Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V7QUl0GDngJEKhoWgxLuCOzeSTs.roa
File: V7QUl0GDngJEKhoWgxLuCOzeSTs.roa (raw, json)
Hash identifier: z6Kj3hGE27jOHVjQr2QZDG5XWeGBvd0xgqZezlwnPyk=
Subject key identifier: 57:B4:14:97:41:83:9E:02:44:2A:1A:16:83:12:EE:08:EC:DE:49:3B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01842D17E57435B5F24F846D2CFD51AB0738
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V7QUl0GDngJEKhoWgxLuCOzeSTs.roa
Signing time: Mon 31 Oct 2022 08:10:51 +0000
ROA not before: Mon 31 Oct 2022 08:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 193.124.46.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:17:e5:74:35:b5:f2:4f:84:6d:2c:fd:51:ab:07:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 31 08:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57b4149741839e02442a1a168312ee08ecde493b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8d:04:76:99:55:1a:90:9b:37:9a:69:0c:83:
b9:f9:44:e4:2e:08:8e:5b:6c:78:67:9c:b2:63:da:
e3:bb:a7:ee:1b:ff:b2:c8:5d:5f:e8:2e:1a:8b:3d:
ca:61:9e:b2:00:2d:2f:bf:a4:8d:b1:da:f7:d1:fe:
e5:0f:29:61:9c:a6:84:7d:92:ed:24:ea:a4:19:76:
48:c9:9d:37:ce:9a:94:e1:d7:e8:e1:29:be:19:49:
7b:82:a0:ed:0b:63:3e:2d:d3:8d:82:09:10:9b:19:
2b:8c:bc:ef:49:68:f4:8e:d5:e6:5f:f6:2f:a4:bb:
47:65:24:d2:4b:25:5c:eb:1c:31:88:2f:9f:15:d8:
62:92:3b:fb:9c:a4:b9:7e:a0:b1:86:44:19:9e:3c:
83:b3:58:6d:54:02:88:4c:06:29:dc:04:fd:1e:fa:
46:14:f7:cf:f3:79:97:e5:47:83:18:1f:e3:d2:43:
e9:e7:06:6b:9a:65:eb:86:3b:e8:21:28:5c:34:ca:
93:e8:1b:cf:f6:da:c8:1f:c3:40:44:c2:2b:b3:95:
d5:8d:2f:34:0c:a2:c5:1f:c7:d7:cd:04:0b:11:1b:
ba:88:be:93:3a:60:03:39:bc:22:ae:5d:75:bf:7e:
2d:09:48:cd:45:e6:74:92:a6:61:79:99:3c:e7:59:
21:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B4:14:97:41:83:9E:02:44:2A:1A:16:83:12:EE:08:EC:DE:49:3B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V7QUl0GDngJEKhoWgxLuCOzeSTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
193.124.46.0/24
194.58.43.0/24
194.87.176.0/24
194.87.191.0/24
212.192.210.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
76:39:ad:73:53:25:df:01:b4:66:e3:0e:e5:8d:b0:77:a4:ac:
a7:06:eb:a0:fd:4f:4f:8a:2a:21:0b:c5:41:81:b3:7b:31:f6:
e4:9d:53:7a:78:85:7a:cb:09:f3:79:e6:6e:17:f7:7c:77:c2:
d4:5e:d1:71:92:ab:f9:de:67:0b:42:ff:ee:19:d5:6a:94:0e:
4c:43:d9:ce:a9:a0:94:0d:f7:6f:b8:0c:64:82:80:3a:9c:d6:
ea:d6:4f:a0:57:79:51:ea:32:a2:fe:c9:7f:32:04:9a:42:cc:
fc:b7:bb:97:1d:c1:a4:e1:51:b6:55:0e:1b:b3:b2:c0:55:cd:
13:f4:8d:34:d2:10:30:2c:82:86:81:a2:fb:97:b7:0c:c5:9c:
48:eb:6e:82:d9:2f:9f:7c:75:33:cc:93:cf:5c:89:93:b7:66:
8a:fa:51:fb:92:36:e2:f7:81:61:9c:53:f9:d9:61:61:fc:4b:
43:c3:9b:7c:83:ec:fd:5d:08:91:7a:0c:9f:78:f8:b7:8d:0f:
db:e7:75:fa:85:49:66:d1:e0:dc:7b:97:2d:36:fc:e9:cb:0c:
01:6e:66:1b:44:de:b7:30:54:bb:f1:f0:39:6f:1a:54:1d:5b:
c7:49:08:ab:f8:67:f9:73:63:c3:06:6d:e8:10:a2:3c:3f:86:
12:31:3f:ed
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQtF+V0NbXyT4RtLP1Rqwc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDMxMDgxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2I0MTQ5NzQxODM5ZTAyNDQyYTFhMTY4MzEyZWUwOGVjZGU0OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI0EdplVGpCbN5ppDIO5+UTkLgiO
W2x4Z5yyY9rju6fuG/+yyF1f6C4aiz3KYZ6yAC0vv6SNsdr30f7lDylhnKaEfZLt
JOqkGXZIyZ03zpqU4dfo4Sm+GUl7gqDtC2M+LdONggkQmxkrjLzvSWj0jtXmX/Yv
pLtHZSTSSyVc6xwxiC+fFdhikjv7nKS5fqCxhkQZnjyDs1htVAKITAYp3AT9HvpG
FPfP83mX5UeDGB/j0kPp5wZrmmXrhjvoIShcNMqT6BvP9trIH8NARMIrs5XVjS80
DKLFH8fXzQQLERu6iL6TOmADObwirl11v34tCUjNReZ0kqZheZk851khXQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFe0FJdBg54CRCoaFoMS7gjs3kk7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVjdRVWwwR0RuZ0pFS2hvV2d4THVDT3plU1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAuUgKAwQA
wXwuAwQAwjorAwQAwlewAwQAwle/AwQA1MDSAwQA1MEGMA0GCSqGSIb3DQEBCwUA
A4IBAQB2Oa1zUyXfAbRm4w7ljbB3pKynBuug/U9PiiohC8VBgbN7MfbknVN6eIV6
ywnzeeZuF/d8d8LUXtFxkqv53mcLQv/uGdVqlA5MQ9nOqaCUDfdvuAxkgoA6nNbq
1k+gV3lR6jKi/sl/MgSaQsz8t7uXHcGk4VG2VQ4bs7LAVc0T9I000hAwLIKGgaL7
l7cMxZxI626C2S+ffHUzzJPPXImTt2aK+lH7kjbi94FhnFP52WFh/EtDw5t8g+z9
XQiRegyfePi3jQ/b53X6hUlm0eDce5ctNvzpywwBbmYbRN63MFS78fA5bxpUHVvH
SQir+Gf5c2PDBm3oEKI8P4YSMT/t
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org