Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L0hgjy5w_HrQ-Hlnkju5Tt0Wz3w.roa
File: L0hgjy5w_HrQ-Hlnkju5Tt0Wz3w.roa (raw, json)
Hash identifier: uUVweb5hdPKfcxVgHoAlVHJAM7IY46+T12ZCwRc368Q=
Subject key identifier: 2F:48:60:8F:2E:70:FC:7A:D0:F8:79:67:92:3B:B9:4E:DD:16:CF:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01843365F4BCD10CD013EE0C6FE9B6E73945
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L0hgjy5w_HrQ-Hlnkju5Tt0Wz3w.roa
Signing time: Tue 01 Nov 2022 13:33:50 +0000
ROA not before: Tue 01 Nov 2022 13:33:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:65:f4:bc:d1:0c:d0:13:ee:0c:6f:e9:b6:e7:39:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 13:33:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f48608f2e70fc7ad0f87967923bb94edd16cf7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:65:ef:f8:39:52:d4:00:7f:ff:d8:ec:86:d4:
b8:a2:64:64:7a:4b:e5:42:b2:13:c5:fa:75:66:46:
a2:0f:6a:e0:66:80:50:c4:59:24:ce:da:6b:25:8c:
68:97:3b:29:db:e5:85:28:3b:4b:5d:d3:e8:8a:5d:
17:ce:8a:ea:3c:f1:e4:d9:f6:a4:ff:0c:6c:5c:ce:
97:d3:a2:c9:00:82:63:5c:5b:c6:8b:e7:e8:64:0d:
e7:21:c5:49:94:b2:a7:09:3f:22:8e:bf:eb:67:d7:
b5:97:0b:be:78:9a:4f:77:ec:41:ca:a2:16:9b:91:
99:e7:db:0c:a8:bd:38:19:45:71:dd:e5:02:60:2f:
14:0c:cc:c9:c2:74:31:7b:54:21:14:77:cb:7c:35:
ce:3e:f2:3a:d3:aa:15:b3:c7:b5:9f:07:36:0b:8f:
8a:a0:b2:9a:1f:0d:9a:d6:5e:61:99:ef:97:ac:25:
94:a1:37:28:d1:25:6a:b9:9d:83:fb:ac:78:23:fe:
c1:8a:39:87:35:bf:0e:c7:4f:7f:2a:0e:7b:3e:c7:
6f:6f:79:e9:3e:9b:39:cd:91:92:68:e2:8a:5f:07:
b0:53:ec:2c:4c:c7:95:69:fe:07:ef:16:92:77:cf:
ef:70:d9:f5:16:1b:18:63:71:74:e9:4a:90:5b:9c:
bb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:48:60:8F:2E:70:FC:7A:D0:F8:79:67:92:3B:B9:4E:DD:16:CF:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L0hgjy5w_HrQ-Hlnkju5Tt0Wz3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.16.0/24
193.124.47.0/24
193.124.125.0/24
194.58.45.0/24
194.87.37.0/24
194.87.162.0/24
194.87.207.0/24
195.58.63.0/24
195.133.73.0/24
212.192.209.0/24
Signature Algorithm: sha256WithRSAEncryption
10:bb:32:cc:f8:0d:f5:ba:ce:d2:13:00:b6:ba:83:0f:5d:d5:
11:f2:7c:8c:e8:4f:79:25:c8:6d:70:1e:21:1b:be:c9:68:6c:
68:d1:54:cc:fa:4f:b4:1b:dd:03:69:a4:5e:98:0b:b8:4f:47:
7b:e2:35:e1:aa:9c:c9:60:e4:2d:30:a5:b1:77:9b:53:49:14:
60:77:36:e2:dd:0b:5f:1e:ca:b3:63:0d:5c:4d:17:36:fe:b6:
56:ed:0e:d9:0a:6e:9d:88:a9:9b:92:96:44:cd:a0:17:51:99:
52:c9:aa:d5:8e:b1:53:79:b7:8e:e9:26:fb:5f:44:9c:1e:e4:
e9:da:6e:5e:c1:8f:1f:ef:6d:c1:66:08:c9:6e:0d:62:6c:81:
1d:94:f5:67:ec:fd:19:20:6a:e1:6f:08:62:a3:af:e2:e3:a2:
c5:1a:e2:7b:8b:88:5b:97:bf:27:a5:cb:10:06:c1:16:96:51:
c5:4d:a1:ce:0f:5f:71:6c:b4:f2:89:59:11:4a:77:46:ce:56:
d4:e4:91:66:c3:54:4a:fb:52:38:e7:74:4c:49:91:e3:91:07:
4e:79:81:3c:67:a6:92:53:01:8e:44:91:84:6a:4e:ae:43:01:
76:35:85:9a:7c:be:55:70:d8:11:08:16:bf:93:59:2f:32:ec:
08:4e:90:dc
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYQzZfS80QzQE+4Mb+m25zlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAxMTMzMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjQ4NjA4ZjJlNzBmYzdhZDBmODc5Njc5MjNiYjk0ZWRkMTZjZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmXv+DlS1AB//9jshtS4omRkekvl
QrITxfp1ZkaiD2rgZoBQxFkkztprJYxolzsp2+WFKDtLXdPoil0XzorqPPHk2fak
/wxsXM6X06LJAIJjXFvGi+foZA3nIcVJlLKnCT8ijr/rZ9e1lwu+eJpPd+xByqIW
m5GZ59sMqL04GUVx3eUCYC8UDMzJwnQxe1QhFHfLfDXOPvI606oVs8e1nwc2C4+K
oLKaHw2a1l5hme+XrCWUoTco0SVquZ2D+6x4I/7BijmHNb8Ox09/Kg57Psdvb3np
Pps5zZGSaOKKXwewU+wsTMeVaf4H7xaSd8/vcNn1FhsYY3F06UqQW5y7EwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFC9IYI8ucPx60Ph5Z5I7uU7dFs98MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTDBoZ2p5NXdfSHJRLUhsbmtqdTVUdDBXejN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXwEAwQA
wXwQAwQAwXwvAwQAwXx9AwQAwjotAwQAwlclAwQAwleiAwQAwlfPAwQAwzo/AwQA
w4VJAwQA1MDRMA0GCSqGSIb3DQEBCwUAA4IBAQAQuzLM+A31us7SEwC2uoMPXdUR
8nyM6E95JchtcB4hG77JaGxo0VTM+k+0G90DaaRemAu4T0d74jXhqpzJYOQtMKWx
d5tTSRRgdzbi3QtfHsqzYw1cTRc2/rZW7Q7ZCm6diKmbkpZEzaAXUZlSyarVjrFT
ebeO6Sb7X0ScHuTp2m5ewY8f723BZgjJbg1ibIEdlPVn7P0ZIGrhbwhio6/i46LF
GuJ7i4hbl78npcsQBsEWllHFTaHOD19xbLTyiVkRSndGzlbU5JFmw1RK+1I453RM
SZHjkQdOeYE8Z6aSUwGORJGEak6uQwF2NYWafL5VcNgRCBa/k1kvMuwITpDc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org