Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XsooXFDWW6bw2gi17_1QMX9Chdk.roa
File: XsooXFDWW6bw2gi17_1QMX9Chdk.roa (raw, json)
Hash identifier: YmwnK3wNzBz/4q7moKE89fIzY/B8FcD6Ux4GtYeL8zg=
Subject key identifier: 5E:CA:28:5C:50:D6:5B:A6:F0:DA:08:B5:EF:FD:50:31:7F:42:85:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0181DC88D45310B1CD6576D149595BF65272
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XsooXFDWW6bw2gi17_1QMX9Chdk.roa
Signing time: Fri 08 Jul 2022 06:39:23 +0000
ROA not before: Fri 08 Jul 2022 06:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dc:88:d4:53:10:b1:cd:65:76:d1:49:59:5b:f6:52:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 8 06:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5eca285c50d65ba6f0da08b5effd50317f4285d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:20:a9:ac:6f:ba:f7:31:c6:e4:60:71:53:8d:
bb:e3:35:e9:38:fb:7a:4d:e2:85:7b:42:a7:aa:ed:
b5:75:e9:6c:fd:8f:62:1b:28:3c:54:7b:c5:84:6a:
09:57:5e:e5:3e:28:a6:01:25:89:f9:75:70:61:c3:
5c:15:30:7c:f6:e5:a3:18:d0:31:9d:bd:e4:2b:60:
ba:41:d4:0d:bf:ff:4b:d0:7f:14:31:f6:4d:8c:a9:
b7:46:ed:01:b6:bb:34:d7:10:42:b6:c7:44:9f:dd:
4f:41:05:e4:65:f4:51:81:e4:3b:51:be:30:06:4f:
93:bd:47:e9:81:4f:9e:3b:56:e1:1d:6f:d9:34:0e:
e1:ac:98:8e:cf:1b:4d:04:18:00:71:f5:af:97:0c:
b6:42:72:f7:f7:8b:8e:7c:6a:d5:8b:ac:e0:cb:e8:
4d:7a:47:3e:10:68:f0:d6:28:60:99:24:5f:44:4f:
87:48:36:98:28:09:dd:32:6d:77:d6:44:14:1c:c8:
16:ce:23:5a:b8:de:3b:4a:fc:ac:21:02:51:59:21:
7c:6e:ad:8b:e0:46:42:95:68:f9:52:51:e6:70:72:
89:15:d4:f2:bb:9b:6f:65:af:d8:f5:15:62:16:3c:
32:4e:c3:c0:a5:96:8c:b9:c7:09:a1:48:13:f2:c7:
79:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CA:28:5C:50:D6:5B:A6:F0:DA:08:B5:EF:FD:50:31:7F:42:85:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XsooXFDWW6bw2gi17_1QMX9Chdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.41.0/24
193.124.93.0/24
193.124.125.0/24
194.87.56.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b3:cb:6d:3b:55:5c:81:1c:c1:27:95:92:85:45:51:f4:5e:
77:46:1f:74:20:6e:9d:30:25:42:e3:16:60:e3:b9:ac:b4:a6:
c1:95:37:fa:fc:74:a8:ce:a2:1b:cd:2f:0d:2b:47:39:33:cc:
44:cc:9d:88:c1:68:0e:2c:a7:17:f9:b6:88:26:11:a7:37:2c:
8d:bf:c8:01:48:0d:4f:a9:2f:7a:0e:90:bf:a9:42:d2:b3:5c:
d9:10:c0:f6:29:b9:e3:60:6f:f9:af:37:8c:78:a6:e4:d3:a3:
ad:76:2a:30:1b:af:1c:78:08:a9:25:df:17:1b:0b:c4:81:66:
c5:0e:c2:d6:d0:9f:95:73:02:3f:63:35:92:68:18:69:c3:18:
04:55:9e:ca:37:f2:0e:ef:92:1a:0d:c5:0c:da:10:24:04:d4:
1c:a2:c1:a1:17:51:ee:18:46:6c:b6:28:31:a1:0a:ac:19:33:
41:f7:b2:45:93:a6:72:95:d9:92:46:3c:c4:54:11:23:cc:7c:
fb:16:d0:72:97:1e:22:49:ea:cc:f6:9d:3f:8e:ca:ad:81:f6:
c1:55:b6:7b:1b:5b:54:e9:26:24:06:db:0c:9e:0d:79:f9:81:
fc:13:5f:11:b0:a7:56:d2:59:c9:6e:e7:9e:67:25:38:79:90:
21:4a:c6:63
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYHciNRTELHNZXbRSVlb9lJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzA4MDYzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWNhMjg1YzUwZDY1YmE2ZjBkYTA4YjVlZmZkNTAzMTdmNDI4NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCCprG+69zHG5GBxU4274zXpOPt6
TeKFe0Knqu21dels/Y9iGyg8VHvFhGoJV17lPiimASWJ+XVwYcNcFTB89uWjGNAx
nb3kK2C6QdQNv/9L0H8UMfZNjKm3Ru0Btrs01xBCtsdEn91PQQXkZfRRgeQ7Ub4w
Bk+TvUfpgU+eO1bhHW/ZNA7hrJiOzxtNBBgAcfWvlwy2QnL394uOfGrVi6zgy+hN
ekc+EGjw1ihgmSRfRE+HSDaYKAndMm131kQUHMgWziNauN47SvysIQJRWSF8bq2L
4EZClWj5UlHmcHKJFdTyu5tvZa/Y9RViFjwyTsPApZaMuccJoUgT8sd5ZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF7KKFxQ1lum8NoIte/9UDF/QoXZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWHNvb1hGRFdXNmJ3MmdpMTdfMVFNWDlDaGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwEAwQA
wXwpAwQAwXxdAwQAwXx9AwQAwlc4AwQAw4VJMA0GCSqGSIb3DQEBCwUAA4IBAQAp
s8ttO1VcgRzBJ5WShUVR9F53Rh90IG6dMCVC4xZg47mstKbBlTf6/HSozqIbzS8N
K0c5M8xEzJ2IwWgOLKcX+baIJhGnNyyNv8gBSA1PqS96DpC/qULSs1zZEMD2Kbnj
YG/5rzeMeKbk06OtdiowG68ceAipJd8XGwvEgWbFDsLW0J+VcwI/YzWSaBhpwxgE
VZ7KN/IO75IaDcUM2hAkBNQcosGhF1HuGEZstigxoQqsGTNB97JFk6ZyldmSRjzE
VBEjzHz7FtBylx4iSerM9p0/jsqtgfbBVbZ7G1tU6SYkBtsMng15+YH8E18RsKdW
0lnJbueeZyU4eZAhSsZj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org