Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HwchobTNth6e-5oGqp-kLFNtLos.roa
File: HwchobTNth6e-5oGqp-kLFNtLos.roa (raw, json)
Hash identifier: PuOkKaY/1NZ9XnFYnVMW44sdwn+aYeU0qEUed68x7Nc=
Subject key identifier: 1F:07:21:A1:B4:CD:B6:1E:9E:FB:9A:06:AA:9F:A4:2C:53:6D:2E:8B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018456905740B3A175264A1FFFAEA905CA59
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HwchobTNth6e-5oGqp-kLFNtLos.roa
Signing time: Tue 08 Nov 2022 09:26:50 +0000
ROA not before: Tue 08 Nov 2022 09:26:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:90:57:40:b3:a1:75:26:4a:1f:ff:ae:a9:05:ca:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 09:26:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f0721a1b4cdb61e9efb9a06aa9fa42c536d2e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:56:98:93:b9:82:55:77:4d:9a:84:ee:73:
85:32:ae:c7:98:ca:ce:55:88:49:74:d2:3e:84:c7:
91:fc:a8:65:fc:e9:54:87:ba:5d:9f:63:b9:9f:ab:
f6:a6:15:cc:ee:01:0c:1d:7d:77:65:45:f4:6e:b4:
ee:67:68:a9:19:ca:58:43:7d:c2:19:52:8c:de:ba:
fb:1f:d8:dc:68:f5:32:1f:75:79:cf:0d:43:b3:6b:
07:7f:fa:97:cd:aa:16:a8:7e:61:c6:f2:81:31:95:
de:8c:54:1a:fc:0d:d7:e1:b9:34:51:e2:46:ee:19:
3c:45:a5:99:af:79:99:56:71:cc:75:0d:66:ca:04:
d6:de:ca:4f:f1:b3:0e:d9:d7:98:eb:b8:64:8e:d8:
5b:0b:8d:3e:23:8a:76:a8:95:11:a1:f8:f5:73:a2:
c0:71:17:48:0d:c6:c3:05:30:93:75:87:81:e0:9d:
89:e4:f5:85:10:c5:52:9e:70:e1:d2:21:22:3e:6a:
e5:a5:15:70:0a:dd:da:4e:48:3d:24:7e:f5:be:01:
52:f5:8f:d6:9c:80:96:9a:8c:38:ec:f7:ea:00:0a:
55:5e:11:78:03:54:ed:9d:45:67:de:57:dc:9d:85:
9c:3e:f5:7d:94:79:10:ca:c3:ac:5d:b0:cf:f9:44:
38:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:07:21:A1:B4:CD:B6:1E:9E:FB:9A:06:AA:9F:A4:2C:53:6D:2E:8B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HwchobTNth6e-5oGqp-kLFNtLos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.38.0/24
194.87.73.0/24
194.87.130.0/23
194.87.168.0/24
194.87.178.0/24
194.135.23.0/24
195.58.35.0/24
195.133.0.0/24
195.133.35.0/24
212.192.31.0/24
212.193.1.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:83:37:ea:80:fc:6f:9c:61:f9:9b:73:09:bf:d2:d1:3c:ca:
48:38:4c:65:5c:d0:d5:25:de:7b:3a:65:c8:23:96:8c:aa:52:
90:b5:1d:0b:e8:11:52:7e:4e:f0:02:d4:6a:70:02:b7:33:85:
ae:0b:02:a0:bf:8a:6c:14:29:d2:e4:21:5f:a1:91:5c:52:21:
0f:83:68:0c:d8:d1:2c:48:32:98:2b:38:20:1f:3f:08:97:21:
12:e9:fb:ad:bc:6b:d5:d1:42:83:5a:ce:e8:2b:97:08:87:81:
b7:d4:94:65:44:3f:da:b6:d4:d7:94:1b:ea:b3:cb:8a:91:73:
e6:7c:06:82:21:0a:bc:23:f2:3f:82:81:1c:89:01:bd:57:75:
42:6d:55:af:c7:16:a2:98:e7:c7:47:5a:33:cb:9c:d2:4f:c7:
d0:fb:f3:0d:c2:b1:11:81:ff:60:ea:b5:e5:b2:29:15:c1:d7:
33:f7:97:46:5f:05:6d:ff:87:d4:1c:75:10:c3:d9:c6:e8:76:
15:6e:27:36:68:5f:4c:b7:29:0a:1e:f9:ac:4b:29:0e:6b:91:
56:ff:24:aa:9e:c0:a4:f6:a5:00:f2:e5:60:c1:34:42:fd:3b:
93:5a:49:ba:64:b9:3c:cd:61:e1:d2:4d:65:07:d3:6e:3c:15:
3f:5f:39:69
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYRWkFdAs6F1Jkof/66pBcpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA4MDkyNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjA3MjFhMWI0Y2RiNjFlOWVmYjlhMDZhYTlmYTQyYzUzNmQyZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh9WmJO5glV3TZqE7nOFMq7HmMrO
VYhJdNI+hMeR/Khl/OlUh7pdn2O5n6v2phXM7gEMHX13ZUX0brTuZ2ipGcpYQ33C
GVKM3rr7H9jcaPUyH3V5zw1Ds2sHf/qXzaoWqH5hxvKBMZXejFQa/A3X4bk0UeJG
7hk8RaWZr3mZVnHMdQ1mygTW3spP8bMO2deY67hkjthbC40+I4p2qJURofj1c6LA
cRdIDcbDBTCTdYeB4J2J5PWFEMVSnnDh0iEiPmrlpRVwCt3aTkg9JH71vgFS9Y/W
nICWmow47PfqAApVXhF4A1TtnUVn3lfcnYWcPvV9lHkQysOsXbDP+UQ4NwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFB8HIaG0zbYenvuaBqqfpCxTbS6LMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSHdjaG9iVE50aDZlLTVvR3FwLWtMRk50TG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwXwDAwQA
wlcmAwQAwldJAwQBwleCAwQAwleoAwQAwleyAwQAwocXAwQAwzojAwQAw4UAAwQA
w4UjAwQA1MAfAwQA1MEBAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQBrgzfqgPxv
nGH5m3MJv9LRPMpIOExlXNDVJd57OmXII5aMqlKQtR0L6BFSfk7wAtRqcAK3M4Wu
CwKgv4psFCnS5CFfoZFcUiEPg2gM2NEsSDKYKzggHz8IlyES6futvGvV0UKDWs7o
K5cIh4G31JRlRD/attTXlBvqs8uKkXPmfAaCIQq8I/I/goEciQG9V3VCbVWvxxai
mOfHR1ozy5zST8fQ+/MNwrERgf9g6rXlsikVwdcz95dGXwVt/4fUHHUQw9nG6HYV
bic2aF9MtykKHvmsSykOa5FW/ySqnsCk9qUA8uVgwTRC/TuTWkm6ZLk8zWHh0k1l
B9NuPBU/Xzlp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:00 2023 by rpki-client on console-fra.rpki-client.org