Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KNIx1sa6UfCm7TrMSojFOvFVU7c.roa
File: KNIx1sa6UfCm7TrMSojFOvFVU7c.roa (raw, json)
Hash identifier: mDfy7m7jHSsthiYZ/u34UkQLgMylmwhaYgCuZnp+ffo=
Subject key identifier: 28:D2:31:D6:C6:BA:51:F0:A6:ED:3A:CC:4A:88:C5:3A:F1:55:53:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0F486ECD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KNIx1sa6UfCm7TrMSojFOvFVU7c.roa
Signing time: Tue 29 Mar 2022 09:46:47 +0000
ROA not before: Tue 29 Mar 2022 09:46:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 212.193.30.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256405197 (0xf486ecd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 29 09:46:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28d231d6c6ba51f0a6ed3acc4a88c53af15553b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5f:c0:25:2b:5e:6a:c5:97:e8:34:d1:16:3a:
3c:75:7e:74:f6:4a:8a:c7:03:a2:71:d2:7a:42:f1:
91:ce:dc:fa:ee:f2:e6:78:58:23:9b:64:49:d0:72:
6b:44:39:f0:e2:44:5e:7d:f7:f1:45:be:5a:51:37:
f3:bd:87:09:c5:aa:92:ab:52:6a:12:1f:f5:2c:fd:
87:7a:a3:6d:4a:ef:f2:7f:d2:d7:f1:a7:e9:e7:27:
03:dd:09:bc:82:71:3f:da:39:df:aa:60:59:d7:c7:
1d:2b:87:6e:98:25:dc:f5:ac:60:1e:b3:71:29:2d:
c1:31:4c:e3:36:09:f6:d3:4b:5f:1b:79:4a:01:80:
c1:b9:7f:ce:23:74:74:58:0a:35:9e:60:40:85:6a:
bf:92:36:f4:eb:fa:f1:b9:a2:f9:16:d7:4f:98:ff:
c7:4b:95:f6:af:8d:a9:06:1e:dd:3d:59:c2:0e:0a:
b7:04:d6:3c:61:bb:bf:00:f6:b6:0e:af:cd:3f:1e:
81:2e:67:f1:71:0c:76:6b:10:42:6e:69:2b:4a:af:
bd:d0:5e:95:7f:e2:69:8a:32:ad:02:8a:73:3d:fa:
da:28:a0:47:4b:af:b9:ee:b1:42:cc:c8:7e:df:fe:
fd:39:2a:5c:c0:73:ba:74:58:4d:ad:fb:b4:7e:d4:
83:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D2:31:D6:C6:BA:51:F0:A6:ED:3A:CC:4A:88:C5:3A:F1:55:53:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KNIx1sa6UfCm7TrMSojFOvFVU7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.75.0/24
194.87.84.0/22
195.133.18.0/24
195.133.35.0/24
195.133.38.0/24
195.133.40.0/24
212.192.241.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d5:c1:6d:1d:12:99:13:30:4f:0e:3f:63:85:8e:a0:a6:73:
c0:66:5b:68:4c:43:1a:14:83:da:4b:37:3c:c7:2f:b2:63:80:
fd:da:c3:ee:95:6a:a6:fa:53:0f:3e:d3:bf:77:45:69:06:a4:
1e:ba:8b:28:33:8c:ca:73:a7:d2:89:ad:a8:fc:79:36:e6:cc:
70:fb:01:f0:4c:d0:5e:5d:68:ce:16:a3:1b:13:48:6f:27:3d:
62:58:a7:9f:64:ee:46:dc:0d:70:59:0b:65:5e:37:25:d1:bd:
2d:08:83:eb:d0:54:e5:50:81:bd:6d:e2:87:40:7f:87:aa:8c:
51:c9:c7:f9:3f:51:66:61:9e:af:04:e1:02:48:af:a2:71:7f:
4f:9c:25:d9:95:b7:05:41:4e:6b:d4:82:01:bb:66:09:8c:38:
96:dd:75:16:50:a7:46:19:ff:2f:68:0f:71:98:ac:97:8c:11:
28:eb:ec:05:e4:d8:c1:e7:5d:84:4f:47:da:87:48:44:b1:93:
a1:e2:29:67:ab:81:f5:24:39:a9:4c:99:2f:68:83:88:86:ec:
c3:70:c1:55:32:39:0d:48:e7:cf:7b:04:ab:e5:aa:36:de:35:
23:00:f0:bf:ef:e7:f1:6a:11:95:89:56:bb:ab:52:dc:24:f1:
41:69:05:7b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIED0huzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDMy
OTA5NDY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhkMjMxZDZjNmJh
NTFmMGE2ZWQzYWNjNGE4OGM1M2FmMTU1NTNiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpfwCUrXmrFl+g00RY6PHV+dPZKiscDonHSekLxkc7c+u7y
5nhYI5tkSdBya0Q58OJEXn338UW+WlE3872HCcWqkqtSahIf9Sz9h3qjbUrv8n/S
1/Gn6ecnA90JvIJxP9o536pgWdfHHSuHbpgl3PWsYB6zcSktwTFM4zYJ9tNLXxt5
SgGAwbl/ziN0dFgKNZ5gQIVqv5I29Ov68bmi+RbXT5j/x0uV9q+NqQYe3T1Zwg4K
twTWPGG7vwD2tg6vzT8egS5n8XEMdmsQQm5pK0qvvdBelX/iaYoyrQKKcz362iig
R0uvue6xQszIft/+/TkqXMBzunRYTa37tH7Ug2UCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQo0jHWxrpR8KbtOsxKiMU68VVTtzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L0tOSXgxc2E2VWZDbTdUck1Tb2pGT3ZGVlU3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAMJXSwMEAsJXVAMEAMOFEgMEAMOF
IwMEAMOFJgMEAMOFKAMEANTA8QMEANTBHjANBgkqhkiG9w0BAQsFAAOCAQEAhtXB
bR0SmRMwTw4/Y4WOoKZzwGZbaExDGhSD2ks3PMcvsmOA/drD7pVqpvpTDz7Tv3dF
aQakHrqLKDOMynOn0omtqPx5NubMcPsB8EzQXl1ozhajGxNIbyc9Ylinn2TuRtwN
cFkLZV43JdG9LQiD69BU5VCBvW3ih0B/h6qMUcnH+T9RZmGerwThAkivonF/T5wl
2ZW3BUFOa9SCAbtmCYw4lt11FlCnRhn/L2gPcZisl4wRKOvsBeTYweddhE9H2odI
RLGToeIpZ6uB9SQ5qUyZL2iDiIbsw3DBVTI5DUjnz3sEq+WqNt41IwDwv+/n8WoR
lYlWu6tS3CTxQWkFew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org