Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JZMFyU_52ix2-NvM3lnjDliE7hs.roa
File: JZMFyU_52ix2-NvM3lnjDliE7hs.roa (raw, json)
Hash identifier: VSP7IF82q+9zqOa/jYopKLy7Vx/ZflOJy7qhd/CTkeg=
Subject key identifier: 25:93:05:C9:4F:F9:DA:2C:76:F8:DB:CC:DE:59:E3:0E:58:84:EE:1B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183D55CDCD6C19DD1B202E45101BBC00968
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JZMFyU_52ix2-NvM3lnjDliE7hs.roa
Signing time: Fri 14 Oct 2022 07:19:36 +0000
ROA not before: Fri 14 Oct 2022 07:19:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.127.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d5:5c:dc:d6:c1:9d:d1:b2:02:e4:51:01:bb:c0:09:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 07:19:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=259305c94ff9da2c76f8dbccde59e30e5884ee1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:52:64:2e:e8:ff:51:d5:24:90:94:1d:52:07:
b8:50:48:d3:41:f1:7e:87:e9:e2:9e:06:18:1f:39:
6d:70:00:c3:e0:e8:8e:68:db:c9:9a:f5:3d:37:c0:
bd:97:50:f7:04:f0:c9:64:8f:2d:8f:80:22:88:7d:
11:e9:ee:f6:9c:91:a0:5b:91:e8:e0:63:a8:05:d1:
4b:78:5c:9c:1a:08:28:54:8b:3d:fd:07:41:1a:39:
bf:b0:42:68:84:d9:82:d4:d8:40:fa:f5:5f:ac:18:
cd:3b:39:de:57:9e:23:01:ed:e1:7a:7d:e9:cb:9a:
8a:32:14:49:99:f1:5a:43:e2:24:62:80:24:2d:f3:
cc:71:56:77:10:89:3a:26:69:70:9f:dc:77:9f:28:
3e:9d:b7:f3:cc:6e:16:88:90:46:f2:b5:ca:f4:81:
eb:c9:35:ae:49:43:01:c4:8b:4b:1c:7e:81:d3:98:
19:89:6f:0f:bd:aa:f4:86:11:b8:4e:67:7e:a1:5a:
15:e5:40:66:55:68:37:be:8c:be:90:78:6b:e1:6d:
40:07:9d:29:02:b5:01:60:1c:c1:bd:2c:a4:5a:b3:
d4:12:1e:52:dd:c1:dd:ad:04:98:be:13:b5:1a:e6:
cd:18:80:2f:98:1a:98:34:56:38:6c:c5:07:2b:4c:
a1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:93:05:C9:4F:F9:DA:2C:76:F8:DB:CC:DE:59:E3:0E:58:84:EE:1B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JZMFyU_52ix2-NvM3lnjDliE7hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.127.0/24
194.87.180.0/24
212.192.7.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
47:c4:f0:d6:f8:07:5c:90:35:cf:8c:24:ff:5e:b6:1f:b1:ee:
4e:28:d7:4a:f2:da:da:c3:e0:15:8f:f9:ce:97:7d:4f:3d:b3:
df:df:62:d9:58:78:90:74:47:63:9d:a2:7d:53:fa:1e:4e:76:
7b:0a:95:65:6b:fe:90:14:33:e7:a5:c3:15:da:b1:14:0c:2a:
d1:45:ee:c0:0c:d4:23:22:1c:15:e1:2b:cd:54:15:e0:4b:f9:
4c:01:e5:a7:3b:99:44:bf:c4:4e:c3:74:ed:0d:d5:77:a2:ce:
a1:a8:a1:74:71:73:3b:07:31:9f:69:50:74:c5:be:fa:e7:92:
67:69:25:29:45:c8:9c:af:25:a5:f8:fe:67:9e:70:7e:26:a7:
49:5a:b3:3f:da:e3:15:35:d0:7f:cc:4a:27:28:72:70:b2:2c:
7f:ac:8a:74:ac:a5:42:28:69:8d:eb:c0:5b:07:7e:0a:ca:bb:
5e:84:72:5d:94:36:23:6d:67:52:a6:80:3a:7e:30:b9:34:54:
c8:29:a4:3c:c0:25:b8:a3:de:f5:67:43:98:bf:d2:07:57:73:
7c:2c:bc:ed:5e:29:b1:68:0a:52:bf:fe:1a:4c:ce:92:bf:21:
f1:7d:ff:41:80:bc:f6:cb:e8:48:77:31:e4:a7:d0:f0:cb:15:
bc:0c:e7:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPVXNzWwZ3RsgLkUQG7wAloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE0MDcxOTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTkzMDVjOTRmZjlkYTJjNzZmOGRiY2NkZTU5ZTMwZTU4ODRlZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVJkLuj/UdUkkJQdUge4UEjTQfF+
h+ningYYHzltcADD4OiOaNvJmvU9N8C9l1D3BPDJZI8tj4AiiH0R6e72nJGgW5Ho
4GOoBdFLeFycGggoVIs9/QdBGjm/sEJohNmC1NhA+vVfrBjNOzneV54jAe3hen3p
y5qKMhRJmfFaQ+IkYoAkLfPMcVZ3EIk6Jmlwn9x3nyg+nbfzzG4WiJBG8rXK9IHr
yTWuSUMBxItLHH6B05gZiW8Pvar0hhG4Tmd+oVoV5UBmVWg3voy+kHhr4W1AB50p
ArUBYBzBvSykWrPUEh5S3cHdrQSYvhO1GubNGIAvmBqYNFY4bMUHK0yhaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCWTBclP+dosdvjbzN5Z4w5YhO4bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSlpNRnlVXzUyaXgyLU52TTNsbmpEbGlFN2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwld/AwQA
wle0AwQA1MAHAwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQBHxPDW+AdckDXPjCT/
XrYfse5OKNdK8traw+AVj/nOl31PPbPf32LZWHiQdEdjnaJ9U/oeTnZ7CpVla/6Q
FDPnpcMV2rEUDCrRRe7ADNQjIhwV4SvNVBXgS/lMAeWnO5lEv8ROw3TtDdV3os6h
qKF0cXM7BzGfaVB0xb7655JnaSUpRcicryWl+P5nnnB+JqdJWrM/2uMVNdB/zEon
KHJwsix/rIp0rKVCKGmN68BbB34KyrtehHJdlDYjbWdSpoA6fjC5NFTIKaQ8wCW4
o971Z0OYv9IHV3N8LLztXimxaApSv/4aTM6SvyHxff9BgLz2y+hIdzHkp9DwyxW8
DOdo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:00 2023 by rpki-client on console-fra.rpki-client.org