Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T7r-vlR3CeMLGbcT_kh7wOjYwgg.roa
File: T7r-vlR3CeMLGbcT_kh7wOjYwgg.roa (raw, json)
Hash identifier: UfoRsmsVDKf8mZRS5OjXOr60apqUPpsaPGCRHvbviIE=
Subject key identifier: 4F:BA:FE:BE:54:77:09:E3:0B:19:B7:13:FE:48:7B:C0:E8:D8:C2:08
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018282656FE639F7214346C9B34CD0EE6975
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T7r-vlR3CeMLGbcT_kh7wOjYwgg.roa
Signing time: Tue 09 Aug 2022 11:37:41 +0000
ROA not before: Tue 09 Aug 2022 11:37:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/22 maxlen: 24
195.133.12.0/22 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:65:6f:e6:39:f7:21:43:46:c9:b3:4c:d0:ee:69:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 9 11:37:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fbafebe547709e30b19b713fe487bc0e8d8c208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e6:b8:1b:0f:3f:9a:4b:3b:90:37:f5:ef:db:
70:d0:ef:0c:dc:e3:8e:6c:ef:73:29:f1:bc:f1:b1:
4c:eb:91:42:e1:bd:b6:a9:2c:ab:df:f5:ce:54:da:
7d:81:ba:75:34:53:7c:77:db:45:57:67:8d:d4:c0:
a1:49:83:9a:83:45:4c:0b:d6:e1:70:27:db:30:1f:
94:42:35:53:f8:ff:a3:b6:1e:71:bf:3b:c2:70:14:
9f:8c:7b:f4:8d:e3:4c:3a:e6:d7:d1:2e:96:c3:a2:
c7:19:be:08:c9:4a:94:65:c6:3f:96:35:2e:27:de:
bb:18:0a:39:17:1c:21:12:18:f7:07:ef:be:0f:44:
d1:d8:8a:7e:d0:1c:3f:bb:20:de:c8:10:4e:41:ff:
3d:54:06:de:f5:ec:87:ce:2d:66:5e:91:ec:c2:78:
81:8a:ae:4b:10:7c:35:1f:cb:ee:3a:db:36:49:25:
26:4c:ba:62:46:e3:f2:87:8b:0e:da:51:a1:f8:ae:
cb:f1:80:21:86:54:c9:c0:a6:6f:0d:a4:2a:cc:0c:
34:4d:00:27:b3:84:21:9d:03:5c:61:82:3d:da:3e:
f0:87:dc:86:d7:58:fb:12:0d:52:5b:95:35:14:f1:
c2:8b:ac:34:7c:cc:3f:47:c1:9f:7b:66:34:52:31:
77:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BA:FE:BE:54:77:09:E3:0B:19:B7:13:FE:48:7B:C0:E8:D8:C2:08
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T7r-vlR3CeMLGbcT_kh7wOjYwgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.203.0/24
194.87.1.0/24
194.87.24.0/22
194.87.32.0/22
194.87.116.0/22
194.87.179.0/24
194.87.187.0/24
194.87.219.0/24
194.87.222.0/23
194.135.23.0/24
195.133.12.0/22
195.133.80.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
39:0d:0b:48:c7:5a:2b:51:75:93:f0:47:c2:07:51:7c:c3:16:
21:d9:34:61:48:04:57:f4:32:ba:7e:9d:a6:ae:52:a1:1c:64:
fd:ab:ac:2c:33:ba:d2:f1:97:e9:09:5e:ad:60:46:fb:25:7e:
14:e8:70:ff:65:74:ee:d0:dc:61:7f:a3:83:58:91:dc:79:26:
11:5c:1a:d5:a9:51:8e:e1:43:90:18:4d:0e:a7:20:68:f8:3f:
50:8e:af:14:b6:59:dd:18:41:8d:3b:cf:fc:c7:7d:61:3f:ca:
42:40:a6:4e:17:4a:b5:9a:ed:36:ee:a6:a0:fc:74:ea:cd:98:
ee:8c:1b:4b:b7:b3:cc:f5:14:0d:5f:ce:9b:39:7d:8c:2f:5b:
bf:90:02:14:95:ff:35:0d:f7:15:78:93:b1:57:4d:9f:e4:d7:
6b:b0:c5:72:62:5d:f0:15:d8:0b:f5:15:7a:fd:d7:a0:fe:ce:
53:39:37:27:3c:f1:6c:91:ed:7b:95:24:4a:20:eb:ad:25:7e:
7a:f6:a9:48:ab:a8:97:28:42:1d:1a:71:b7:fa:6c:bf:15:f6:
f1:3f:86:0f:88:fe:26:81:dc:e3:48:6f:58:53:14:83:3d:6f:
53:31:cd:b2:73:61:51:18:dd:7e:42:88:f4:73:30:c4:44:f2:
93:2a:e8:dd
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYKCZW/mOfchQ0bJs0zQ7ml1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODA5MTEzNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmJhZmViZTU0NzcwOWUzMGIxOWI3MTNmZTQ4N2JjMGU4ZDhjMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsua4Gw8/mks7kDf179tw0O8M3OOO
bO9zKfG88bFM65FC4b22qSyr3/XOVNp9gbp1NFN8d9tFV2eN1MChSYOag0VMC9bh
cCfbMB+UQjVT+P+jth5xvzvCcBSfjHv0jeNMOubX0S6Ww6LHGb4IyUqUZcY/ljUu
J967GAo5FxwhEhj3B+++D0TR2Ip+0Bw/uyDeyBBOQf89VAbe9eyHzi1mXpHswniB
iq5LEHw1H8vuOts2SSUmTLpiRuPyh4sO2lGh+K7L8YAhhlTJwKZvDaQqzAw0TQAn
s4QhnQNcYYI92j7wh9yG11j7Eg1SW5U1FPHCi6w0fMw/R8Gfe2Y0UjF39QIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFE+6/r5UdwnjCxm3E/5Ie8Do2MIIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVDdyLXZsUjNDZU1MR2JjVF9raDd3T2pZd2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAMB8rQME
AMB8sgMEAsB8tAMEAsB8vAMEAMB80QMEAMF8AwMEAMF8ywMEAMJXAQMEAsJXGAME
AsJXIAMEAsJXdAMEAMJXswMEAMJXuwMEAMJX2wMEAcJX3gMEAMKHFwMEAsOFDAME
AMOFUAMEANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAOQ0LSMdaK1F1k/BHwgdRfMMW
Idk0YUgEV/Qyun6dpq5SoRxk/ausLDO60vGX6QlerWBG+yV+FOhw/2V07tDcYX+j
g1iR3HkmEVwa1alRjuFDkBhNDqcgaPg/UI6vFLZZ3RhBjTvP/Md9YT/KQkCmThdK
tZrtNu6moPx06s2Y7owbS7ezzPUUDV/Omzl9jC9bv5ACFJX/NQ33FXiTsVdNn+TX
a7DFcmJd8BXYC/UVev3XoP7OUzk3JzzxbJHte5UkSiDrrSV+evapSKuolyhCHRpx
t/psvxX28T+GD4j+JoHc40hvWFMUgz1vUzHNsnNhURjdfkKI9HMwxETykyro3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org