Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aJOV3WFrExhzLbEqy-3-tKqztZc.roa
File: aJOV3WFrExhzLbEqy-3-tKqztZc.roa (raw, json)
Hash identifier: x+YcQsEZqnib3U55Ccv8u/FbWvPny/pqAa7I7/yw934=
Subject key identifier: 68:93:95:DD:61:6B:13:18:73:2D:B1:2A:CB:ED:FE:B4:AA:B3:B5:97
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185292F2B33806BFEC20F9ACD7314F152A1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aJOV3WFrExhzLbEqy-3-tKqztZc.roa
Signing time: Mon 19 Dec 2022 07:00:35 +0000
ROA not before: Mon 19 Dec 2022 07:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206216
IP address blocks: 212.192.210.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:2f:2b:33:80:6b:fe:c2:0f:9a:cd:73:14:f1:52:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 07:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=689395dd616b1318732db12acbedfeb4aab3b597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bc:34:c5:71:7a:a9:f2:90:ac:d4:57:4f:68:
44:07:e3:67:4f:5b:60:54:86:e3:88:63:b3:a4:9c:
ea:87:28:9f:97:24:4b:08:9a:41:14:fd:b1:f0:32:
e9:50:87:fe:3d:89:3c:fc:be:e5:9f:c8:b1:5e:c9:
6c:c1:bd:7c:c3:57:56:68:d8:87:4d:56:e0:ee:f2:
26:5b:08:76:34:ef:67:ab:b9:15:1d:8f:6d:a7:b8:
e4:96:d2:cc:d9:1f:f1:19:cb:e9:49:51:e5:51:40:
2c:32:20:0b:b7:fc:f4:1b:1c:e3:03:78:af:de:56:
fb:0b:31:e7:02:7f:b3:22:24:3b:19:a5:93:cc:c3:
ae:29:b4:9e:c6:84:1b:ec:6c:4f:4e:85:dd:a9:58:
b1:80:1d:a7:78:4d:39:eb:b8:07:7a:49:7b:27:78:
d2:46:f8:37:27:fe:18:53:80:4a:fe:b6:86:49:fe:
49:4c:44:cc:13:34:60:c9:8f:85:b3:61:c7:85:35:
02:62:c7:f6:59:18:e7:8f:c0:66:2b:47:04:b4:32:
c7:e7:e6:bf:87:85:e3:d0:17:4a:36:d4:51:f6:71:
8b:13:25:8a:4a:c1:ed:22:d1:91:d2:6a:18:8b:a0:
d5:24:22:dd:be:f5:b9:98:4f:e0:bc:03:86:fd:13:
d8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:93:95:DD:61:6B:13:18:73:2D:B1:2A:CB:ED:FE:B4:AA:B3:B5:97
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aJOV3WFrExhzLbEqy-3-tKqztZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.204.0/24
194.87.169.0/24
212.192.210.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
80:cc:cb:93:99:56:9f:2f:e2:16:72:dd:8a:3f:5d:39:de:33:
f2:2b:89:5c:aa:26:3c:8e:86:77:7e:7b:30:81:53:21:81:ad:
75:79:17:0f:3e:13:16:5d:a4:28:90:dd:c0:85:fb:d1:ab:44:
ca:fb:19:28:0d:e7:aa:0c:7c:9f:8b:e6:1a:70:91:8f:b5:06:
1d:ac:c5:1f:cc:9b:d2:ce:be:d8:b6:2e:6e:10:82:d6:53:9a:
bf:59:74:2f:d5:61:71:d9:77:6b:3c:69:31:f8:05:fb:1b:9b:
9d:c3:3b:f2:04:ff:4d:f0:24:70:13:05:26:88:c5:33:ff:c3:
ff:aa:e5:08:f6:8c:fb:72:21:f0:41:7d:84:52:a4:48:6d:15:
d4:0c:f7:9d:3e:9b:99:d0:f0:cf:fe:96:9f:58:31:67:19:3d:
4e:44:73:f4:7e:a7:f3:e9:a4:e2:e3:c0:9b:a6:95:14:48:a2:
00:a0:7e:b6:c9:fa:fa:03:c7:20:3f:c3:16:e9:8d:9e:96:e0:
68:25:1a:57:c3:c8:06:64:3a:d4:f7:ee:fa:40:24:f3:08:56:
17:56:9f:28:eb:ac:0e:4c:b5:22:2f:44:21:21:ff:da:ec:de:
e1:b3:01:76:54:94:12:fe:0f:3c:a8:a1:33:b4:b6:1c:fb:08:
16:58:29:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUpLyszgGv+wg+azXMU8VKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE5MDcwMDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODkzOTVkZDYxNmIxMzE4NzMyZGIxMmFjYmVkZmViNGFhYjNiNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLw0xXF6qfKQrNRXT2hEB+NnT1tg
VIbjiGOzpJzqhyiflyRLCJpBFP2x8DLpUIf+PYk8/L7ln8ixXslswb18w1dWaNiH
TVbg7vImWwh2NO9nq7kVHY9tp7jkltLM2R/xGcvpSVHlUUAsMiALt/z0GxzjA3iv
3lb7CzHnAn+zIiQ7GaWTzMOuKbSexoQb7GxPToXdqVixgB2neE0567gHekl7J3jS
Rvg3J/4YU4BK/raGSf5JTETMEzRgyY+Fs2HHhTUCYsf2WRjnj8BmK0cEtDLH5+a/
h4Xj0BdKNtRR9nGLEyWKSsHtItGR0moYi6DVJCLdvvW5mE/gvAOG/RPY8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGiTld1haxMYcy2xKsvt/rSqs7WXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYUpPVjNXRnJFeGh6TGJFcXktMy10S3F6dFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzMAwQA
wlepAwQA1MDSAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQCAzMuTmVafL+IWct2K
P1053jPyK4lcqiY8joZ3fnswgVMhga11eRcPPhMWXaQokN3AhfvRq0TK+xkoDeeq
DHyfi+YacJGPtQYdrMUfzJvSzr7Yti5uEILWU5q/WXQv1WFx2XdrPGkx+AX7G5ud
wzvyBP9N8CRwEwUmiMUz/8P/quUI9oz7ciHwQX2EUqRIbRXUDPedPpuZ0PDP/paf
WDFnGT1ORHP0fqfz6aTi48CbppUUSKIAoH62yfr6A8cgP8MW6Y2eluBoJRpXw8gG
ZDrU9+76QCTzCFYXVp8o66wOTLUiL0QhIf/a7N7hswF2VJQS/g88qKEztLYc+wgW
WClP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org