Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UyPAMiz7sowENG_8om5aVYHtGIw.roa
File: UyPAMiz7sowENG_8om5aVYHtGIw.roa (raw, json)
Hash identifier: Grii9pMlYOVOaXuDil3fNiZ8QVYcAbeQY1aixeH/mA4=
Subject key identifier: 53:23:C0:32:2C:FB:B2:8C:04:34:6F:FC:A2:6E:5A:55:81:ED:18:8C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184136C37AD62E198DC1FE61958319BF8A6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UyPAMiz7sowENG_8om5aVYHtGIw.roa
Signing time: Wed 26 Oct 2022 08:32:49 +0000
ROA not before: Wed 26 Oct 2022 08:32:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.124.226.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
193.124.49.0/24 maxlen: 24
194.87.41.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
212.192.16.0/21 maxlen: 24
194.87.61.0/24 maxlen: 24
194.87.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:6c:37:ad:62:e1:98:dc:1f:e6:19:58:31:9b:f8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 26 08:32:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5323c0322cfbb28c04346ffca26e5a5581ed188c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:53:03:13:92:5e:06:6e:9c:2b:cd:54:90:f7:
56:9c:43:fa:d5:f1:b3:b5:b8:44:88:e3:36:00:54:
4d:b5:d1:73:c7:fb:f0:a5:bb:c5:bc:92:62:3b:83:
e5:cf:41:ad:65:50:1f:87:3a:88:60:fa:53:cb:38:
42:27:20:bb:77:c6:f5:cf:dd:35:be:70:87:c8:47:
0a:ab:bf:c3:94:b9:fd:41:27:47:b7:81:a2:64:75:
2f:e5:1a:5f:8b:30:b5:9d:1b:4f:96:11:37:6e:2e:
9a:11:70:01:c3:e6:c7:35:e8:55:bf:ba:12:4f:c0:
82:43:e4:b2:43:27:ef:89:13:72:95:8a:ef:b6:0a:
58:40:db:d3:fa:6a:de:96:56:c6:5b:0e:12:5e:52:
75:b9:1c:57:d1:e1:2c:d3:ed:3d:53:97:51:f3:f7:
5c:43:fd:6c:f4:95:1f:03:c6:6b:5b:37:ce:8b:e9:
2e:72:38:8c:92:1f:64:95:59:79:f5:61:a9:c5:94:
43:13:db:70:4c:4d:f4:bb:d1:26:c8:d6:78:46:16:
4c:05:0c:b1:2b:95:7d:cf:35:62:1d:b3:38:32:04:
fa:b2:dd:54:bc:ff:73:5e:1d:97:2e:b3:5a:6b:7d:
33:fd:6e:20:cc:89:b7:14:cf:da:8d:9b:1a:d3:63:
8c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:23:C0:32:2C:FB:B2:8C:04:34:6F:FC:A2:6E:5A:55:81:ED:18:8C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UyPAMiz7sowENG_8om5aVYHtGIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
193.124.224.0-193.124.226.255
194.87.41.0/24
194.87.61.0/24
194.87.192.0/22
194.135.46.0/24
195.133.22.0/24
212.192.16.0/21
Signature Algorithm: sha256WithRSAEncryption
60:19:bf:12:5b:0e:77:94:65:25:6b:c0:6a:7c:f8:d5:32:d2:
46:91:23:68:8d:67:3c:4e:c4:87:b0:36:40:bc:fb:6c:e7:84:
a4:02:34:2a:29:a3:bb:d4:55:c7:b5:cc:f2:ba:24:67:3a:42:
cd:d4:bb:1b:39:41:a6:b7:b8:27:db:22:07:ae:59:e6:28:dc:
27:a4:ee:ee:47:0f:f9:c5:a7:58:26:d5:ca:02:f4:c4:7e:11:
bd:d4:22:1d:8a:f6:e9:4c:1e:e1:a4:1e:35:04:5b:7a:0b:4f:
63:43:99:b1:7d:84:05:bb:dc:8b:cc:69:3f:e4:6a:93:96:81:
d2:87:2b:eb:ac:d7:83:de:8f:02:dc:a6:82:ba:81:e7:9a:9f:
0f:a8:54:ce:99:3f:70:b6:53:cb:9e:c3:56:b5:73:d7:c9:e8:
38:e8:b8:f2:92:44:06:d4:6e:79:f2:22:61:56:f8:c7:eb:52:
ef:6c:41:d3:f0:ac:75:90:80:b4:01:a8:e2:a2:a5:8b:bd:5a:
d8:91:1b:73:6e:bc:7a:d1:a4:df:8d:a3:ba:ef:37:75:4d:13:
a2:86:02:a4:30:e8:9d:d8:5a:91:c6:74:7b:ac:16:b0:92:6b:
2a:54:a1:7c:a8:cc:e5:cc:0c:a1:2b:b0:96:4d:2e:4b:76:ff:
da:41:6e:15
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYQTbDetYuGY3B/mGVgxm/imMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI2MDgzMjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzIzYzAzMjJjZmJiMjhjMDQzNDZmZmNhMjZlNWE1NTgxZWQxODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlMDE5JeBm6cK81UkPdWnEP61fGz
tbhEiOM2AFRNtdFzx/vwpbvFvJJiO4Plz0GtZVAfhzqIYPpTyzhCJyC7d8b1z901
vnCHyEcKq7/DlLn9QSdHt4GiZHUv5RpfizC1nRtPlhE3bi6aEXABw+bHNehVv7oS
T8CCQ+SyQyfviRNylYrvtgpYQNvT+mrellbGWw4SXlJ1uRxX0eEs0+09U5dR8/dc
Q/1s9JUfA8ZrWzfOi+kucjiMkh9klVl59WGpxZRDE9twTE30u9EmyNZ4RhZMBQyx
K5V9zzViHbM4MgT6st1UvP9zXh2XLrNaa30z/W4gzIm3FM/ajZsa02OMUwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFMjwDIs+7KMBDRv/KJuWlWB7RiMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVXlQQU1pejdzb3dFTkdfOG9tNWFWWUh0R0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAwXwxMAwD
BAXBfOADBADBfOIDBADCVykDBADCVz0DBALCV8ADBADChy4DBADDhRYDBAPUwBAw
DQYJKoZIhvcNAQELBQADggEBAGAZvxJbDneUZSVrwGp8+NUy0kaRI2iNZzxOxIew
NkC8+2znhKQCNCopo7vUVce1zPK6JGc6Qs3Uuxs5Qaa3uCfbIgeuWeYo3Cek7u5H
D/nFp1gm1coC9MR+Eb3UIh2K9ulMHuGkHjUEW3oLT2NDmbF9hAW73IvMaT/kapOW
gdKHK+us14PejwLcpoK6geeanw+oVM6ZP3C2U8uew1a1c9fJ6DjouPKSRAbUbnny
ImFW+MfrUu9sQdPwrHWQgLQBqOKipYu9WtiRG3NuvHrRpN+No7rvN3VNE6KGAqQw
6J3YWpHGdHusFrCSaypUoXyozOXMDKErsJZNLkt2/9pBbhU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org