Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V85F4WMlnna-MZu0g2mVWXbiVMo.roa
File: V85F4WMlnna-MZu0g2mVWXbiVMo.roa (raw, json)
Hash identifier: Hto8TaEol3STSKnxsEUc84MDyHClnahtH2b7vEArYMU=
Subject key identifier: 57:CE:45:E1:63:25:9E:76:BE:31:9B:B4:83:69:95:59:76:E2:54:CA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184F62AA5C7BA572C5E95FE669C6A6976F9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V85F4WMlnna-MZu0g2mVWXbiVMo.roa
Signing time: Fri 09 Dec 2022 09:15:00 +0000
ROA not before: Fri 09 Dec 2022 09:15:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203639
IP address blocks: 194.87.204.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:2a:a5:c7:ba:57:2c:5e:95:fe:66:9c:6a:69:76:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 9 09:15:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57ce45e163259e76be319bb48369955976e254ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:d4:03:d8:ef:a6:a3:af:66:d9:5c:2d:41:
f8:3e:6e:64:3a:86:31:ee:1e:22:19:7f:6a:ec:42:
75:f9:ba:c4:e8:27:3c:e8:91:30:7a:3c:ad:74:22:
3c:e5:20:4f:ab:6b:2c:c0:74:eb:37:da:34:13:d8:
c3:28:80:b9:1b:15:24:0d:ae:c3:dc:f2:72:ad:cb:
1e:27:34:51:da:81:cf:46:19:00:fd:7d:c1:78:26:
18:bb:67:6d:45:9a:21:d8:25:a8:cf:59:27:93:40:
2a:07:46:f7:48:65:34:bd:c3:01:f5:2b:47:0a:d3:
1b:b8:55:59:66:75:9d:e5:55:5d:a1:ec:94:fe:4f:
77:3d:7f:f9:3a:47:6a:00:29:27:ea:d3:fd:58:ee:
73:43:20:cd:0f:bd:c2:c6:1f:e5:b1:55:71:11:df:
0e:44:23:56:ef:dd:f4:ae:94:2d:ab:25:5c:c4:b8:
47:06:84:07:fd:e3:a3:42:8f:33:ea:6a:54:e6:58:
ec:35:e4:83:04:a6:c9:74:90:9a:3b:41:c4:4f:be:
02:be:02:7d:02:7c:81:15:16:4f:f4:6d:f2:fc:e3:
bd:5d:da:d8:ef:65:e2:22:84:e9:f8:d0:6a:98:1f:
78:7d:1d:c9:7a:e1:d5:84:ba:16:a2:8c:10:67:5f:
9e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CE:45:E1:63:25:9E:76:BE:31:9B:B4:83:69:95:59:76:E2:54:CA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V85F4WMlnna-MZu0g2mVWXbiVMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.204.0/24
194.87.208.0/24
194.87.231.0/24
195.58.38.0/24
Signature Algorithm: sha256WithRSAEncryption
55:82:06:9b:c0:38:67:f0:fb:ab:1f:60:b9:83:87:79:df:ce:
b7:97:57:ed:63:01:d9:da:d3:c9:af:86:29:31:17:9a:b0:71:
32:3e:d2:cf:1f:2d:ac:95:86:0c:d7:a8:25:c6:a6:07:66:a9:
9b:ef:c1:12:01:56:25:00:53:6b:e4:8b:2f:ca:12:b2:17:43:
0d:c8:bb:7b:20:b8:be:b7:a2:1f:7d:5b:e6:d3:b0:47:b8:88:
02:e2:b9:f2:95:2e:99:93:93:1f:8b:fc:98:b3:cd:d1:07:cf:
a9:eb:47:98:3e:12:90:41:b3:2b:06:a3:91:0f:71:0c:bf:a8:
31:0f:cf:73:12:22:4f:df:48:ec:5a:d5:e3:77:33:34:ed:f4:
56:93:1c:cf:2d:9c:d2:6c:1c:a8:60:58:c2:0f:7f:b1:91:10:
55:6f:4a:0d:4b:64:75:97:c2:9d:df:c7:ea:2b:b9:31:96:10:
78:4c:5a:c8:10:6f:9a:ff:2a:54:df:ae:7c:97:4b:e7:57:97:
65:08:90:2f:96:77:e0:d2:ae:34:6f:27:01:a5:0f:f2:5f:58:
85:46:ff:6f:8a:76:da:7c:1a:4e:fd:44:06:c0:3c:33:02:f3:
0b:8d:88:ba:73:8e:f1:b4:68:a1:4b:7b:16:62:e8:10:60:2d:
81:8c:fe:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYT2KqXHulcsXpX+ZpxqaXb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA5MDkxNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2NlNDVlMTYzMjU5ZTc2YmUzMTliYjQ4MzY5OTU1OTc2ZTI1NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRvUA9jvpqOvZtlcLUH4Pm5kOoYx
7h4iGX9q7EJ1+brE6Cc86JEwejytdCI85SBPq2sswHTrN9o0E9jDKIC5GxUkDa7D
3PJyrcseJzRR2oHPRhkA/X3BeCYYu2dtRZoh2CWoz1knk0AqB0b3SGU0vcMB9StH
CtMbuFVZZnWd5VVdoeyU/k93PX/5OkdqACkn6tP9WO5zQyDND73Cxh/lsVVxEd8O
RCNW7930rpQtqyVcxLhHBoQH/eOjQo8z6mpU5ljsNeSDBKbJdJCaO0HET74CvgJ9
AnyBFRZP9G3y/OO9XdrY72XiIoTp+NBqmB94fR3JeuHVhLoWoowQZ1+eFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFfOReFjJZ52vjGbtINplVl24lTKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVjg1RjRXTWxubmEtTVp1MGcybVZXWGJpVk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlfMAwQA
wlfQAwQAwlfnAwQAwzomMA0GCSqGSIb3DQEBCwUAA4IBAQBVggabwDhn8PurH2C5
g4d53863l1ftYwHZ2tPJr4YpMReasHEyPtLPHy2slYYM16glxqYHZqmb78ESAVYl
AFNr5IsvyhKyF0MNyLt7ILi+t6IffVvm07BHuIgC4rnylS6Zk5Mfi/yYs83RB8+p
60eYPhKQQbMrBqORD3EMv6gxD89zEiJP30jsWtXjdzM07fRWkxzPLZzSbByoYFjC
D3+xkRBVb0oNS2R1l8Kd38fqK7kxlhB4TFrIEG+a/ypU3658l0vnV5dlCJAvlnfg
0q40bycBpQ/yX1iFRv9vinbafBpO/UQGwDwzAvMLjYi6c47xtGihS3sWYugQYC2B
jP7W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org