Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_bk-6st8vfrhELQR6E0AGJ7Y_xA.roa
File: _bk-6st8vfrhELQR6E0AGJ7Y_xA.roa (raw, json)
Hash identifier: F/Jgt/yzmzZ6GN12YI6rDtnwtWttWpRGiVMQiIIO1No=
Subject key identifier: FD:B9:3E:EA:CB:7C:BD:FA:E1:10:B4:11:E8:4D:00:18:9E:D8:FF:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018438DA228544D637F5AC0453FB1997984D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_bk-6st8vfrhELQR6E0AGJ7Y_xA.roa
Signing time: Wed 02 Nov 2022 14:58:50 +0000
ROA not before: Wed 02 Nov 2022 14:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212598
IP address blocks: 194.87.209.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.58.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:38:da:22:85:44:d6:37:f5:ac:04:53:fb:19:97:98:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 2 14:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdb93eeacb7cbdfae110b411e84d00189ed8ff10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b8:cf:91:08:23:cf:7c:c2:9a:09:88:61:f8:
a3:6b:68:c6:cd:a6:61:c7:37:3e:95:d8:60:49:6a:
b9:0d:01:7b:44:c1:28:80:f0:57:21:0b:8c:e5:c2:
11:7b:78:0c:81:47:ef:08:45:7c:ff:5a:7f:f2:c5:
8a:2d:5f:9e:e0:cc:92:50:7a:dc:e9:16:ba:bd:b8:
f3:0a:d3:0a:89:7f:c7:95:79:4e:9d:18:c1:8f:5c:
da:5a:ee:f3:a5:12:e7:9d:f7:5e:8f:98:b0:62:26:
9f:5b:db:e0:3d:2b:14:08:b8:82:b6:79:76:8c:47:
94:33:a3:f4:02:ec:21:96:b2:44:4b:97:2c:ea:45:
82:18:81:ea:59:d0:9e:51:4b:dd:3b:07:0a:cd:aa:
3e:0d:d4:2c:33:e4:13:8b:4f:2f:91:2f:14:c4:eb:
2c:29:12:74:56:9b:4b:ed:2b:b7:15:61:ae:f1:e8:
68:2d:4a:af:9f:55:15:39:45:6b:b9:00:39:db:7c:
91:51:e4:5d:f6:dc:84:53:fc:24:1a:01:3d:2d:2e:
80:de:67:8f:40:ed:29:a2:1b:42:e7:05:a9:ec:0a:
1b:56:ec:31:8b:a0:14:af:d6:6c:79:35:f5:c3:34:
63:fd:4b:d7:f5:53:4f:70:85:76:a0:fd:a6:ff:98:
50:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B9:3E:EA:CB:7C:BD:FA:E1:10:B4:11:E8:4D:00:18:9E:D8:FF:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_bk-6st8vfrhELQR6E0AGJ7Y_xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.33.0/24
194.87.36.0/24
194.87.39.0/24
194.87.137.0/24
194.87.209.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8f:c8:ee:6b:90:c9:04:89:9e:77:ec:7b:95:50:77:6b:f8:
2d:51:dd:80:96:29:4a:9f:ea:34:08:12:db:1b:04:a9:f6:48:
fe:5b:c1:91:c3:a5:26:6f:a0:9d:b2:f8:0f:b2:77:22:bd:4f:
4c:b1:6b:4c:43:24:b0:f5:39:0f:36:86:de:96:3f:c1:43:df:
83:21:8b:f5:92:6c:46:e7:1c:26:e7:13:1e:d8:37:7d:82:05:
7d:fa:c4:6f:31:90:b1:fb:ee:6c:ef:4b:40:a7:33:21:ea:b4:
51:ee:fd:fd:f2:8a:fc:10:99:0c:bf:d3:76:13:f4:4c:41:e8:
35:52:c6:e5:4d:cd:9c:83:09:4f:77:21:c1:85:6f:bc:3d:63:
8a:1a:77:d6:fb:41:02:b5:31:ec:90:7e:f9:fd:41:3d:84:a2:
11:c9:ab:0e:33:8c:32:40:3f:28:99:41:47:da:52:36:b4:8d:
92:b6:1e:b6:d3:3a:f9:7a:56:bd:f7:4e:1e:58:f3:6c:55:be:
4e:11:ac:92:44:a6:27:04:c8:e9:ce:b2:c0:15:79:de:06:e8:
d9:e7:d6:45:f7:03:f3:47:78:07:2d:5d:b4:ff:f6:01:54:05:
b7:47:bf:0c:cd:57:1e:63:8d:c2:65:ac:7f:68:be:c5:7a:52:
90:db:84:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQ42iKFRNY39awEU/sZl5hNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAyMTQ1ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGI5M2VlYWNiN2NiZGZhZTExMGI0MTFlODRkMDAxODllZDhmZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbjPkQgjz3zCmgmIYfija2jGzaZh
xzc+ldhgSWq5DQF7RMEogPBXIQuM5cIRe3gMgUfvCEV8/1p/8sWKLV+e4MySUHrc
6Ra6vbjzCtMKiX/HlXlOnRjBj1zaWu7zpRLnnfdej5iwYiafW9vgPSsUCLiCtnl2
jEeUM6P0AuwhlrJES5cs6kWCGIHqWdCeUUvdOwcKzao+DdQsM+QTi08vkS8UxOss
KRJ0VptL7Su3FWGu8ehoLUqvn1UVOUVruQA523yRUeRd9tyEU/wkGgE9LS6A3meP
QO0pohtC5wWp7AobVuwxi6AUr9ZseTX1wzRj/UvX9VNPcIV2oP2m/5hQoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP25PurLfL364RC0EehNABie2P8QMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX2JrLTZzdDh2ZnJoRUxRUjZFMEFHSjdZX3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwjohAwQA
wlckAwQAwlcnAwQAwleJAwQAwlfRMA0GCSqGSIb3DQEBCwUAA4IBAQBWj8jua5DJ
BImed+x7lVB3a/gtUd2AlilKn+o0CBLbGwSp9kj+W8GRw6Umb6CdsvgPsncivU9M
sWtMQySw9TkPNobelj/BQ9+DIYv1kmxG5xwm5xMe2Dd9ggV9+sRvMZCx++5s70tA
pzMh6rRR7v398or8EJkMv9N2E/RMQeg1UsblTc2cgwlPdyHBhW+8PWOKGnfW+0EC
tTHskH75/UE9hKIRyasOM4wyQD8omUFH2lI2tI2Sth620zr5ela9904eWPNsVb5O
EaySRKYnBMjpzrLAFXneBujZ59ZF9wPzR3gHLV20//YBVAW3R78MzVceY43CZax/
aL7FelKQ24S5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:07 2023 by rpki-client on console-fra.rpki-client.org