Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_aZ9kqNV9_U-ORr3aqPDTMzmzXw.roa
File: _aZ9kqNV9_U-ORr3aqPDTMzmzXw.roa (raw, json)
Hash identifier: IyFHJN1/xBHrTVYcStBNv0EMECGxIELhfgEl5AvN4E0=
Subject key identifier: FD:A6:7D:92:A3:55:F7:F5:3E:39:1A:F7:6A:A3:C3:4C:CC:E6:CD:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E1B5CD0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_aZ9kqNV9_U-ORr3aqPDTMzmzXw.roa
Signing time: Sat 01 Jan 2022 01:58:17 +0000
ROA not before: Sat 01 Jan 2022 01:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 194.87.24.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236674256 (0xe1b5cd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fda67d92a355f7f53e391af76aa3c34ccce6cd7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:a5:4c:6c:d2:0a:b8:5c:f1:85:8c:b4:73:
85:ac:9f:ca:77:e6:e9:81:4c:1e:c6:6c:a4:54:e3:
18:99:f5:31:72:09:d8:83:6a:02:4f:7d:14:c7:af:
1f:5c:09:ae:72:6a:10:5a:50:4d:4e:68:3a:43:bc:
7e:0e:b2:4d:04:2c:ff:ea:87:a9:e4:c4:09:b1:9f:
72:1a:09:e2:d5:40:ea:fe:e5:3c:3e:18:40:b2:9e:
1d:fc:83:1e:1d:57:3c:a7:01:05:9a:af:2f:fe:20:
74:b3:d4:d3:b1:d4:92:e1:f7:36:47:f9:3d:3d:aa:
00:d4:49:08:70:a2:e0:c4:d4:91:39:0c:21:bc:75:
8d:b3:fa:49:8f:87:69:e6:0c:00:bd:48:8f:9e:c8:
fd:07:a7:4a:62:77:4f:66:17:b5:d0:60:1d:c4:89:
19:09:8d:78:e0:29:84:67:79:41:d4:82:31:fe:f8:
00:4a:75:25:ba:12:24:7a:fd:08:63:63:70:76:dc:
8f:d0:c2:bd:64:bf:a3:4a:87:5e:40:e7:5e:bd:4a:
79:b7:ca:65:3b:95:ce:2d:f1:26:42:47:b2:c4:b2:
8c:1e:2f:75:eb:12:c3:f3:84:b0:67:c6:fb:4e:f8:
28:78:c3:8a:44:96:f1:5b:03:b0:80:3e:f6:4e:17:
fb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A6:7D:92:A3:55:F7:F5:3E:39:1A:F7:6A:A3:C3:4C:CC:E6:CD:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_aZ9kqNV9_U-ORr3aqPDTMzmzXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/22
194.87.24.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:3d:dc:36:1b:28:44:4d:c8:d7:d9:b6:57:fc:22:9d:fd:5d:
41:a9:f9:43:d9:2c:cd:a3:36:16:aa:43:42:7a:40:b6:12:a0:
d9:d4:c9:43:cc:c8:74:79:8f:88:e1:46:e5:dd:a4:bf:1d:bd:
86:13:f2:07:a0:0c:ed:18:83:54:0a:73:60:57:dd:19:02:7b:
e4:de:25:36:c9:aa:08:4a:c2:54:3a:97:68:73:ef:78:21:d5:
92:90:ca:e0:e4:59:04:90:f0:02:8d:e0:74:74:67:d9:1f:f1:
3e:64:88:f4:be:63:ee:57:d1:a9:07:39:09:16:0e:0e:49:83:
d4:e2:d0:e3:d3:2f:4d:35:fe:33:65:62:a2:91:13:b3:98:73:
b4:69:73:72:01:5c:60:a1:45:73:01:f4:97:2a:a7:0e:8b:aa:
a7:fc:8e:9e:74:0c:65:4d:77:6e:65:db:db:08:ff:02:fd:2a:
37:73:86:90:a5:76:cd:a4:24:98:76:55:b9:fc:c0:f7:35:f8:
33:f4:5e:a7:13:88:3b:75:3f:90:c4:73:74:b0:11:83:b5:30:
99:42:2d:58:cc:85:3a:11:f7:b1:a7:f6:56:58:ae:6b:27:71:
da:6b:85:ff:2a:4a:88:ca:9e:3d:aa:fc:4c:d9:f4:88:65:ec:
9c:a3:5b:61
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDhtc0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmRhNjdkOTJhMzU1
ZjdmNTNlMzkxYWY3NmFhM2MzNGNjY2U2Y2Q3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMrpUxs0gq4XPGFjLRzhayfynfm6YFMHsZspFTjGJn1MXIJ
2INqAk99FMevH1wJrnJqEFpQTU5oOkO8fg6yTQQs/+qHqeTECbGfchoJ4tVA6v7l
PD4YQLKeHfyDHh1XPKcBBZqvL/4gdLPU07HUkuH3Nkf5PT2qANRJCHCi4MTUkTkM
Ibx1jbP6SY+HaeYMAL1Ij57I/QenSmJ3T2YXtdBgHcSJGQmNeOAphGd5QdSCMf74
AEp1JboSJHr9CGNjcHbcj9DCvWS/o0qHXkDnXr1KebfKZTuVzi3xJkJHssSyjB4v
desSw/OEsGfG+074KHjDikSW8VsDsIA+9k4X+4kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT9pn2So1X39T45Gvdqo8NMzObNfDAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L19hWjlrcU5WOV9VLU9ScjNhcVBEVE16bXpYdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsB8tAMEAsJXGDANBgkqhkiG9w0B
AQsFAAOCAQEADD3cNhsoRE3I19m2V/winf1dQan5Q9kszaM2FqpDQnpAthKg2dTJ
Q8zIdHmPiOFG5d2kvx29hhPyB6AM7RiDVApzYFfdGQJ75N4lNsmqCErCVDqXaHPv
eCHVkpDK4ORZBJDwAo3gdHRn2R/xPmSI9L5j7lfRqQc5CRYODkmD1OLQ49MvTTX+
M2ViopETs5hztGlzcgFcYKFFcwH0lyqnDouqp/yOnnQMZU13bmXb2wj/Av0qN3OG
kKV2zaQkmHZVufzA9zX4M/RepxOIO3U/kMRzdLARg7UwmUItWMyFOhH3saf2Vliu
aydx2muF/ypKiMqePar8TNn0iGXsnKNbYQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:06 2023 by rpki-client on console-fra.rpki-client.org