Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RJxllDsa66Yvh6VbTNBbf3NmnfM.roa
File: RJxllDsa66Yvh6VbTNBbf3NmnfM.roa (raw, json)
Hash identifier: FDWNXIjzvZvI4rsXcxA8J1fAAoIuqdgOLbVV/QFDLsY=
Subject key identifier: 44:9C:65:94:3B:1A:EB:A6:2F:87:A5:5B:4C:D0:5B:7F:73:66:9D:F3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01821698690339B49B64F4B27CB147E85E30
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RJxllDsa66Yvh6VbTNBbf3NmnfM.roa
Signing time: Tue 19 Jul 2022 13:14:23 +0000
ROA not before: Tue 19 Jul 2022 13:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:98:69:03:39:b4:9b:64:f4:b2:7c:b1:47:e8:5e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 19 13:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=449c65943b1aeba62f87a55b4cd05b7f73669df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c5:78:ca:6a:50:61:45:0e:91:3e:5c:f4:c4:
08:2e:0e:20:d0:ca:b6:08:93:61:96:77:4f:cb:63:
9b:f1:73:0c:8a:88:e1:cb:92:89:04:74:e6:6d:88:
b0:15:7e:1b:54:3a:8c:6c:88:b9:54:cd:f4:a9:ae:
69:7b:8b:24:ee:12:88:72:55:87:0f:0a:7d:54:c7:
c3:fe:87:71:e7:30:73:cc:fd:ff:14:44:52:42:cb:
96:31:8d:fc:a5:ad:a1:ca:b2:6b:ef:1c:e7:e4:68:
67:83:af:23:c0:a4:41:ca:36:7f:31:c2:af:25:77:
cd:83:35:54:ae:a9:eb:d7:5b:bd:63:25:2e:22:7c:
c6:70:fd:c7:16:84:10:79:0a:18:45:22:48:75:cf:
b4:4b:7e:da:5c:a7:d7:27:ca:42:53:93:60:60:ce:
41:63:c6:03:d4:f8:31:04:2f:64:03:ea:f8:2e:ea:
3d:2a:e8:8e:e8:77:3c:1e:6c:d8:71:4a:d2:5b:75:
63:fc:b3:a8:22:11:51:9c:73:9b:1c:eb:5d:0f:91:
35:19:da:19:e3:30:73:30:b5:87:4b:4c:6f:61:e7:
78:bd:f5:36:b9:e4:d7:12:3c:2a:5b:2f:16:0f:19:
d4:47:2d:bf:bf:dc:ef:ed:4e:53:0b:6e:fc:0a:e4:
19:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9C:65:94:3B:1A:EB:A6:2F:87:A5:5B:4C:D0:5B:7F:73:66:9D:F3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RJxllDsa66Yvh6VbTNBbf3NmnfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.36.0/22
194.87.118.0/23
194.135.32.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
31:1b:e4:9b:5e:d1:36:67:0b:3b:df:73:f8:d1:58:f0:ea:ae:
92:01:8a:fc:b2:64:7c:39:f7:c3:c3:0b:ae:85:ab:d8:d1:b7:
bc:84:e2:0e:8d:f2:37:35:ff:e7:8a:7a:d5:d4:f4:c1:94:af:
f0:9d:fe:96:a6:c0:42:49:e7:6a:a2:7b:8c:4a:a7:5c:02:f7:
bd:d0:b4:e2:ea:f4:84:8b:8b:d6:24:9e:97:49:4b:86:b5:48:
87:01:7e:83:57:27:fe:29:df:4e:b9:76:4e:81:d9:97:34:e7:
94:c4:94:0c:b4:b5:c4:0e:88:f1:de:a9:76:61:6b:1e:d4:3f:
9b:7b:3d:5c:3e:ed:55:a1:e5:9c:3e:d5:7e:5d:84:d1:a7:08:
a3:9d:4a:c1:2d:83:d1:98:7b:9b:c7:14:37:58:ee:49:b5:26:
3d:91:48:1e:ab:57:d8:f5:5a:92:45:56:32:ac:ff:77:60:d4:
6b:39:3c:29:5e:96:88:6f:2b:69:7c:46:f3:7c:37:41:67:66:
0c:6f:6f:85:8a:88:8e:f4:bc:97:fc:8e:73:69:f3:2d:64:e1:
61:35:c5:e7:71:5b:dd:b5:ac:53:00:1d:4a:f2:66:88:82:8d:
1b:24:48:ac:af:c5:fe:8d:cf:77:74:4d:fc:b6:f6:ac:ca:64:
39:0b:e8:5a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYIWmGkDObSbZPSyfLFH6F4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzE5MTMxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDljNjU5NDNiMWFlYmE2MmY4N2E1NWI0Y2QwNWI3ZjczNjY5ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8V4ympQYUUOkT5c9MQILg4g0Mq2
CJNhlndPy2Ob8XMMiojhy5KJBHTmbYiwFX4bVDqMbIi5VM30qa5pe4sk7hKIclWH
Dwp9VMfD/odx5zBzzP3/FERSQsuWMY38pa2hyrJr7xzn5Ghng68jwKRByjZ/McKv
JXfNgzVUrqnr11u9YyUuInzGcP3HFoQQeQoYRSJIdc+0S37aXKfXJ8pCU5NgYM5B
Y8YD1PgxBC9kA+r4Luo9KuiO6Hc8HmzYcUrSW3Vj/LOoIhFRnHObHOtdD5E1GdoZ
4zBzMLWHS0xvYed4vfU2ueTXEjwqWy8WDxnURy2/v9zv7U5TC278CuQZBQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEScZZQ7GuumL4elW0zQW39zZp3zMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUkp4bGxEc2E2Nll2aDZWYlROQmJmM05tbmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCwlckAwQB
wld2AwQAwocgMAwDBADDhRkDBALDhRgDBADDhTcDBADDhTswDQYJKoZIhvcNAQEL
BQADggEBADEb5Jte0TZnCzvfc/jRWPDqrpIBivyyZHw598PDC66Fq9jRt7yE4g6N
8jc1/+eKetXU9MGUr/Cd/pamwEJJ52qie4xKp1wC973QtOLq9ISLi9YknpdJS4a1
SIcBfoNXJ/4p3065dk6B2Zc055TElAy0tcQOiPHeqXZhax7UP5t7PVw+7VWh5Zw+
1X5dhNGnCKOdSsEtg9GYe5vHFDdY7km1Jj2RSB6rV9j1WpJFVjKs/3dg1Gs5PCle
lohvK2l8RvN8N0FnZgxvb4WKiI70vJf8jnNp8y1k4WE1xedxW921rFMAHUryZoiC
jRskSKyvxf6Nz3d0Tfy29qzKZDkL6Fo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org