Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrOhbSMtdzf-BxWh0XNSN2PGA8k.roa
File: MrOhbSMtdzf-BxWh0XNSN2PGA8k.roa (raw, json)
Hash identifier: Dkc9KZbV65y/DYdoIBcrcAA4b4Fq1IZXBZYpz991548=
Subject key identifier: 32:B3:A1:6D:23:2D:77:37:FE:07:15:A1:D1:73:52:37:63:C6:03:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840FE7FC25C80D723EFD732785DCE6E599
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrOhbSMtdzf-BxWh0XNSN2PGA8k.roa
Signing time: Tue 25 Oct 2022 16:09:32 +0000
ROA not before: Tue 25 Oct 2022 16:09:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 195.133.86.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:e7:fc:25:c8:0d:72:3e:fd:73:27:85:dc:e6:e5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 16:09:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32b3a16d232d7737fe0715a1d173523763c603c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:50:4d:cf:eb:2e:00:8d:ca:6f:2a:2a:bd:46:
89:1b:8d:36:72:06:a2:c5:3b:a8:9e:c9:89:57:08:
79:61:37:71:07:bd:c1:c3:4f:f4:39:5b:97:4f:f9:
87:3f:9a:3b:65:13:48:02:bb:c6:24:e5:d4:c2:e5:
2f:fb:08:a3:e8:04:7a:28:6a:7f:45:e2:f8:47:14:
0d:c5:ce:e0:72:ae:e2:d0:6c:0f:37:62:9b:cb:8d:
76:81:96:88:c1:44:5c:86:91:2e:95:8d:d8:de:85:
25:4b:b1:94:89:98:70:1d:66:d9:4e:f2:8f:43:2e:
22:ec:64:f2:35:89:de:69:72:9d:c0:1a:c7:0d:1e:
ae:69:fd:93:4e:02:3c:61:f7:80:d2:f7:d8:2e:1c:
23:80:0f:f9:ca:1d:54:35:a9:84:6a:e3:35:28:56:
97:d2:c5:a2:dd:d8:c7:37:d7:ee:e8:5b:79:b1:ef:
3a:77:c0:7f:e6:5c:7a:78:6d:80:42:94:14:af:2a:
7f:ce:97:bf:66:e8:43:25:d9:91:bd:96:0c:57:ee:
8c:92:62:a7:09:ad:26:0c:12:61:27:e0:2f:2d:d3:
8d:f4:eb:26:a1:0e:75:51:bf:96:55:d8:3f:12:04:
50:4a:61:e7:35:f6:55:f0:d6:07:29:3a:d0:af:0a:
6d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B3:A1:6D:23:2D:77:37:FE:07:15:A1:D1:73:52:37:63:C6:03:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrOhbSMtdzf-BxWh0XNSN2PGA8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.73.0/24
194.87.130.0/23
194.87.168.0/24
195.58.35.0/24
195.133.0.0/24
195.133.86.0/24
212.192.31.0/24
212.193.1.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
40:10:75:bd:5c:5d:94:21:4c:3a:f7:fc:8d:bb:c1:2d:44:9e:
72:be:ae:b7:63:b6:87:e9:36:b0:fe:f5:d6:37:8b:dd:c5:7b:
7e:2b:cf:4f:a8:59:5a:b5:74:b7:22:42:8c:74:a5:93:13:3e:
0e:de:6a:3b:91:ee:b7:98:81:36:28:e8:5d:67:c1:3d:9f:9c:
4f:be:65:1e:26:15:f6:c9:fb:7b:a8:88:0a:20:7e:e3:cd:cb:
e2:b8:93:ae:25:c0:7d:40:15:f3:15:33:e7:bf:21:e7:74:db:
3f:49:56:ea:1b:94:1a:a2:6c:d9:96:8c:5c:ca:56:7d:bb:0d:
16:8e:c9:28:65:26:e5:7a:4b:ca:5e:5e:41:07:7a:10:9e:b6:
ac:e6:45:d2:f5:53:77:0e:e9:a6:b8:fc:75:78:6d:6a:b3:e9:
bb:35:88:33:e0:af:82:10:5f:ee:a8:29:f2:eb:37:32:d8:79:
f6:5b:79:59:8a:67:f5:7b:fc:2e:34:6e:53:e2:13:d7:18:20:
0c:73:15:0b:d9:bf:6f:3f:39:52:c4:3f:e6:0c:2a:df:fa:0f:
49:a9:c8:bf:eb:12:84:9f:d9:64:f8:9c:f3:c9:0a:03:b1:fd:
4b:84:d5:8b:20:06:f9:f2:82:d3:a1:5a:0b:89:85:fa:9c:1c:
5d:80:4a:14
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQP5/wlyA1yPv1zJ4Xc5uWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MTYwOTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmIzYTE2ZDIzMmQ3NzM3ZmUwNzE1YTFkMTczNTIzNzYzYzYwM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1BNz+suAI3KbyoqvUaJG402cgai
xTuonsmJVwh5YTdxB73Bw0/0OVuXT/mHP5o7ZRNIArvGJOXUwuUv+wij6AR6KGp/
ReL4RxQNxc7gcq7i0GwPN2Kby412gZaIwURchpEulY3Y3oUlS7GUiZhwHWbZTvKP
Qy4i7GTyNYneaXKdwBrHDR6uaf2TTgI8YfeA0vfYLhwjgA/5yh1UNamEauM1KFaX
0sWi3djHN9fu6Ft5se86d8B/5lx6eG2AQpQUryp/zpe/ZuhDJdmRvZYMV+6MkmKn
Ca0mDBJhJ+AvLdON9OsmoQ51Ub+WVdg/EgRQSmHnNfZV8NYHKTrQrwpt/wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDKzoW0jLXc3/gcVodFzUjdjxgPJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXJPaGJTTXRkemYtQnhXaDBYTlNOMlBHQThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwldJAwQB
wleCAwQAwleoAwQAwzojAwQAw4UAAwQAw4VWAwQA1MAfAwQA1MEBAwQA1MEDMA0G
CSqGSIb3DQEBCwUAA4IBAQBAEHW9XF2UIUw69/yNu8EtRJ5yvq63Y7aH6Taw/vXW
N4vdxXt+K89PqFlatXS3IkKMdKWTEz4O3mo7ke63mIE2KOhdZ8E9n5xPvmUeJhX2
yft7qIgKIH7jzcviuJOuJcB9QBXzFTPnvyHndNs/SVbqG5QaomzZloxcylZ9uw0W
jskoZSblekvKXl5BB3oQnras5kXS9VN3DummuPx1eG1qs+m7NYgz4K+CEF/uqCny
6zcy2Hn2W3lZimf1e/wuNG5T4hPXGCAMcxUL2b9vPzlSxD/mDCrf+g9Jqci/6xKE
n9lk+JzzyQoDsf1LhNWLIAb58oLToVoLiYX6nBxdgEoU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org