Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JFSwtBSmjRiBWnhCjuf4QMhxPrs.roa
File: JFSwtBSmjRiBWnhCjuf4QMhxPrs.roa (raw, json)
Hash identifier: DaEQmlo00Vj3zJi4bvU2WsOXoCivDpXfyHrc00X2vLg=
Subject key identifier: 24:54:B0:B4:14:A6:8D:18:81:5A:78:42:8E:E7:F8:40:C8:71:3E:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01848A28DD06393EC55F5C46C6AB94194D47
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JFSwtBSmjRiBWnhCjuf4QMhxPrs.roa
Signing time: Fri 18 Nov 2022 09:54:04 +0000
ROA not before: Fri 18 Nov 2022 09:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:28:dd:06:39:3e:c5:5f:5c:46:c6:ab:94:19:4d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 18 09:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2454b0b414a68d18815a78428ee7f840c8713ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4a:44:35:56:4f:e7:14:f7:ad:a5:86:a0:7f:
c5:1c:d8:65:05:e5:14:90:40:71:3a:47:ac:24:6d:
6f:88:80:e7:1f:04:cd:84:6d:22:be:7a:eb:64:05:
f0:91:1b:d4:be:bc:cc:32:9c:36:91:53:d1:71:52:
bb:c3:31:ff:8e:57:c5:39:60:d5:0c:35:e6:c9:67:
aa:94:49:49:6d:f2:c4:63:66:0a:cd:90:b2:08:b5:
24:94:f2:9e:a6:ac:ee:54:c7:32:dc:83:e8:2c:32:
ee:ae:92:2b:7b:bf:8c:e7:e3:12:67:a7:89:1c:96:
3b:9f:70:28:ef:ac:15:3f:f6:b1:e4:2f:65:3b:8c:
dd:2c:5c:d3:e3:2b:21:85:71:28:5a:1a:a6:94:69:
88:ef:bf:81:98:d4:fe:56:72:af:d7:58:7f:61:66:
09:1e:eb:06:bb:86:39:77:a8:2b:12:ea:cb:3b:5f:
a9:7b:61:90:ce:60:4f:50:85:04:dc:09:b2:bf:8d:
7a:f3:d7:b1:eb:db:4e:35:81:d6:9e:73:1c:31:35:
1e:f6:cd:37:c6:aa:bc:41:86:ed:fe:a2:42:cc:c9:
be:07:4a:a8:85:0a:5c:52:53:5e:01:93:e4:18:bc:
ac:f1:cd:d1:f9:1d:e7:fb:38:39:0b:71:6c:ee:43:
17:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:54:B0:B4:14:A6:8D:18:81:5A:78:42:8E:E7:F8:40:C8:71:3E:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JFSwtBSmjRiBWnhCjuf4QMhxPrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.38.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/24
194.135.23.0/24
195.58.35.0/24
195.133.0.0/24
195.133.35.0/24
212.192.31.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
99:96:6f:f1:d3:24:eb:25:cc:0b:31:77:4f:fc:fd:60:f1:12:
1f:84:e5:8c:2a:f2:68:05:fe:ba:2b:63:63:4c:ea:3d:c8:f4:
c7:72:60:da:01:85:52:67:92:a8:a4:e1:86:b6:8d:26:bc:6b:
c3:86:f1:36:8c:f3:6a:f7:cc:f6:23:b0:4d:dc:df:d8:82:0d:
30:88:2a:6b:67:f1:16:a1:ea:1d:9d:c6:22:eb:1b:b4:81:ac:
89:e6:31:09:71:c9:f3:85:2a:8b:fd:85:47:da:31:e5:3c:6a:
60:cd:0a:47:e4:02:04:e3:47:42:06:64:52:c9:66:e0:44:cf:
56:bb:72:15:ae:b9:0c:bd:c1:35:8e:64:f3:a8:21:1b:1f:13:
96:61:86:89:e0:84:26:9d:de:2c:2d:e0:cf:05:25:a1:37:dd:
e7:f6:ca:0b:c9:95:5b:3e:0e:c9:28:dd:c8:04:aa:5f:31:f7:
63:cc:21:2e:dc:94:b9:dc:05:6c:d9:70:54:08:50:d5:8e:c8:
71:f3:43:39:a7:23:50:5c:08:27:6f:d5:e2:4c:13:43:68:5a:
6a:07:f5:08:75:94:fa:51:5a:c0:56:64:6c:b0:7c:1d:e7:67:
63:04:85:a2:b0:eb:d4:6b:39:b2:71:47:ca:23:68:b7:11:54:
90:5e:7d:32
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYSKKN0GOT7FX1xGxquUGU1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE4MDk1NDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDU0YjBiNDE0YTY4ZDE4ODE1YTc4NDI4ZWU3Zjg0MGM4NzEzZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUpENVZP5xT3raWGoH/FHNhlBeUU
kEBxOkesJG1viIDnHwTNhG0ivnrrZAXwkRvUvrzMMpw2kVPRcVK7wzH/jlfFOWDV
DDXmyWeqlElJbfLEY2YKzZCyCLUklPKepqzuVMcy3IPoLDLurpIre7+M5+MSZ6eJ
HJY7n3Ao76wVP/ax5C9lO4zdLFzT4yshhXEoWhqmlGmI77+BmNT+VnKv11h/YWYJ
HusGu4Y5d6grEurLO1+pe2GQzmBPUIUE3Amyv41689ex69tONYHWnnMcMTUe9s03
xqq8QYbt/qJCzMm+B0qohQpcUlNeAZPkGLys8c3R+R3n+zg5C3Fs7kMXcwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCRUsLQUpo0YgVp4Qo7n+EDIcT67MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSkZTd3RCU21qUmlCV25oQ2p1ZjRRTWh4UHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwXwDAwQA
wlcmAwQAwldJAwQBwleCAwQAwlemAwQAwleoAwQAwleyAwQAwocXAwQAwzojAwQA
w4UAAwQAw4UjAwQA1MAfAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQCZlm/x0yTr
JcwLMXdP/P1g8RIfhOWMKvJoBf66K2NjTOo9yPTHcmDaAYVSZ5KopOGGto0mvGvD
hvE2jPNq98z2I7BN3N/Ygg0wiCprZ/EWoeodncYi6xu0gayJ5jEJccnzhSqL/YVH
2jHlPGpgzQpH5AIE40dCBmRSyWbgRM9Wu3IVrrkMvcE1jmTzqCEbHxOWYYaJ4IQm
nd4sLeDPBSWhN93n9soLyZVbPg7JKN3IBKpfMfdjzCEu3JS53AVs2XBUCFDVjshx
80M5pyNQXAgnb9XiTBNDaFpqB/UIdZT6UVrAVmRssHwd52djBIWisOvUazmycUfK
I2i3EVSQXn0y
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-ams.rpki-client.org