:5f:82:f6:f9:00:8e:a0:bf:c9:9b:d1:ed:6a:c5:f5:
20:a8:26:7c:c3:38:85:71:e6:26:b8:ce:b4:c1:62:67:7a:cd:
d2:47:b6:65:c6:e1:c2:57:b2:01:50:52:3d:65:b2:42:fb:77:
58:d6:8a:52:c3:43:00:a9:a0:97:f4:13:5f:23:dd:12:a7:fb:
06:b3:5f:53:63:d6:a0:da:b1:47:f1:b4:9d:a5:66:12:ec:e8:
b9:cd:7e:d3:a9:c5:ee:0b:ed:61:c2:9c:5c:e7:92:73:b7:6c:
2f:61:5e:ad:24:e0:0e:8e:e2:0c:37:ed:a9:1d:6b:fa:62:ec:
fa:9f:e1:d2:dd:1b:28:69:5c:23:80:fe:f0:83:41:2d:de:30:
a8:f5:e7:dd:08:12:d7:fd:d8:8b:90:ae:70:12:b6:6a:85:20:
5f:aa:db:6a:91:0c:21:ca:3a:e3:fd:a5:6e:b7:93:ee:01:c2:
f8:21:50:3c:01:b3:49:76:b3:ac:05:3b:d7:95:34:92:f4:da:
7c:69:c6:0e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYQP8+MM1SvZOjJpZQe6vRdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MTYyMjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTU2NGQyNGIwNWJmN2U4NzIyMmVhOTg4ZjUyMWUzYjYwZDE2MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFG/EK5U0/vHlK5ixgESzCu5R82q
jgmUKyEeH8QXLxUvhMSqRWs+uoWqpQIlU8UfFML7KeoU40WWpwBSCzLgHpeIVxNz
uLipP0E6pemhfQ8H/wHqBSh46ExcNDNkQFB/sPHd3kOAQfw+rGjHp7JaPcYjLi8t
kTrGqyZg2MGIM3i7og1SzkCy5muq5kMHWSoOL2WOMbDASFL6rEsX+lzTya2y9E5k
aeG6t7SSf/DO9rqzdPNNcLAQU+QXtLDhVdugmhv9Whm+Bi3PWN6yorZLiju4vHEa
QVzA04Gly90hceFgHGRpaReaIwA8uWVPtN5Yd4nngMWrCgpwgUri23/DBwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBpWTSSwW/fociLqmI9SHjtg0WK1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR2xaTkpMQmI5LWh5SXVxWWoxSWVPMkRSWXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwXwsAwQC
wldUAwQAwld6AwQAwleXAwQAwlexAwQAwlfNAwQAw4USAwQAw4UmAwQAw4UoAwQA
1MAIAwQA1MAeAwQA1MEHMA0GCSqGSIb3DQEBCwUAA4IBAQBls9A9ikxHhqef1JFW
rmiBzZyXw8JBcL/xDJ804yu1h+QXBGEnhZJkCQpwIPBZ6NHJ6aWEZYpZwhhfgvb5
AI6gv8mb0e1qxfUgqCZ8wziFceYmuM60wWJnes3SR7ZlxuHCV7IBUFI9ZbJC+3dY
1opSw0MAqaCX9BNfI90Sp/sGs19TY9ag2rFH8bSdpWYS7Oi5zX7TqcXuC+1hwpxc
55Jzt2wvYV6tJOAOjuIMN+2pHWv6Yuz6n+HS3RsoaVwjgP7wg0Et3jCo9efdCBLX
/diLkK5wErZqhSBfqttqkQwhyjrj/aVut5PuAcL4IVA8AbNJdrOsBTvXlTSS9Np8
acYO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org