Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SLfARC-lsP8fHOzlBxGEWJXz5pg.roa
File: SLfARC-lsP8fHOzlBxGEWJXz5pg.roa (raw, json)
Hash identifier: 5j7sKVUocgYjsODQBCed9Ui8+EwhK6nGQaVQbFDa6Oo=
Subject key identifier: 48:B7:C0:44:2F:A5:B0:FF:1F:1C:EC:E5:07:11:84:58:95:F3:E6:98
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183EA9982A733E68001F87817F7C223EC6D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SLfARC-lsP8fHOzlBxGEWJXz5pg.roa
Signing time: Tue 18 Oct 2022 10:17:52 +0000
ROA not before: Tue 18 Oct 2022 10:17:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 194.87.160.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:99:82:a7:33:e6:80:01:f8:78:17:f7:c2:23:ec:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 18 10:17:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48b7c0442fa5b0ff1f1cece50711845895f3e698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e7:b5:d3:3d:54:d5:12:ae:01:2d:f0:12:91:
8a:56:67:ec:71:45:3e:54:64:2d:9a:ed:aa:e7:5f:
4f:69:c8:72:20:bd:cd:6b:9a:b0:56:6e:3a:b7:85:
0c:c7:6b:48:bd:d1:89:43:05:d7:c4:b6:4d:38:c5:
f9:5d:f2:21:6a:0b:8b:4d:a2:28:f8:d6:73:10:66:
bc:f9:fe:b3:79:c8:ef:ee:8e:f4:24:a8:d7:f5:9b:
78:10:9d:b2:ed:94:9c:e1:5a:4a:10:6f:a8:c9:e2:
1a:5c:9d:2e:23:87:30:db:21:f2:f2:5d:02:59:a8:
f4:b3:4a:be:13:ae:6e:f0:1e:7f:87:32:d6:76:d8:
1a:7c:54:c6:b4:42:4f:96:c7:c8:4b:68:c5:08:8a:
83:ef:ef:7a:6b:70:1c:7a:a7:cc:8e:f9:2a:e1:ea:
d3:8e:09:7b:b2:b7:7a:63:77:fb:83:ec:14:3c:d6:
3c:8c:55:10:12:5a:84:46:43:cd:1f:ad:04:28:1a:
ae:aa:78:b8:f0:8e:a2:73:13:31:38:a0:b2:0b:09:
43:28:57:b8:80:11:2e:d7:4c:59:7c:a1:e1:32:f2:
84:68:a4:01:a8:3a:69:20:50:ac:7d:d3:1d:f0:32:
9f:94:1f:64:e8:c0:6a:2f:2d:5c:6e:3d:fd:b3:14:
56:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B7:C0:44:2F:A5:B0:FF:1F:1C:EC:E5:07:11:84:58:95:F3:E6:98
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SLfARC-lsP8fHOzlBxGEWJXz5pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.160.0/24
194.87.187.0/24
Signature Algorithm: sha256WithRSAEncryption
91:93:c6:78:19:d3:35:9a:2a:28:46:1c:c2:ae:1f:83:7f:28:
87:7c:25:1b:3d:d0:c5:8b:d6:90:47:e2:19:52:bf:05:22:c4:
9d:ce:14:55:4b:0f:31:9f:2b:07:ff:75:31:c8:5f:27:24:3c:
56:6b:b2:cf:b7:ad:e0:2b:bd:01:a6:62:a7:d1:38:70:cc:b2:
38:20:6a:00:ff:9e:61:79:a1:00:e5:d6:03:c9:2a:bc:59:d2:
c3:63:f6:c8:6b:3c:12:74:91:91:88:f8:c5:cb:75:7d:d8:42:
13:70:8a:41:3b:11:67:1e:a4:e4:c1:8c:3f:56:9f:88:ff:8f:
99:ee:3b:90:ef:8e:69:1c:cc:be:d9:89:06:e1:d4:14:af:12:
87:f0:66:fb:03:72:9e:d5:9f:00:e3:88:2b:38:e8:ed:7d:49:
af:ef:64:e5:ff:b8:62:77:fa:51:df:62:97:be:82:a4:86:d2:
59:5d:a8:a1:fa:66:06:31:f6:f5:68:a5:f1:48:06:b3:a8:9a:
c2:ac:0f:d1:0f:34:eb:01:5d:70:a8:38:ac:a6:0a:ff:be:cb:
7e:3b:6b:d0:1a:6f:2f:77:85:f0:49:80:3d:90:75:b3:86:fc:
85:2f:fd:ec:70:a4:88:8a:6a:a8:fd:a5:db:97:27:c2:db:45:
e4:67:9d:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPqmYKnM+aAAfh4F/fCI+xtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE4MTAxNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGI3YzA0NDJmYTViMGZmMWYxY2VjZTUwNzExODQ1ODk1ZjNlNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiee10z1U1RKuAS3wEpGKVmfscUU+
VGQtmu2q519PachyIL3Na5qwVm46t4UMx2tIvdGJQwXXxLZNOMX5XfIhaguLTaIo
+NZzEGa8+f6zecjv7o70JKjX9Zt4EJ2y7ZSc4VpKEG+oyeIaXJ0uI4cw2yHy8l0C
Waj0s0q+E65u8B5/hzLWdtgafFTGtEJPlsfIS2jFCIqD7+96a3AceqfMjvkq4erT
jgl7srd6Y3f7g+wUPNY8jFUQElqERkPNH60EKBquqni48I6icxMxOKCyCwlDKFe4
gBEu10xZfKHhMvKEaKQBqDppIFCsfdMd8DKflB9k6MBqLy1cbj39sxRWaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEi3wEQvpbD/Hxzs5QcRhFiV8+aYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU0xmQVJDLWxzUDhmSE96bEJ4R0VXSlh6NXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlegAwQA
wle7MA0GCSqGSIb3DQEBCwUAA4IBAQCRk8Z4GdM1miooRhzCrh+DfyiHfCUbPdDF
i9aQR+IZUr8FIsSdzhRVSw8xnysH/3UxyF8nJDxWa7LPt63gK70BpmKn0ThwzLI4
IGoA/55heaEA5dYDySq8WdLDY/bIazwSdJGRiPjFy3V92EITcIpBOxFnHqTkwYw/
Vp+I/4+Z7juQ745pHMy+2YkG4dQUrxKH8Gb7A3Ke1Z8A44grOOjtfUmv72Tl/7hi
d/pR32KXvoKkhtJZXaih+mYGMfb1aKXxSAazqJrCrA/RDzTrAV1wqDispgr/vst+
O2vQGm8vd4XwSYA9kHWzhvyFL/3scKSIimqo/aXblyfC20XkZ52y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org