Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_8KrJFe3mwQ1NnpS-gf8ZSdXmQ8.roa
File: _8KrJFe3mwQ1NnpS-gf8ZSdXmQ8.roa (raw, json)
Hash identifier: 81iNuKrtbK/pfE57MACX7ki3/Gm8D2q5fivxldhpIro=
Subject key identifier: FF:C2:AB:24:57:B7:9B:04:35:36:7A:52:FA:07:FC:65:27:57:99:0F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01845781F0A9CC154527CEAAF5D445030866
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_8KrJFe3mwQ1NnpS-gf8ZSdXmQ8.roa
Signing time: Tue 08 Nov 2022 13:50:44 +0000
ROA not before: Tue 08 Nov 2022 13:50:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26383
IP address blocks: 193.124.22.0/24 maxlen: 24
62.76.234.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:57:81:f0:a9:cc:15:45:27:ce:aa:f5:d4:45:03:08:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 13:50:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffc2ab2457b79b0435367a52fa07fc652757990f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e0:4e:e5:fc:aa:a8:e4:e2:24:e5:49:5f:cc:
b1:f2:c0:ae:84:b7:ab:d7:eb:1a:2b:61:82:1b:85:
9f:03:ad:4a:4c:f8:da:4b:8e:5f:46:5b:87:b8:d1:
b0:98:90:f8:6f:19:98:16:4f:6d:48:81:33:91:24:
b9:fa:e9:eb:c2:20:ab:7d:87:26:65:29:25:dd:ef:
bb:d3:72:fb:b2:09:f3:5d:29:af:f3:8c:d2:b4:c6:
bd:7e:9f:47:5d:52:7e:ac:2a:be:ca:06:f7:b2:bb:
a9:aa:87:90:5f:52:33:aa:71:4a:8e:bd:c2:95:a9:
1e:1f:57:47:bc:ae:53:47:8c:b5:a7:f6:77:60:27:
69:88:f1:30:38:ac:c2:21:54:00:fc:d0:04:e4:63:
61:fc:a0:2a:df:cf:14:16:2d:d3:5f:c7:05:67:d1:
18:d6:3d:b5:ae:cc:ff:5f:05:df:4e:56:2a:7a:70:
89:c8:ae:78:2e:a0:8c:26:a9:bb:05:5a:33:e6:52:
d3:c4:92:86:36:e8:c6:b4:49:53:4e:a5:4a:f0:69:
ce:b3:14:b9:b7:d2:c8:3d:6d:2e:6e:e7:63:44:8e:
3f:65:8b:75:29:c6:71:44:d6:70:92:29:1b:e6:09:
cb:10:4d:2d:c4:11:59:f9:c3:bc:d0:aa:df:7b:5b:
80:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C2:AB:24:57:B7:9B:04:35:36:7A:52:FA:07:FC:65:27:57:99:0F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_8KrJFe3mwQ1NnpS-gf8ZSdXmQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
185.72.8.0/24
193.124.22.0/24
194.58.34.0/24
194.87.47.0/24
212.192.12.0/24
Signature Algorithm: sha256WithRSAEncryption
59:75:a1:e1:d0:70:54:17:c4:2c:2b:44:08:bf:4c:0d:9a:ff:
36:53:5a:b8:1f:83:a2:27:2f:0d:a2:6c:99:0a:f5:99:fb:a0:
d2:ff:99:5d:d7:24:e5:e3:b6:26:a3:82:1f:9a:fa:41:ac:dd:
aa:14:e5:48:07:0d:9e:6c:f2:5b:ac:85:1a:b0:a7:a5:b9:85:
76:2d:de:dd:d1:43:2e:6a:1a:b7:9a:c4:94:ab:82:dc:28:42:
da:18:cc:ad:ce:02:00:43:fa:bf:43:0b:51:39:b9:c6:91:d4:
87:a1:51:3c:b7:c5:6c:c4:a2:40:b2:fb:2a:9d:95:15:cf:53:
e3:06:4a:22:65:e9:c3:4c:69:58:fa:ba:b1:ea:b1:00:a5:66:
e2:3b:9c:09:17:fe:2a:74:b2:20:a6:11:d3:3f:eb:62:57:64:
d4:7c:21:26:ab:1e:ff:25:13:bd:35:93:af:15:b7:02:2a:16:
07:f7:e0:6b:c7:d6:91:15:c1:d2:4c:ec:fc:91:53:fa:0c:2b:
b2:f3:1a:3a:53:f6:bf:8e:fc:17:38:6a:e7:dd:e4:46:6c:ae:
5f:80:ad:9f:05:72:a9:ed:06:b8:b0:3a:43:19:5e:c9:f7:d3:
27:b1:4e:19:9b:5b:4d:f1:e6:a7:9c:a1:00:37:e3:20:02:6c:
02:4f:f5:f4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYRXgfCpzBVFJ86q9dRFAwhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA4MTM1MDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmMyYWIyNDU3Yjc5YjA0MzUzNjdhNTJmYTA3ZmM2NTI3NTc5OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeBO5fyqqOTiJOVJX8yx8sCuhLer
1+saK2GCG4WfA61KTPjaS45fRluHuNGwmJD4bxmYFk9tSIEzkSS5+unrwiCrfYcm
ZSkl3e+703L7sgnzXSmv84zStMa9fp9HXVJ+rCq+ygb3srupqoeQX1IzqnFKjr3C
lakeH1dHvK5TR4y1p/Z3YCdpiPEwOKzCIVQA/NAE5GNh/KAq388UFi3TX8cFZ9EY
1j21rsz/XwXfTlYqenCJyK54LqCMJqm7BVoz5lLTxJKGNujGtElTTqVK8GnOsxS5
t9LIPW0ubudjRI4/ZYt1KcZxRNZwkikb5gnLEE0txBFZ+cO80Krfe1uAVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP/CqyRXt5sENTZ6UvoH/GUnV5kPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvXzhLckpGZTNtd1ExTm5wUy1nZjhaU2RYbVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPkzqAwQA
uUgIAwQAwXwWAwQAwjoiAwQAwlcvAwQA1MAMMA0GCSqGSIb3DQEBCwUAA4IBAQBZ
daHh0HBUF8QsK0QIv0wNmv82U1q4H4OiJy8NomyZCvWZ+6DS/5ld1yTl47Ymo4If
mvpBrN2qFOVIBw2ebPJbrIUasKeluYV2Ld7d0UMuahq3msSUq4LcKELaGMytzgIA
Q/q/QwtRObnGkdSHoVE8t8VsxKJAsvsqnZUVz1PjBkoiZenDTGlY+rqx6rEApWbi
O5wJF/4qdLIgphHTP+tiV2TUfCEmqx7/JRO9NZOvFbcCKhYH9+Brx9aRFcHSTOz8
kVP6DCuy8xo6U/a/jvwXOGrn3eRGbK5fgK2fBXKp7Qa4sDpDGV7J99MnsU4Zm1tN
8eannKEAN+MgAmwCT/X0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org