Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y0FH04wafM8hm_zdttZP6ZtWjD4.roa
File: Y0FH04wafM8hm_zdttZP6ZtWjD4.roa (raw, json)
Hash identifier: OzVC9MJnyvT3P4Z4RFvaC+1kZGjYfE+8qvawQ/lzbGk=
Subject key identifier: 63:41:47:D3:8C:1A:7C:CF:21:9B:FC:DD:B6:D6:4F:E9:9B:56:8C:3E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018216F30EF43617EB5ABB376694380B2B36
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y0FH04wafM8hm_zdttZP6ZtWjD4.roa
Signing time: Tue 19 Jul 2022 14:53:24 +0000
ROA not before: Tue 19 Jul 2022 14:53:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 194.87.1.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.32.0/22 maxlen: 24
194.87.166.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.116.0/22 maxlen: 24
194.135.124.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:f3:0e:f4:36:17:eb:5a:bb:37:66:94:38:0b:2b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 19 14:53:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=634147d38c1a7ccf219bfcddb6d64fe99b568c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:4b:80:80:a9:77:1d:e1:13:21:2b:40:09:
2a:7e:fc:44:63:a1:15:63:fe:ba:37:a3:79:32:21:
59:1a:bb:cf:81:e5:4d:b8:15:c5:90:ae:cd:a9:92:
4a:c5:7b:ab:4c:5d:42:9a:7d:07:5e:af:7e:80:54:
58:d7:04:a2:c5:42:1d:4e:db:81:f8:5c:c5:66:fa:
46:1c:d9:a4:14:2e:12:3d:1e:2b:56:08:bb:2a:4d:
d6:39:b9:f0:e2:3c:0c:e3:6b:48:2e:ba:9b:c3:c4:
34:9a:97:48:5e:4b:b0:82:45:b7:42:07:59:3a:12:
75:b5:48:07:cc:6a:ef:ce:43:b8:60:33:f6:93:5b:
13:e1:20:e3:fc:b1:3d:30:53:2a:f0:b5:1b:ce:f6:
86:b2:f4:86:7a:a9:7b:66:0f:2d:05:60:9c:e0:c4:
95:59:7b:89:ff:20:72:b0:dd:fd:50:a8:fa:9a:04:
ca:7a:75:87:95:2d:ce:5f:19:26:ce:1f:9e:92:66:
82:78:45:a7:91:67:c5:e2:57:0a:e4:e7:ca:de:22:
79:8d:3d:a2:e0:fd:74:97:c5:5e:ee:5d:71:06:8c:
35:c3:99:f4:80:4c:32:10:54:c9:3a:ba:0b:88:18:
9c:8e:22:da:97:ac:ac:3a:60:b0:0d:ba:7f:d9:1f:
0e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:41:47:D3:8C:1A:7C:CF:21:9B:FC:DD:B6:D6:4F:E9:9B:56:8C:3E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y0FH04wafM8hm_zdttZP6ZtWjD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.203.0/24
194.87.1.0/24
194.87.32.0/22
194.87.64.0/24
194.87.116.0/22
194.87.166.0/24
194.87.179.0/24
194.135.23.0/24
194.135.124.0/24
Signature Algorithm: sha256WithRSAEncryption
50:48:e9:59:06:58:54:84:97:dd:3c:26:16:1d:12:44:df:4e:
65:f6:15:7e:75:d2:6b:70:7a:8c:3d:96:cf:a8:64:c7:28:96:
ee:92:e8:24:56:ca:39:b8:58:9e:61:3e:ea:2b:21:f0:01:0f:
9e:17:b3:10:ca:ac:f7:53:75:05:90:4a:cf:38:5a:48:0c:0d:
ff:ce:8e:0d:92:8b:be:4f:34:60:6d:76:d3:fc:f9:7b:c6:c1:
23:76:a8:d4:81:bb:e3:c9:0b:6c:12:bb:ec:88:22:2c:f5:ce:
8e:d3:ec:af:b7:62:97:eb:9f:bc:66:fc:6b:ad:b4:8e:ae:8a:
00:5d:ae:79:2a:3f:9c:ab:8a:10:39:74:5b:22:55:12:05:b0:
8e:0a:dc:89:d0:29:9c:4e:65:29:b3:ed:7b:af:f7:13:53:94:
c2:1f:7a:fe:ab:fb:41:0e:00:82:03:27:00:9a:b6:99:b2:93:
c5:d0:d7:a5:b8:9b:c7:77:88:75:5d:86:2f:db:d9:6c:0b:28:
8f:32:ca:b5:33:b6:55:e5:24:dd:62:f2:1c:83:5e:a7:0c:ec:
08:18:c4:be:e9:77:aa:12:e0:a2:aa:62:f0:a0:a6:f4:d7:74:
33:b5:90:de:1c:19:9c:cb:98:43:2f:af:c0:08:ef:44:e1:d9:
39:b8:24:f0
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYIW8w70NhfrWrs3ZpQ4Cys2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzE5MTQ1MzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQxNDdkMzhjMWE3Y2NmMjE5YmZjZGRiNmQ2NGZlOTliNTY4YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlpLgICpdx3hEyErQAkqfvxEY6EV
Y/66N6N5MiFZGrvPgeVNuBXFkK7NqZJKxXurTF1Cmn0HXq9+gFRY1wSixUIdTtuB
+FzFZvpGHNmkFC4SPR4rVgi7Kk3WObnw4jwM42tILrqbw8Q0mpdIXkuwgkW3QgdZ
OhJ1tUgHzGrvzkO4YDP2k1sT4SDj/LE9MFMq8LUbzvaGsvSGeql7Zg8tBWCc4MSV
WXuJ/yBysN39UKj6mgTKenWHlS3OXxkmzh+ekmaCeEWnkWfF4lcK5OfK3iJ5jT2i
4P10l8Ve7l1xBow1w5n0gEwyEFTJOroLiBicjiLal6ysOmCwDbp/2R8OGQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGNBR9OMGnzPIZv83bbWT+mbVow+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWTBGSDA0d2FmTThobV96ZHR0WlA2WnRXakQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwHytAwQA
wHyyAwQCwHy0AwQCwHy8AwQAwHzRAwQAwXzLAwQAwlcBAwQCwlcgAwQAwldAAwQC
wld0AwQAwlemAwQAwlezAwQAwocXAwQAwod8MA0GCSqGSIb3DQEBCwUAA4IBAQBQ
SOlZBlhUhJfdPCYWHRJE305l9hV+ddJrcHqMPZbPqGTHKJbukugkVso5uFieYT7q
KyHwAQ+eF7MQyqz3U3UFkErPOFpIDA3/zo4Nkou+TzRgbXbT/Pl7xsEjdqjUgbvj
yQtsErvsiCIs9c6O0+yvt2KX65+8ZvxrrbSOrooAXa55Kj+cq4oQOXRbIlUSBbCO
CtyJ0CmcTmUps+17r/cTU5TCH3r+q/tBDgCCAycAmraZspPF0NeluJvHd4h1XYYv
29lsCyiPMsq1M7ZV5STdYvIcg16nDOwIGMS+6XeqEuCiqmLwoKb013QztZDeHBmc
y5hDL6/ACO9E4dk5uCTw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org