Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GzuNnWC_Y9IyyZAhlTL4ThOkw7A.roa
File: GzuNnWC_Y9IyyZAhlTL4ThOkw7A.roa (raw, json)
Hash identifier: bpFzteKP+tZkkG+u3D1NwJSHy7nuJ0W3pnVFUYTJGks=
Subject key identifier: 1B:3B:8D:9D:60:BF:63:D2:32:C9:90:21:95:32:F8:4E:13:A4:C3:B0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852E837A5D52CB12C6337C8BD904926496
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GzuNnWC_Y9IyyZAhlTL4ThOkw7A.roa
Signing time: Tue 20 Dec 2022 07:50:46 +0000
ROA not before: Tue 20 Dec 2022 07:50:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213028
IP address blocks: 194.135.124.0/24 maxlen: 24
194.87.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:83:7a:5d:52:cb:12:c6:33:7c:8b:d9:04:92:64:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 07:50:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b3b8d9d60bf63d232c990219532f84e13a4c3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e2:d8:93:4a:cc:17:d3:d6:ec:50:d7:e7:3c:
27:db:38:df:d2:ed:64:d1:c7:17:96:51:f0:e8:bf:
75:58:ae:bb:75:6a:9b:70:5e:18:06:44:ab:62:5b:
2c:e3:0a:97:57:da:02:a2:d6:27:c7:ff:22:ac:ff:
13:dd:9c:89:1a:16:ab:8a:20:09:b0:af:cb:da:32:
79:d7:2b:e2:ab:3a:76:ba:65:3a:b3:64:e4:d0:1b:
10:77:0a:4a:a8:2e:75:69:4f:cd:c9:8b:0c:56:e2:
cb:33:83:0e:3e:45:3c:e3:48:db:73:db:c4:36:d2:
7d:b6:9d:1c:59:8e:68:9f:64:ca:93:f8:51:87:4b:
4e:a6:5b:aa:d4:51:ee:2a:59:49:b8:67:25:fd:6c:
a4:30:0a:b1:be:32:e2:21:b6:42:ef:23:ab:05:03:
bb:6f:16:40:cf:dd:79:8d:0c:cc:fc:84:45:66:67:
c3:5e:65:03:29:a8:50:b3:ca:b6:57:b4:c5:b1:d0:
b9:9f:69:ab:a5:19:6f:68:f7:24:22:b3:cb:f8:73:
9a:7b:ae:1c:4e:67:5c:85:07:be:28:1e:7c:d6:87:
03:99:b7:97:cc:3e:dd:e3:58:95:7c:1f:5c:13:a5:
e9:db:01:d6:0d:94:00:66:89:c6:b0:a2:a6:07:44:
5c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:3B:8D:9D:60:BF:63:D2:32:C9:90:21:95:32:F8:4E:13:A4:C3:B0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GzuNnWC_Y9IyyZAhlTL4ThOkw7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.74.0/24
194.135.124.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:61:f6:5a:c3:cb:19:0b:a7:7b:fe:0b:da:f8:6e:8d:33:01:
99:1e:29:e6:07:b2:f3:e0:27:97:eb:4a:c5:f3:49:3e:c2:cc:
73:0f:d1:7e:f3:22:a3:78:48:57:69:e2:10:2e:44:5f:41:d2:
cb:b0:5d:99:04:34:b4:98:51:8d:29:90:55:c1:18:d3:c3:9a:
c1:69:ba:e7:c6:0b:65:74:5e:e3:d0:c4:2b:d0:0b:2e:f8:72:
82:f3:4f:96:18:33:b6:eb:08:5b:ea:9a:62:1a:3c:e9:37:fa:
3d:e9:6e:0a:5e:58:62:da:d3:96:f3:5b:74:39:ca:2b:f2:86:
e5:08:3a:6f:00:53:96:df:d5:6e:98:32:40:c3:1c:39:ba:9c:
73:11:01:7f:90:e5:df:99:95:02:c8:f7:ea:24:95:04:0f:5c:
c9:5e:65:ab:8b:01:6f:1b:29:f6:ff:78:fe:3e:fa:56:7a:c3:
77:85:de:6d:7a:e6:5f:5e:55:14:99:08:ed:e5:95:2a:f2:b7:
84:79:48:22:69:e8:33:f2:ea:4b:1f:1a:16:27:02:e0:4d:f6:
ba:31:66:05:bb:d8:3e:6c:ec:8d:d0:c5:fb:ac:1d:54:67:7b:
e9:f9:d9:96:97:28:87:39:52:3f:8d:2a:2a:7d:74:22:58:af:
a3:1e:c6:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUug3pdUssSxjN8i9kEkmSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMDc1MDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjNiOGQ5ZDYwYmY2M2QyMzJjOTkwMjE5NTMyZjg0ZTEzYTRjM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuLYk0rMF9PW7FDX5zwn2zjf0u1k
0ccXllHw6L91WK67dWqbcF4YBkSrYlss4wqXV9oCotYnx/8irP8T3ZyJGhariiAJ
sK/L2jJ51yviqzp2umU6s2Tk0BsQdwpKqC51aU/NyYsMVuLLM4MOPkU840jbc9vE
NtJ9tp0cWY5on2TKk/hRh0tOpluq1FHuKllJuGcl/WykMAqxvjLiIbZC7yOrBQO7
bxZAz915jQzM/IRFZmfDXmUDKahQs8q2V7TFsdC5n2mrpRlvaPckIrPL+HOae64c
TmdchQe+KB581ocDmbeXzD7d41iVfB9cE6Xp2wHWDZQAZonGsKKmB0RcnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBs7jZ1gv2PSMsmQIZUy+E4TpMOwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR3p1Tm5XQ19ZOUl5eVpBaGxUTDRUaE9rdzdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldKAwQA
wod8MA0GCSqGSIb3DQEBCwUAA4IBAQA6YfZaw8sZC6d7/gva+G6NMwGZHinmB7Lz
4CeX60rF80k+wsxzD9F+8yKjeEhXaeIQLkRfQdLLsF2ZBDS0mFGNKZBVwRjTw5rB
abrnxgtldF7j0MQr0Asu+HKC80+WGDO26whb6ppiGjzpN/o96W4KXlhi2tOW81t0
Ocor8oblCDpvAFOW39VumDJAwxw5upxzEQF/kOXfmZUCyPfqJJUED1zJXmWriwFv
Gyn2/3j+PvpWesN3hd5teuZfXlUUmQjt5ZUq8reEeUgiaegz8upLHxoWJwLgTfa6
MWYFu9g+bOyN0MX7rB1UZ3vp+dmWlyiHOVI/jSoqfXQiWK+jHsZy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org