Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_bH3rT-rjkOwcURqwtm1tqOKX14.roa
File: _bH3rT-rjkOwcURqwtm1tqOKX14.roa (raw, json)
Hash identifier: MUtODds6PiWyH1+hUrQ1Uz0qpyV4BhX/KOIRGdF6Us0=
Subject key identifier: FD:B1:F7:AD:3F:AB:8E:43:B0:71:44:6A:C2:D9:B5:B6:A3:8A:5F:5E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018290FA0A3D9E2007E40D78E600ABC76E3C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_bH3rT-rjkOwcURqwtm1tqOKX14.roa
Signing time: Fri 12 Aug 2022 07:34:41 +0000
ROA not before: Fri 12 Aug 2022 07:34:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
195.133.12.0/22 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:90:fa:0a:3d:9e:20:07:e4:0d:78:e6:00:ab:c7:6e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 12 07:34:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdb1f7ad3fab8e43b071446ac2d9b5b6a38a5f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:76:ac:7f:db:2c:9d:af:c6:d5:ab:c9:25:01:
b4:97:59:7e:cf:cb:56:7a:09:32:6c:00:4d:db:18:
ce:7e:00:c4:c4:3b:23:ef:27:2f:5f:6c:a8:47:98:
71:b7:0c:2a:56:f4:7b:7b:be:9a:03:24:3a:48:4b:
f8:d3:0d:20:fe:ab:87:23:2d:ee:da:d0:69:06:eb:
b9:f9:a9:40:e3:f1:c7:59:95:0e:08:97:47:95:5f:
e3:64:14:40:74:2c:4f:89:02:d5:28:39:25:90:5a:
69:2a:1d:19:14:b3:7b:c3:c2:2a:a5:63:59:a5:96:
e9:e2:2b:a9:9b:5d:26:d2:9f:ce:43:45:94:57:42:
4e:44:3f:35:43:87:0b:c4:c0:28:5c:c4:9d:a6:b9:
f0:03:cf:31:d7:2c:03:d6:ca:68:55:b4:4e:a8:e3:
34:41:b7:95:1b:4d:4a:ea:84:d7:d0:7b:09:c7:ac:
74:37:cd:9c:a5:f5:dd:23:74:e8:e6:c3:ef:3d:c7:
3c:83:aa:e1:e0:84:4b:d0:4a:ad:e1:98:22:61:24:
69:f4:67:f4:f7:54:dc:95:57:60:62:2d:f4:e1:b3:
18:94:17:cd:a6:72:6c:80:db:76:0a:f7:e4:4c:17:
f1:be:7e:c3:2f:fc:91:f1:36:e8:59:bc:ca:80:7a:
26:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B1:F7:AD:3F:AB:8E:43:B0:71:44:6A:C2:D9:B5:B6:A3:8A:5F:5E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_bH3rT-rjkOwcURqwtm1tqOKX14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.203.0/24
194.87.1.0/24
194.87.24.0/22
194.87.116.0/22
194.87.179.0/24
194.87.187.0/24
194.87.219.0/24
194.87.222.0/23
194.135.23.0/24
195.133.12.0/22
195.133.80.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:f4:76:6e:a5:4f:59:3c:5d:56:60:8f:be:bd:5b:1c:28:92:
50:e7:60:95:2e:5a:71:65:e4:33:d9:76:a0:d0:e7:4d:98:76:
57:eb:6a:56:c3:ca:ea:74:fb:3d:67:e9:19:65:54:dc:1f:9e:
2d:71:53:5a:d4:01:1b:b2:40:2d:6f:fd:40:98:87:b8:f7:4f:
69:9c:69:3e:dc:c9:db:f9:c4:cd:55:92:7c:6b:96:0f:af:57:
ad:8f:0e:a3:af:c4:78:c5:ba:c1:31:cb:06:6b:7c:59:48:ce:
db:0d:41:f2:04:19:66:67:4b:7e:44:17:22:d9:4d:67:90:51:
1e:1b:1a:fd:f7:74:a6:e5:32:b4:50:87:8a:94:30:a7:bc:bb:
ec:35:9a:30:12:11:02:cf:c4:d6:89:b7:cd:df:94:f1:78:c6:
31:36:36:95:ce:02:7b:56:8a:ca:46:91:c2:dd:21:68:dc:3b:
2b:26:99:cd:ec:98:68:d3:ba:d4:c0:83:35:a2:1e:34:c3:37:
09:16:d7:f8:6a:2e:17:fa:cb:b1:15:7d:16:c8:ac:9d:9b:9e:
4b:07:0d:bd:83:56:39:9f:bc:ac:12:a6:3d:66:5a:1c:d0:31:
3d:f4:3d:46:d5:1a:78:fa:0b:07:c3:7f:56:ce:80:59:d3:81:
af:a6:16:cc
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYKQ+go9niAH5A145gCrx248MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODEyMDczNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIxZjdhZDNmYWI4ZTQzYjA3MTQ0NmFjMmQ5YjViNmEzOGE1ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3asf9ssna/G1avJJQG0l1l+z8tW
egkybABN2xjOfgDExDsj7ycvX2yoR5hxtwwqVvR7e76aAyQ6SEv40w0g/quHIy3u
2tBpBuu5+alA4/HHWZUOCJdHlV/jZBRAdCxPiQLVKDklkFppKh0ZFLN7w8IqpWNZ
pZbp4iupm10m0p/OQ0WUV0JORD81Q4cLxMAoXMSdprnwA88x1ywD1spoVbROqOM0
QbeVG01K6oTX0HsJx6x0N82cpfXdI3To5sPvPcc8g6rh4IRL0Eqt4ZgiYSRp9Gf0
91TclVdgYi304bMYlBfNpnJsgNt2CvfkTBfxvn7DL/yR8TboWbzKgHomqwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFP2x960/q45DsHFEasLZtbajil9eMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX2JIM3JULXJqa093Y1VScXd0bTF0cU9LWDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAMB8rQME
AMB8sgMEAsB8tAMEAsB8vAMEAMB80QMEAMF8AwMEAMF8ywMEAMJXAQMEAsJXGAME
AsJXdAMEAMJXswMEAMJXuwMEAMJX2wMEAcJX3gMEAMKHFwMEAsOFDAMEAMOFUAME
ANTBDjANBgkqhkiG9w0BAQsFAAOCAQEASvR2bqVPWTxdVmCPvr1bHCiSUOdglS5a
cWXkM9l2oNDnTZh2V+tqVsPK6nT7PWfpGWVU3B+eLXFTWtQBG7JALW/9QJiHuPdP
aZxpPtzJ2/nEzVWSfGuWD69XrY8Oo6/EeMW6wTHLBmt8WUjO2w1B8gQZZmdLfkQX
ItlNZ5BRHhsa/fd0puUytFCHipQwp7y77DWaMBIRAs/E1om3zd+U8XjGMTY2lc4C
e1aKykaRwt0haNw7KyaZzeyYaNO61MCDNaIeNMM3CRbX+GouF/rLsRV9FsisnZue
SwcNvYNWOZ+8rBKmPWZaHNAxPfQ9RtUaePoLB8N/Vs6AWdOBr6YWzA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org