Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OIge6T-EjqwNyE-RBbP9PwMwrlg.roa
File: OIge6T-EjqwNyE-RBbP9PwMwrlg.roa (raw, json)
Hash identifier: u95pSVK04KRa9Nob87g/COE0YX0YnnUGcY3oma3qwpU=
Subject key identifier: 38:88:1E:E9:3F:84:8E:AC:0D:C8:4F:91:05:B3:FD:3F:03:30:AE:58
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0EF96328
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OIge6T-EjqwNyE-RBbP9PwMwrlg.roa
Signing time: Thu 03 Mar 2022 12:16:44 +0000
ROA not before: Thu 03 Mar 2022 12:16:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 194.87.216.0/24 maxlen: 24
194.87.218.0/24 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
212.192.0.0/21 maxlen: 21
195.133.21.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.25.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 251224872 (0xef96328)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 3 12:16:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38881ee93f848eac0dc84f9105b3fd3f0330ae58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0b:1e:e8:3a:eb:fe:7f:cc:23:6b:7a:89:5b:
9c:9d:4a:1a:c3:8c:99:71:da:a7:8f:08:89:f6:cc:
9d:d3:15:21:c0:09:6c:ea:db:b5:ac:cf:85:a6:d4:
98:84:7e:f8:43:1f:79:71:7c:86:12:b8:f1:79:a1:
9b:a1:6b:cb:cf:00:4d:dd:35:83:21:21:81:e8:5d:
d7:fe:7b:b8:13:06:35:28:ae:67:f2:db:ee:ad:56:
db:c5:aa:8f:7d:e7:95:71:68:d4:3f:e2:3a:c0:2c:
a0:27:83:f3:06:93:e3:db:50:1e:85:3b:28:9f:17:
34:24:98:78:04:e6:a5:34:e8:55:d6:9e:84:ff:ae:
c1:36:47:17:5a:c2:0b:fe:89:a2:21:59:9a:e0:03:
97:e1:e9:1d:cd:5d:34:fe:4b:3a:de:8f:d8:b5:88:
21:a8:02:c0:4b:5d:70:ea:84:2f:2a:28:99:87:65:
f3:92:28:82:c2:0a:40:57:43:80:66:d5:f8:c2:13:
03:6f:76:0f:92:c3:b6:60:e9:a9:4c:66:a3:86:ad:
70:2a:68:09:4c:40:7c:c0:85:44:1c:96:81:f2:45:
c3:42:50:8b:cc:5c:8f:a8:f9:03:29:1a:10:0e:0f:
8a:e4:18:9c:8e:a8:0d:a2:7a:0e:6e:2d:de:03:96:
07:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:88:1E:E9:3F:84:8E:AC:0D:C8:4F:91:05:B3:FD:3F:03:30:AE:58
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OIge6T-EjqwNyE-RBbP9PwMwrlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.22.0/24
194.87.31.0/24
194.87.36.0/22
194.87.216.0/24
194.87.218.0/24
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.0.0/21
212.192.14.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
91:16:ca:2b:0b:0a:6e:a3:f1:bd:e1:28:36:6e:f3:b3:b0:ab:
4f:f7:05:12:d5:5c:c9:a7:c1:d9:a0:14:58:59:de:49:74:36:
44:15:76:af:27:98:a4:74:bf:1d:4c:4f:03:91:fc:f1:f2:d2:
2b:e6:a1:8d:72:65:c2:8e:82:24:30:46:37:9a:44:d5:f9:82:
df:98:e3:70:1e:1e:d9:aa:ca:88:0a:22:11:e6:df:38:f9:77:
12:b8:a1:71:e4:69:a1:e5:5d:32:00:5a:31:5a:2d:3c:a4:f2:
f3:e6:bb:81:74:14:8d:0d:10:97:91:f9:53:b8:cd:87:95:2c:
13:d4:67:26:aa:20:14:23:93:6a:cf:d4:56:f7:f7:86:94:d1:
a1:13:bb:f5:de:70:19:a8:ab:98:2e:1c:e3:04:18:d1:c9:0e:
01:a7:00:bb:4b:c4:a3:b2:c3:91:a1:00:fb:a0:ab:ae:8e:0c:
ba:3d:e1:5a:e2:16:92:38:14:ee:29:99:07:e6:39:1a:55:9a:
ad:cd:76:3d:2b:d8:f6:cd:61:5b:4b:ee:33:38:c1:f8:4b:c6:
41:d4:81:1a:90:f3:04:eb:1b:2c:22:4c:07:3f:07:72:b8:52:
0b:b2:f6:b4:8d:45:b2:84:3c:ca:dc:32:65:c3:e2:26:e6:b7:
75:7f:72:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIEDvljKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDMw
MzEyMTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg4ODFlZTkzZjg0
OGVhYzBkYzg0ZjkxMDViM2ZkM2YwMzMwYWU1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0LHug66/5/zCNreolbnJ1KGsOMmXHap48IifbMndMVIcAJ
bOrbtazPhabUmIR++EMfeXF8hhK48Xmhm6Fry88ATd01gyEhgehd1/57uBMGNSiu
Z/Lb7q1W28Wqj33nlXFo1D/iOsAsoCeD8waT49tQHoU7KJ8XNCSYeATmpTToVdae
hP+uwTZHF1rCC/6JoiFZmuADl+HpHc1dNP5LOt6P2LWIIagCwEtdcOqELyoomYdl
85IogsIKQFdDgGbV+MITA292D5LDtmDpqUxmo4atcCpoCUxAfMCFRByWgfJFw0JQ
i8xcj6j5AykaEA4PiuQYnI6oDaJ6Dm4t3gOWB3cCAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBQ4iB7pP4SOrA3IT5EFs/0/AzCuWDAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L09JZ2U2VC1FanF3TnlFLVJCYlA5UHdNd3JsZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBADBbHADBADCVxYDBADCVx8DBALC
VyQDBADCV9gDBADCV9oDBADCV+EDBADChyADBADChyYDBADCh2gDBADDhQkDBADD
hRUwDAMEAMOFGQMEAsOFGAMEAMOFNwMEAMOFOwMEA9TAAAMEANTADgMEANTBAjAN
BgkqhkiG9w0BAQsFAAOCAQEAkRbKKwsKbqPxveEoNm7zs7CrT/cFEtVcyafB2aAU
WFneSXQ2RBV2ryeYpHS/HUxPA5H88fLSK+ahjXJlwo6CJDBGN5pE1fmC35jjcB4e
2arKiAoiEebfOPl3ErihceRpoeVdMgBaMVotPKTy8+a7gXQUjQ0Ql5H5U7jNh5Us
E9RnJqogFCOTas/UVvf3hpTRoRO79d5wGairmC4c4wQY0ckOAacAu0vEo7LDkaEA
+6Crro4Muj3hWuIWkjgU7imZB+Y5GlWarc12PSvY9s1hW0vuMzjB+EvGQdSBGpDz
BOsbLCJMBz8HcrhSC7L2tI1FsoQ8ytwyZcPiJua3dX9yfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org