Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TN4NatcyWzgP0eC1d1RY7g4gbOc.roa
File: TN4NatcyWzgP0eC1d1RY7g4gbOc.roa (raw, json)
Hash identifier: Dd+5l1+SIwdrOHUCI+T1k2OnZAFtVi/NKE2eV2GF9sE=
Subject key identifier: 4C:DE:0D:6A:D7:32:5B:38:0F:D1:E0:B5:77:54:58:EE:0E:20:6C:E7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01830D152D60D4413B906966CE9040C921EE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TN4NatcyWzgP0eC1d1RY7g4gbOc.roa
Signing time: Mon 05 Sep 2022 09:57:15 +0000
ROA not before: Mon 05 Sep 2022 09:57:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399471
IP address blocks: 195.133.76.0/24 maxlen: 24
212.193.29.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
212.192.216.0/22 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.244.0/22 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:15:2d:60:d4:41:3b:90:69:66:ce:90:40:c9:21:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 5 09:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cde0d6ad7325b380fd1e0b5775458ee0e206ce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:20:23:4b:c0:5a:25:96:12:79:20:d2:79:57:
34:cb:ab:44:3d:9b:a3:e9:57:19:ff:a1:e4:3a:fe:
93:8a:58:f4:b1:e2:70:42:1f:4e:37:c0:18:b3:3b:
b6:a5:74:8b:91:05:39:0c:ce:3b:09:5e:c6:73:ef:
f3:1e:67:d4:59:89:e9:2c:98:ce:2f:45:02:20:f2:
11:44:32:a1:cf:e5:f8:44:8e:b1:d1:ef:15:8e:74:
c2:ef:60:c7:6f:4d:fc:67:91:93:b5:f2:39:22:c7:
d3:84:cf:2a:79:14:e2:c9:6a:0c:32:fb:df:1d:fa:
0a:ad:a1:0a:eb:6e:98:1c:ff:e1:ad:46:68:f6:22:
85:9c:4e:1a:e9:84:ac:14:50:5e:83:75:30:f0:b2:
22:50:37:14:e9:ff:c9:c1:b3:f7:4f:e6:78:29:96:
41:7b:8a:72:4f:72:72:fe:e4:27:6d:a4:c4:3a:26:
af:cc:d4:8e:d3:0f:ab:cb:7d:6a:11:7b:bd:bb:16:
70:26:ba:4e:d1:82:6c:df:92:65:32:ce:9b:7f:f2:
3f:d7:9b:9c:65:e7:65:3c:af:a5:41:98:54:b5:33:
57:a5:64:55:87:77:08:1a:e7:1d:6a:10:fa:db:4b:
0f:06:bb:3b:87:e3:b8:6b:21:e1:69:81:69:1a:e1:
f3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DE:0D:6A:D7:32:5B:38:0F:D1:E0:B5:77:54:58:EE:0E:20:6C:E7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TN4NatcyWzgP0eC1d1RY7g4gbOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.85.248.0/24
194.85.250.0/24
194.87.32.0/24
194.87.35.0/24
194.87.82.0/23
194.87.149.0/24
194.87.161.0/24
194.87.163.0/24
194.87.227.0/24
195.133.15.0/24
195.133.39.0/24
195.133.76.0/24
212.192.11.0/24
212.192.216.0/22
212.192.244.0/22
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
54:fc:ba:80:f5:7e:37:95:8c:43:80:f6:34:df:0d:cc:7f:e9:
02:60:5c:8d:3e:21:9c:e3:6a:a3:a7:e1:41:05:41:77:f8:55:
ad:7b:b2:e8:50:c4:05:b2:61:d2:ff:b2:6d:80:3d:58:09:a7:
0e:40:2c:88:4c:46:40:a0:f4:1a:d6:b2:b9:42:7d:50:ee:c7:
87:82:fb:57:32:6d:81:63:74:9a:4b:42:aa:dc:2f:90:e9:b3:
45:ea:2f:76:33:c0:4b:7c:d5:c5:93:83:5c:46:b3:9c:aa:07:
0b:5f:74:bc:01:f7:c7:93:fd:2f:a6:a6:55:3b:6d:b2:a1:b3:
36:b2:89:90:20:fe:99:0f:7d:d6:68:24:e2:9a:80:7a:14:26:
ba:d5:55:a2:3f:bd:95:38:0a:bf:69:a1:04:3a:d5:81:62:3c:
83:a9:4d:4b:f6:62:4e:36:69:33:70:d5:9f:f4:a6:da:d0:d5:
4d:f3:11:45:4f:fe:13:87:c3:e6:25:a6:5a:6f:e5:c3:cc:c8:
1a:3a:99:c3:df:24:f6:36:6b:17:c5:b9:53:f4:25:65:57:90:
ef:f5:39:a9:b5:d0:c2:87:b5:e8:59:16:4b:1e:6d:e9:1a:06:
44:1f:c3:20:5f:1f:96:c3:3e:24:45:ee:4e:25:a7:1b:dd:c1:
a8:d8:1e:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYMNFS1g1EE7kGlmzpBAySHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTA1MDk1NzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2RlMGQ2YWQ3MzI1YjM4MGZkMWUwYjU3NzU0NThlZTBlMjA2Y2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCAjS8BaJZYSeSDSeVc0y6tEPZuj
6VcZ/6HkOv6Tilj0seJwQh9ON8AYszu2pXSLkQU5DM47CV7Gc+/zHmfUWYnpLJjO
L0UCIPIRRDKhz+X4RI6x0e8VjnTC72DHb038Z5GTtfI5IsfThM8qeRTiyWoMMvvf
HfoKraEK626YHP/hrUZo9iKFnE4a6YSsFFBeg3Uw8LIiUDcU6f/JwbP3T+Z4KZZB
e4pyT3Jy/uQnbaTEOiavzNSO0w+ry31qEXu9uxZwJrpO0YJs35JlMs6bf/I/15uc
ZedlPK+lQZhUtTNXpWRVh3cIGucdahD620sPBrs7h+O4ayHhaYFpGuHzSwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFEzeDWrXMls4D9HgtXdUWO4OIGznMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVE40TmF0Y3lXemdQMGVDMWQxUlk3ZzRnYk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwXzLAwQA
wlX4AwQAwlX6AwQAwlcgAwQAwlcjAwQBwldSAwQAwleVAwQAwlehAwQAwlejAwQA
wlfjAwQAw4UPAwQAw4UnAwQAw4VMAwQA1MALAwQC1MDYAwQC1MD0AwQA1MEdMA0G
CSqGSIb3DQEBCwUAA4IBAQBU/LqA9X43lYxDgPY03w3Mf+kCYFyNPiGc42qjp+FB
BUF3+FWte7LoUMQFsmHS/7JtgD1YCacOQCyITEZAoPQa1rK5Qn1Q7seHgvtXMm2B
Y3SaS0Kq3C+Q6bNF6i92M8BLfNXFk4NcRrOcqgcLX3S8AffHk/0vpqZVO22yobM2
somQIP6ZD33WaCTimoB6FCa61VWiP72VOAq/aaEEOtWBYjyDqU1L9mJONmkzcNWf
9Kba0NVN8xFFT/4Th8PmJaZab+XDzMgaOpnD3yT2NmsXxblT9CVlV5Dv9TmptdDC
h7XoWRZLHm3pGgZEH8MgXx+Wwz4kRe5OJacb3cGo2B6x
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:04 2023 by rpki-client on console-fra.rpki-client.org