Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mv63ep9rDiUZ2X97w1UTGYX_Dp0.roa
File: Mv63ep9rDiUZ2X97w1UTGYX_Dp0.roa (raw, json)
Hash identifier: KiSxhdT+b+0IXjCDzErQIEIyVCLXoTa8LnrgWnkUjCI=
Subject key identifier: 32:FE:B7:7A:9F:6B:0E:25:19:D9:7F:7B:C3:55:13:19:85:FF:0E:9D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01822F9189458BF89E8290F7AE0C90493464
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mv63ep9rDiUZ2X97w1UTGYX_Dp0.roa
Signing time: Sun 24 Jul 2022 09:37:23 +0000
ROA not before: Sun 24 Jul 2022 09:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204721
IP address blocks: 212.192.220.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2f:91:89:45:8b:f8:9e:82:90:f7:ae:0c:90:49:34:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 24 09:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32feb77a9f6b0e2519d97f7bc355131985ff0e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:44:9f:c0:77:42:96:41:6e:d1:a6:f0:42:a1:
8e:f2:ef:23:2b:78:1f:e0:08:63:31:a0:32:ae:ec:
c5:ac:90:7f:19:3a:71:f8:0b:46:57:31:29:3d:c4:
7f:93:f9:f2:1f:ea:20:92:1b:1e:f9:6a:69:48:cf:
75:8a:46:b7:01:5b:b3:ea:86:10:97:c6:1f:9d:ee:
1b:07:47:38:7c:e2:0c:6c:dd:d4:39:1e:be:f8:a3:
02:b2:e4:47:84:e8:1b:94:1d:54:0c:61:db:b0:dc:
65:a2:97:45:7e:d5:a5:31:d4:23:c8:4a:c2:d3:17:
a2:99:c3:05:13:24:21:dc:8a:38:4f:63:0e:6c:2e:
aa:75:e2:23:92:e5:c2:a5:c8:82:50:d0:dc:1f:94:
86:44:de:d9:63:c1:50:ab:32:2b:98:1b:0f:a9:9a:
ab:4f:4a:b0:53:c8:15:d9:6a:57:ec:e7:4b:38:f2:
8f:c8:ef:f4:e0:7d:be:24:02:c9:61:8a:83:73:e4:
43:0d:ef:e1:e6:18:da:b9:2b:2b:4a:d1:49:65:82:
69:7f:c8:a2:41:03:64:ff:f7:aa:88:d9:d2:af:a9:
2e:dd:82:81:1a:fa:67:5a:35:52:53:06:e4:0f:e0:
b6:08:7d:32:37:57:41:a4:8c:92:76:09:6c:e3:d1:
ab:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:FE:B7:7A:9F:6B:0E:25:19:D9:7F:7B:C3:55:13:19:85:FF:0E:9D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mv63ep9rDiUZ2X97w1UTGYX_Dp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.75.0/24
212.192.220.0/24
Signature Algorithm: sha256WithRSAEncryption
97:7f:14:9e:df:df:4c:46:9b:17:ad:97:2e:2b:45:40:3f:19:
61:13:95:8d:27:58:6c:2e:33:f0:b9:8c:9e:7a:8f:c5:9d:9c:
55:bc:b2:98:1d:67:b9:93:f2:11:58:3f:71:b8:79:14:fb:b9:
ca:53:eb:30:70:c9:d6:6e:18:83:91:93:6a:de:08:ce:26:7e:
2d:42:51:32:61:f0:b2:8e:28:ab:54:ae:30:3a:45:5c:37:ab:
37:20:35:3c:41:1e:18:be:46:4e:f8:e9:b8:4b:d3:04:ed:e0:
0e:24:84:bc:97:b5:15:fc:f0:b6:84:f9:d2:d8:df:44:f8:f1:
09:d3:51:9a:e6:3f:9f:a3:90:33:05:84:ff:93:fa:48:57:c7:
7b:43:3c:ab:1d:64:1a:73:03:07:2c:be:5a:10:55:de:47:6a:
90:ff:9a:13:e5:ac:06:a1:3c:32:5e:8d:b6:10:c7:36:51:10:
97:ba:9d:10:c8:fa:e6:f8:11:fb:da:9f:5a:24:50:e4:d9:16:
8c:b4:5f:94:49:f7:29:56:18:e4:d7:d3:42:dc:80:f9:32:75:
ca:8f:97:f4:e2:ff:54:78:56:20:b9:67:29:f0:db:a3:a1:f4:
4f:1d:d0:32:93:d8:2f:6e:05:ac:3c:38:e3:ed:5d:d1:8d:42:
48:53:d6:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIvkYlFi/iegpD3rgyQSTRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzI0MDkzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmZlYjc3YTlmNmIwZTI1MTlkOTdmN2JjMzU1MTMxOTg1ZmYwZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkSfwHdClkFu0abwQqGO8u8jK3gf
4AhjMaAyruzFrJB/GTpx+AtGVzEpPcR/k/nyH+ogkhse+WppSM91ika3AVuz6oYQ
l8Yfne4bB0c4fOIMbN3UOR6++KMCsuRHhOgblB1UDGHbsNxlopdFftWlMdQjyErC
0xeimcMFEyQh3Io4T2MObC6qdeIjkuXCpciCUNDcH5SGRN7ZY8FQqzIrmBsPqZqr
T0qwU8gV2WpX7OdLOPKPyO/04H2+JALJYYqDc+RDDe/h5hjauSsrStFJZYJpf8ii
QQNk//eqiNnSr6ku3YKBGvpnWjVSUwbkD+C2CH0yN1dBpIySdgls49Gr1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDL+t3qfaw4lGdl/e8NVExmF/w6dMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXY2M2VwOXJEaVVaMlg5N3cxVVRHWVhfRHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldLAwQA
1MDcMA0GCSqGSIb3DQEBCwUAA4IBAQCXfxSe399MRpsXrZcuK0VAPxlhE5WNJ1hs
LjPwuYyeeo/FnZxVvLKYHWe5k/IRWD9xuHkU+7nKU+swcMnWbhiDkZNq3gjOJn4t
QlEyYfCyjiirVK4wOkVcN6s3IDU8QR4YvkZO+Om4S9ME7eAOJIS8l7UV/PC2hPnS
2N9E+PEJ01Ga5j+fo5AzBYT/k/pIV8d7QzyrHWQacwMHLL5aEFXeR2qQ/5oT5awG
oTwyXo22EMc2URCXup0QyPrm+BH72p9aJFDk2RaMtF+USfcpVhjk19NC3ID5MnXK
j5f04v9UeFYguWcp8NujofRPHdAyk9gvbgWsPDjj7V3RjUJIU9bo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org