Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OiHcQWlRfWd5X2doojftjmObjB8.roa
File: OiHcQWlRfWd5X2doojftjmObjB8.roa (raw, json)
Hash identifier: ZjEsZR4dk0dH9vZZKy+k9kGMEYMoO4ju5BiVpByOYcs=
Subject key identifier: 3A:21:DC:41:69:51:7D:67:79:5F:67:68:A2:37:ED:8E:63:9B:8C:1F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E1298E9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OiHcQWlRfWd5X2doojftjmObjB8.roa
Signing time: Sat 01 Jan 2022 01:58:12 +0000
ROA not before: Sat 01 Jan 2022 01:58:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24961
IP address blocks: 194.87.138.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236099817 (0xe1298e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a21dc4169517d67795f6768a237ed8e639b8c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:28:e2:8c:4f:f3:6a:20:ab:b4:7e:d0:85:
ec:a1:91:08:c3:ce:4a:5c:8b:3e:a2:92:b4:48:86:
b7:a8:70:41:83:27:99:5e:b3:9f:2d:4f:9b:c3:b9:
fa:3f:3e:ce:a1:f9:bc:cd:be:29:9e:90:79:ca:68:
02:ea:3f:e5:2c:81:99:02:12:c6:86:16:b6:19:2c:
20:4b:aa:f5:cc:3e:0d:f4:62:a6:c5:9a:09:c3:4d:
89:32:80:92:3e:3f:73:0d:83:0f:e8:c6:5b:8c:68:
84:c0:3d:b9:c4:bf:3a:da:b0:50:b1:45:36:20:9a:
60:39:50:ee:fb:ba:48:30:68:bf:aa:e1:8f:ab:a4:
95:74:81:88:d8:b5:1f:02:db:1e:e0:44:20:61:00:
95:4a:0a:9b:de:35:42:69:77:78:92:a6:26:18:8c:
90:be:cb:c1:0e:6a:7f:a8:be:6b:25:ee:47:1c:02:
10:77:f6:94:e8:5f:3a:f7:62:4d:bc:c7:11:08:76:
3d:4c:5b:c3:32:4a:67:51:50:b8:75:77:48:66:59:
c4:aa:da:c8:80:7d:fb:68:ab:87:2d:f0:4b:96:69:
65:73:b1:b6:ba:ca:b9:ca:a4:25:e9:12:5b:d3:f8:
75:05:48:02:83:b9:36:ac:2d:9d:9e:d4:70:f3:53:
97:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:21:DC:41:69:51:7D:67:79:5F:67:68:A2:37:ED:8E:63:9B:8C:1F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OiHcQWlRfWd5X2doojftjmObjB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.138.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:d7:cf:4b:dc:b0:5d:d5:02:6b:48:9c:fe:de:a9:89:34:3d:
79:2c:ec:7d:15:37:f7:fc:9a:54:56:a1:1f:f7:67:f7:90:78:
e8:20:f6:37:38:e0:7b:d3:98:43:db:fc:82:0c:00:ee:26:6d:
65:8c:c5:c4:a4:f2:b2:2d:d2:1a:96:57:24:8f:f1:41:7d:21:
8b:60:4e:59:a1:49:5a:e7:e8:6b:a0:83:8f:7f:2f:41:6f:5b:
e2:f6:7f:c4:ad:d1:34:10:04:61:41:33:93:7e:1c:f1:2d:60:
87:d7:b3:a5:08:a4:4c:45:53:bc:da:10:50:50:e5:bf:f2:6e:
7d:5a:ed:e7:7a:a1:a4:82:5b:67:21:b7:8e:b0:ec:0f:f4:73:
64:b8:aa:2c:59:c8:29:48:c2:b6:0e:28:82:f4:e4:c3:db:ac:
cc:9d:08:3e:76:49:59:90:68:a1:bb:d8:3e:e5:a1:a8:1c:a6:
fa:3f:9e:07:1b:aa:d8:fe:30:52:71:58:af:8a:a4:e0:47:60:
03:e0:bd:bc:20:7e:96:62:27:19:96:11:d4:74:e6:0f:ae:d2:
90:5b:77:43:52:fd:ce:aa:33:ad:9c:8a:e4:1d:05:52:96:3a:
e1:7f:89:1b:6d:93:74:33:ef:0b:1f:57:97:91:cd:e2:a6:18:
1d:14:ee:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDhKY6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EyMWRjNDE2OTUx
N2Q2Nzc5NWY2NzY4YTIzN2VkOGU2MzliOGMxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaYKOKMT/NqIKu0ftCF7KGRCMPOSlyLPqKStEiGt6hwQYMn
mV6zny1Pm8O5+j8+zqH5vM2+KZ6QecpoAuo/5SyBmQISxoYWthksIEuq9cw+DfRi
psWaCcNNiTKAkj4/cw2DD+jGW4xohMA9ucS/OtqwULFFNiCaYDlQ7vu6SDBov6rh
j6uklXSBiNi1HwLbHuBEIGEAlUoKm941Qml3eJKmJhiMkL7LwQ5qf6i+ayXuRxwC
EHf2lOhfOvdiTbzHEQh2PUxbwzJKZ1FQuHV3SGZZxKrayIB9+2irhy3wS5ZpZXOx
trrKucqkJekSW9P4dQVIAoO5NqwtnZ7UcPNTl0sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6IdxBaVF9Z3lfZ2iiN+2OY5uMHzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L09pSGNRV2xSZldkNVgyZG9vamZ0am1PYmpCOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcJXijANBgkqhkiG9w0BAQsFAAOC
AQEAa9fPS9ywXdUCa0ic/t6piTQ9eSzsfRU39/yaVFahH/dn95B46CD2Nzjge9OY
Q9v8ggwA7iZtZYzFxKTysi3SGpZXJI/xQX0hi2BOWaFJWufoa6CDj38vQW9b4vZ/
xK3RNBAEYUEzk34c8S1gh9ezpQikTEVTvNoQUFDlv/JufVrt53qhpIJbZyG3jrDs
D/RzZLiqLFnIKUjCtg4ogvTkw9uszJ0IPnZJWZBoobvYPuWhqBym+j+eBxuq2P4w
UnFYr4qk4EdgA+C9vCB+lmInGZYR1HTmD67SkFt3Q1L9zqozrZyK5B0FUpY64X+J
G22TdDPvCx9Xl5HN4qYYHRTuqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:02 2023 by rpki-client on console-fra.rpki-client.org