Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q5cc7pyHIl4zh7YEuNbc_ZwhRvY.roa
File: Q5cc7pyHIl4zh7YEuNbc_ZwhRvY.roa (raw, json)
Hash identifier: ISoZH2BFhxd47kTddrQ8t9ovRluDkon0xEcfC4sZ8TQ=
Subject key identifier: 43:97:1C:EE:9C:87:22:5E:33:87:B6:04:B8:D6:DC:FD:9C:21:46:F6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0FCEDFBD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q5cc7pyHIl4zh7YEuNbc_ZwhRvY.roa
Signing time: Fri 13 May 2022 07:55:03 +0000
ROA not before: Fri 13 May 2022 07:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 193.108.112.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.32.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
212.192.0.0/21 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.25.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265215933 (0xfcedfbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 13 07:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43971cee9c87225e3387b604b8d6dcfd9c2146f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2b:97:fa:bc:ab:bc:c9:19:2f:0c:ed:e2:ac:
c8:62:23:e2:99:73:c5:82:f7:2a:4e:a0:17:5c:83:
b2:b5:86:65:3f:d5:54:4c:f3:31:b2:90:3f:db:9e:
ba:e2:6b:7a:64:9e:d3:b5:57:19:39:d4:f6:15:68:
c5:a4:3e:14:8e:da:a3:ba:4b:46:aa:4c:46:09:74:
ea:97:de:96:37:97:af:86:14:ea:8a:f0:4f:ed:27:
e3:3b:77:5d:fe:62:4b:10:d4:71:30:12:db:5f:2e:
7d:74:86:75:2a:13:9d:56:1e:2e:b0:f6:7f:11:18:
f6:1e:6a:80:a3:92:1c:26:94:01:10:35:4a:ee:55:
b9:30:f9:16:8b:71:88:da:2d:c2:f0:3a:6f:80:a7:
58:b2:b5:d7:7c:c1:e7:f0:7c:0e:3d:2d:c2:12:60:
62:3e:a1:84:01:df:ed:3b:68:89:94:fd:93:51:f4:
50:61:dd:fd:33:80:30:45:8d:a9:7b:7f:77:74:3c:
56:72:c0:f5:3c:59:d8:ad:03:5e:db:bc:fb:57:09:
6e:00:e6:e6:b8:09:64:f0:b6:41:1f:20:31:ae:fd:
c2:73:f8:9a:f6:5b:b1:04:ce:df:44:3e:21:eb:08:
a8:a8:7d:92:e3:07:c7:25:9b:57:d0:8a:78:da:68:
9e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:97:1C:EE:9C:87:22:5E:33:87:B6:04:B8:D6:DC:FD:9C:21:46:F6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q5cc7pyHIl4zh7YEuNbc_ZwhRvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.36.0/22
194.87.118.0/23
194.135.32.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.0.0/21
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
35:85:e2:f1:7f:d1:4b:eb:f6:ff:66:29:78:bd:fa:e9:2b:b0:
3c:3f:6a:ec:11:24:97:c0:9b:e5:33:86:b7:ca:43:b8:74:3f:
d4:6b:d2:d0:14:29:23:67:d0:57:3e:07:f3:c2:95:9f:ae:7c:
55:35:1b:7a:fd:da:20:8a:76:5a:2c:e5:9b:34:ad:98:bd:2c:
46:f5:f5:aa:45:06:f7:51:5f:28:ab:3e:33:e6:9c:77:c5:d2:
8d:e9:d7:57:17:7c:ac:2f:86:3c:1d:37:01:3a:99:18:e1:d3:
4e:08:d9:c4:45:a3:62:69:82:ad:a5:98:26:7b:9f:b5:f7:d1:
17:ae:01:64:ce:ee:17:bf:a9:ed:39:4c:40:4a:84:cd:24:ea:
6f:2c:47:08:18:3e:da:c9:3b:e1:c4:8f:8b:98:3d:c5:f6:0a:
d1:dc:81:e8:bd:10:40:8b:fa:94:ce:c6:b1:3c:f2:33:f8:8a:
1b:bd:34:7e:ae:16:9a:0b:a2:ef:b2:90:0f:1b:87:e1:87:db:
29:2b:1d:cc:c1:dc:08:8d:4a:34:b2:4a:19:33:cc:68:75:69:
b6:03:9c:74:83:73:fa:c1:ce:cc:fe:1f:39:1f:79:e6:01:5d:
ee:24:56:93:49:60:68:0a:1e:0b:be:65:d1:f6:ba:dd:d9:c3:
4d:c2:3a:dd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIED87fvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDUx
MzA3NTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM5NzFjZWU5Yzg3
MjI1ZTMzODdiNjA0YjhkNmRjZmQ5YzIxNDZmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUrl/q8q7zJGS8M7eKsyGIj4plzxYL3Kk6gF1yDsrWGZT/V
VEzzMbKQP9ueuuJremSe07VXGTnU9hVoxaQ+FI7ao7pLRqpMRgl06pfeljeXr4YU
6orwT+0n4zt3Xf5iSxDUcTAS218ufXSGdSoTnVYeLrD2fxEY9h5qgKOSHCaUARA1
Su5VuTD5FotxiNotwvA6b4CnWLK113zB5/B8Dj0twhJgYj6hhAHf7TtoiZT9k1H0
UGHd/TOAMEWNqXt/d3Q8VnLA9TxZ2K0DXtu8+1cJbgDm5rgJZPC2QR8gMa79wnP4
mvZbsQTO30Q+IesIqKh9kuMHxyWbV9CKeNponqkCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBRDlxzunIciXjOHtgS41tz9nCFG9jAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L1E1Y2M3cHlISWw0emg3WUV1TmJjX1p3aFJ2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEAMFscAMEAsJXJAMEAcJXdgMEAMKH
IDAMAwQAw4UZAwQCw4UYAwQAw4U3AwQAw4U7AwQD1MAAAwQA1MECMA0GCSqGSIb3
DQEBCwUAA4IBAQA1heLxf9FL6/b/Zil4vfrpK7A8P2rsESSXwJvlM4a3ykO4dD/U
a9LQFCkjZ9BXPgfzwpWfrnxVNRt6/doginZaLOWbNK2YvSxG9fWqRQb3UV8oqz4z
5px3xdKN6ddXF3ysL4Y8HTcBOpkY4dNOCNnERaNiaYKtpZgme5+199EXrgFkzu4X
v6ntOUxASoTNJOpvLEcIGD7ayTvhxI+LmD3F9grR3IHovRBAi/qUzsaxPPIz+Iob
vTR+rhaaC6LvspAPG4fhh9spKx3MwdwIjUo0skoZM8xodWm2A5x0g3P6wc7M/h85
H3nmAV3uJFaTSWBoCh4LvmXR9rrd2cNNwjrd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org