Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nqmiwp3zV07Bx8OteY8VAzmU1nI.roa
File: Nqmiwp3zV07Bx8OteY8VAzmU1nI.roa (raw, json)
Hash identifier: n7WzyTQJfINe/U7ZOg8lFhTegfiZn+EnssZL4ZRDlB4=
Subject key identifier: 36:A9:A2:C2:9D:F3:57:4E:C1:C7:C3:AD:79:8F:15:03:39:94:D6:72
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0FB3E7A1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nqmiwp3zV07Bx8OteY8VAzmU1nI.roa
Signing time: Wed 11 May 2022 11:55:03 +0000
ROA not before: Wed 11 May 2022 11:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 212.193.30.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 263448481 (0xfb3e7a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 11 11:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36a9a2c29df3574ec1c7c3ad798f15033994d672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f6:3f:e0:ac:0a:01:2f:ef:0c:a6:12:eb:be:
0b:37:89:03:8b:14:16:89:a9:b8:74:12:6a:91:6d:
cc:18:bc:14:6e:29:c7:4a:eb:57:4d:3b:3d:dd:a2:
6d:aa:ad:5b:ee:03:93:55:4d:da:27:f7:ea:64:b0:
13:61:6b:8d:34:29:a0:42:1e:6d:d0:37:a0:e3:c2:
56:58:17:89:57:24:c4:74:51:aa:3e:4e:68:b9:f2:
ae:1d:50:5d:a2:e9:04:42:d2:f5:f4:28:4a:ab:64:
0b:85:9b:c8:90:e2:0a:2b:88:12:21:1e:c6:b9:b3:
ec:0b:03:84:cd:e3:d5:7a:0a:4a:d3:f8:f0:78:b4:
b8:af:07:a0:7f:ac:ff:7c:ef:aa:f8:5f:a4:71:56:
a3:56:a0:3f:2c:6a:aa:d2:51:78:90:2e:fd:e3:4f:
59:49:6f:eb:ee:9e:ca:a8:99:0b:0a:91:15:5e:a1:
0d:57:a9:f5:79:05:d5:e1:ff:48:22:22:67:ee:33:
de:b5:ce:61:ae:f3:14:33:08:58:c5:34:3c:e1:61:
50:fd:06:97:8e:1b:46:6c:e3:a0:b5:1c:6a:a7:e8:
78:8a:6b:8e:8d:45:fe:32:09:4b:8d:84:b4:41:3d:
cf:e3:2d:cf:0a:d8:04:81:35:95:8c:99:1d:49:20:
4e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A9:A2:C2:9D:F3:57:4E:C1:C7:C3:AD:79:8F:15:03:39:94:D6:72
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nqmiwp3zV07Bx8OteY8VAzmU1nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.75.0/24
194.87.84.0/22
195.133.18.0/24
195.133.35.0/24
195.133.38.0/24
195.133.40.0/24
212.192.8.0/23
212.192.241.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
68:63:e0:7d:5b:09:3b:3e:6b:28:0e:d8:97:d6:a8:9f:95:fe:
d4:11:d7:d5:51:cc:f6:6a:55:7f:3b:16:cb:fc:09:01:7e:61:
10:3d:99:19:b8:42:dd:7a:80:1a:d0:74:72:a7:ee:ee:9e:86:
ad:b1:cd:35:7e:54:7b:18:9f:ad:ca:48:52:19:ab:a8:81:aa:
39:44:68:f7:b6:a4:6b:ce:f4:aa:93:fa:54:be:cb:b8:c9:c3:
3e:43:8f:16:2b:d9:21:2d:56:6e:b8:ad:67:3d:1b:8c:a7:7d:
f9:0a:2d:36:8b:8e:a8:e3:d9:8a:12:6e:1d:b2:13:49:8f:73:
71:5d:85:47:a3:00:ec:b0:d3:36:5f:fd:59:0a:ac:87:f3:52:
01:26:6c:1d:97:4f:c6:33:fd:53:49:b8:82:9e:28:19:a4:66:
8e:30:1a:0f:73:61:45:b4:9d:ff:a3:0e:ae:98:7b:99:3e:9d:
fd:bf:e3:44:34:6c:65:34:08:d7:d7:33:e2:97:61:f0:6e:28:
72:72:e3:b7:d8:19:c1:7c:c1:61:60:79:8b:5c:90:d8:9a:77:
68:42:71:82:08:85:4a:a2:9f:ca:34:da:17:89:68:6d:fc:0e:
4d:6f:63:92:79:56:b1:e6:d3:63:a8:17:ff:ff:3d:56:cc:71:
9e:f7:33:07
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIED7PnoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDUx
MTExNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZhOWEyYzI5ZGYz
NTc0ZWMxYzdjM2FkNzk4ZjE1MDMzOTk0ZDY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALX2P+CsCgEv7wymEuu+CzeJA4sUFompuHQSapFtzBi8FG4p
x0rrV007Pd2ibaqtW+4Dk1VN2if36mSwE2FrjTQpoEIebdA3oOPCVlgXiVckxHRR
qj5OaLnyrh1QXaLpBELS9fQoSqtkC4WbyJDiCiuIEiEexrmz7AsDhM3j1XoKStP4
8Hi0uK8HoH+s/3zvqvhfpHFWo1agPyxqqtJReJAu/eNPWUlv6+6eyqiZCwqRFV6h
DVep9XkF1eH/SCIiZ+4z3rXOYa7zFDMIWMU0POFhUP0Gl44bRmzjoLUcaqfoeIpr
jo1F/jIJS42EtEE9z+MtzwrYBIE1lYyZHUkgTlMCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQ2qaLCnfNXTsHHw615jxUDOZTWcjAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L05xbWl3cDN6VjA3Qng4T3RlWThWQXptVTFuSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAMJXSwMEAsJXVAMEAMOFEgMEAMOF
IwMEAMOFJgMEAMOFKAMEAdTACAMEANTA8QMEANTBHjANBgkqhkiG9w0BAQsFAAOC
AQEAaGPgfVsJOz5rKA7Yl9aon5X+1BHX1VHM9mpVfzsWy/wJAX5hED2ZGbhC3XqA
GtB0cqfu7p6GrbHNNX5UexifrcpIUhmrqIGqOURo97aka870qpP6VL7LuMnDPkOP
FivZIS1WbritZz0bjKd9+QotNouOqOPZihJuHbITSY9zcV2FR6MA7LDTNl/9WQqs
h/NSASZsHZdPxjP9U0m4gp4oGaRmjjAaD3NhRbSd/6MOrph7mT6d/b/jRDRsZTQI
19cz4pdh8G4ocnLjt9gZwXzBYWB5i1yQ2Jp3aEJxggiFSqKfyjTaF4lobfwOTW9j
knlWsebTY6gX//89VsxxnvczBw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org