Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aeeqJelchrfGGcfIhOLG6DteK7o.roa
File: aeeqJelchrfGGcfIhOLG6DteK7o.roa (raw, json)
Hash identifier: EE2q7024c9t9GnT8Bio0LIQCTC+NPbMzUVr8ECGkrVY=
Subject key identifier: 69:E7:AA:25:E9:5C:86:B7:C6:19:C7:C8:84:E2:C6:E8:3B:5E:2B:BA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184F18ADD97701324E8346CB52C69B32C5A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aeeqJelchrfGGcfIhOLG6DteK7o.roa
Signing time: Thu 08 Dec 2022 11:42:00 +0000
ROA not before: Thu 08 Dec 2022 11:42:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399471
IP address blocks: 212.193.29.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
212.192.216.0/22 maxlen: 24
194.87.62.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:8a:dd:97:70:13:24:e8:34:6c:b5:2c:69:b3:2c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 8 11:42:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69e7aa25e95c86b7c619c7c884e2c6e83b5e2bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:79:ff:e9:dd:06:e4:9d:59:b9:a4:71:28:
04:2a:24:0c:d7:8d:0d:20:0e:dd:92:11:8d:f2:cb:
1e:45:38:cb:18:ae:d0:e7:23:6d:f9:21:ba:f7:b5:
12:c6:bb:88:b9:9f:21:12:88:50:60:8e:c7:d4:a1:
aa:da:e2:64:e9:eb:cf:d2:e2:e8:6f:5b:96:53:0d:
17:94:32:4d:9b:9c:01:81:3f:ea:70:46:bf:47:e4:
2b:08:89:2e:5f:dc:f8:b3:13:38:57:79:45:6b:18:
67:29:36:ca:0c:d6:f0:ee:08:91:43:0d:9b:b9:0e:
b4:6a:cc:a1:6e:aa:71:33:8d:c0:f1:36:9e:6a:2f:
83:9b:87:fa:ec:27:64:ec:b9:2c:6e:27:ce:3c:c8:
7c:cd:b1:34:0f:82:4f:44:3a:89:ad:0e:dc:d1:b1:
09:66:c5:3a:27:96:5b:b1:2e:9c:8a:2e:54:3d:60:
64:05:6b:6e:49:bc:96:27:fe:2b:64:5f:79:05:e8:
f3:b9:36:a7:7e:4f:9d:10:37:1c:b4:86:fa:bb:20:
c9:b9:d8:d9:3b:2b:a5:eb:27:fc:f9:1e:f4:6b:35:
31:42:23:a9:e7:f3:80:cc:01:d4:48:f1:bd:87:fb:
b6:7b:75:8a:6d:96:68:61:87:95:9a:ac:68:41:da:
4e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E7:AA:25:E9:5C:86:B7:C6:19:C7:C8:84:E2:C6:E8:3B:5E:2B:BA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aeeqJelchrfGGcfIhOLG6DteK7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.248.0/24
194.85.250.0/24
194.87.35.0/24
194.87.62.0/24
194.87.220.0/23
194.87.227.0/24
195.133.39.0/24
212.192.216.0/22
212.192.244.0/22
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b3:6f:63:57:06:eb:c7:70:fe:af:6f:e0:62:9b:58:1c:b1:
16:3c:51:cb:89:69:58:1e:65:05:7d:0d:ae:95:66:40:b4:1b:
e3:1d:7d:45:82:cd:0f:82:42:0c:1a:f9:88:6c:94:86:21:7e:
4d:1d:07:10:eb:06:b9:65:17:95:2d:ff:35:8f:77:d9:bb:c2:
a7:f4:88:06:38:6a:bf:29:f1:5d:06:a3:1a:9f:d1:ba:92:a8:
65:d2:36:63:50:fd:1c:bc:63:a0:41:12:ee:b2:6e:76:8e:5a:
ac:8e:a8:d6:4e:b1:f5:d1:f0:87:cc:0b:be:92:8e:52:70:e4:
b0:74:f3:ca:69:9e:63:db:b8:3f:16:af:09:86:fc:48:4f:3e:
02:cc:2e:d9:1c:df:8a:a0:ed:bd:ee:87:83:a5:8a:8f:7e:e5:
fb:0d:b0:71:f5:3d:be:40:40:7b:d6:99:b8:b0:ee:be:ac:68:
2d:6a:68:f8:10:21:43:7c:44:17:80:0f:38:a6:7a:25:3d:53:
5f:4b:75:ce:f1:ed:85:f0:65:95:5e:78:d7:9c:af:9e:b5:6e:
f5:4a:be:00:98:d0:bf:3c:4a:b4:b8:0e:34:36:6e:64:e2:aa:
83:b2:02:5a:e2:e7:86:9e:e4:70:e3:f3:89:ad:64:eb:01:6b:
52:fc:01:c1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYTxit2XcBMk6DRstSxpsyxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA4MTE0MjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWU3YWEyNWU5NWM4NmI3YzYxOWM3Yzg4NGUyYzZlODNiNWUyYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOx5/+ndBuSdWbmkcSgEKiQM140N
IA7dkhGN8sseRTjLGK7Q5yNt+SG697USxruIuZ8hEohQYI7H1KGq2uJk6evP0uLo
b1uWUw0XlDJNm5wBgT/qcEa/R+QrCIkuX9z4sxM4V3lFaxhnKTbKDNbw7giRQw2b
uQ60asyhbqpxM43A8Taeai+Dm4f67Cdk7LksbifOPMh8zbE0D4JPRDqJrQ7c0bEJ
ZsU6J5ZbsS6cii5UPWBkBWtuSbyWJ/4rZF95BejzuTanfk+dEDcctIb6uyDJudjZ
Oyul6yf8+R70azUxQiOp5/OAzAHUSPG9h/u2e3WKbZZoYYeVmqxoQdpO7QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGnnqiXpXIa3xhnHyITixug7Xiu6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYWVlcUplbGNocmZHR2NmSWhPTEc2RHRlSzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwlX4AwQA
wlX6AwQAwlcjAwQAwlc+AwQBwlfcAwQAwlfjAwQAw4UnAwQC1MDYAwQC1MD0AwQA
1MEdMA0GCSqGSIb3DQEBCwUAA4IBAQB+s29jVwbrx3D+r2/gYptYHLEWPFHLiWlY
HmUFfQ2ulWZAtBvjHX1Fgs0PgkIMGvmIbJSGIX5NHQcQ6wa5ZReVLf81j3fZu8Kn
9IgGOGq/KfFdBqMan9G6kqhl0jZjUP0cvGOgQRLusm52jlqsjqjWTrH10fCHzAu+
ko5ScOSwdPPKaZ5j27g/Fq8JhvxITz4CzC7ZHN+KoO297oeDpYqPfuX7DbBx9T2+
QEB71pm4sO6+rGgtamj4ECFDfEQXgA84pnolPVNfS3XO8e2F8GWVXnjXnK+etW71
Sr4AmNC/PEq0uA40Nm5k4qqDsgJa4ueGnuRw4/OJrWTrAWtS/AHB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:07 2023 by rpki-client on console-fra.rpki-client.org