Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bGY-MYr3ciGk54yiOW15hJ-2I3g.roa
File: bGY-MYr3ciGk54yiOW15hJ-2I3g.roa (raw, json)
Hash identifier: 7iyD50pSVs1MgeGLlklfX0B6ByiAKLmH8rdAxUtNwIw=
Subject key identifier: 6C:66:3E:31:8A:F7:72:21:A4:E7:8C:A2:39:6D:79:84:9F:B6:23:78
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0F5D2D4B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bGY-MYr3ciGk54yiOW15hJ-2I3g.roa
Signing time: Tue 05 Apr 2022 17:04:01 +0000
ROA not before: Tue 05 Apr 2022 17:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.193.24.0/22 maxlen: 24
193.124.224.0/23 maxlen: 23
193.124.226.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.32.0/22 maxlen: 24
195.133.22.0/24 maxlen: 24
212.192.16.0/21 maxlen: 24
194.87.192.0/22 maxlen: 22
212.193.4.0/22 maxlen: 24
212.193.8.0/22 maxlen: 24
194.87.116.0/22 maxlen: 24
194.87.124.0/22 maxlen: 24
194.87.120.0/22 maxlen: 24
212.192.208.0/22 maxlen: 24
194.87.41.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 257764683 (0xf5d2d4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 17:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c663e318af77221a4e78ca2396d79849fb62378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:24:d5:a7:82:52:cb:76:2c:6d:cd:74:c4:98:
fc:bf:0d:0c:fd:b9:e2:c5:ef:ef:12:33:06:37:3a:
25:a6:21:a2:7a:01:40:32:42:93:e5:1a:be:1b:b5:
b0:f0:6a:c8:61:fc:8e:4d:7f:06:e5:a5:6d:a3:70:
69:18:c3:c6:6e:34:c8:7e:83:59:93:71:31:f9:4f:
59:c5:6d:2e:30:d9:ac:28:95:e8:8c:c7:32:76:10:
79:83:dd:71:3c:a5:95:00:ac:41:38:c3:a7:b3:67:
b1:50:f2:f4:1b:c9:00:4a:e7:de:e8:fb:49:7e:aa:
4b:46:df:b7:1c:ad:a1:9b:38:c4:a8:2c:29:88:bf:
fe:79:a3:17:1c:9f:b6:66:3f:5a:a0:40:f5:22:3f:
3d:7e:c7:4f:39:12:b1:b9:7f:21:23:36:3c:83:ad:
cb:46:63:bb:42:b9:8f:2f:52:8f:a8:99:08:32:bc:
5d:2d:f2:e3:f9:57:b5:46:13:88:ff:84:92:a1:6f:
21:d5:67:37:c2:ec:ed:ab:1e:ce:06:8f:cb:a6:ca:
58:98:35:4d:5b:ea:4a:f1:ec:cc:7f:9f:7c:aa:b1:
13:3b:61:c9:36:e6:1d:a7:82:38:51:e3:18:8c:10:
25:e3:5d:7a:b7:58:cb:35:33:ee:f3:9e:bd:49:e5:
38:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:66:3E:31:8A:F7:72:21:A4:E7:8C:A2:39:6D:79:84:9F:B6:23:78
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bGY-MYr3ciGk54yiOW15hJ-2I3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
193.124.224.0-193.124.226.255
194.87.32.0/22
194.87.41.0/24
194.87.61.0/24
194.87.116.0-194.87.127.255
194.87.192.0/22
194.135.46.0/24
195.133.22.0/24
212.192.16.0/21
212.192.208.0/22
212.193.4.0-212.193.11.255
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
17:9a:46:24:f9:b9:4f:55:a9:fb:24:f0:c2:07:12:d0:0a:0d:
9e:15:a3:0b:eb:be:5e:88:11:a9:09:6b:2b:71:2c:5c:7f:31:
91:2f:72:61:05:d1:4b:3c:f6:aa:27:b2:06:14:44:e7:db:71:
ac:04:7c:24:05:8c:a9:1f:42:bf:c2:66:63:2f:67:01:5b:0c:
fb:81:99:29:fb:7b:93:3a:11:ee:3f:f4:9e:12:f5:b8:68:10:
4d:f9:80:10:71:c3:fa:40:e3:e5:74:96:9a:96:4d:bc:e5:34:
62:50:ee:82:b0:e2:3b:f9:2d:dd:27:b0:08:53:e7:9c:a4:8a:
2e:57:0c:6b:2c:86:12:05:2d:5b:a9:48:53:ac:1c:a4:f0:c2:
a2:0e:19:bb:14:a4:f9:fc:01:17:3c:f7:f4:5b:02:23:33:82:
82:50:cf:92:e8:e8:de:a2:c7:af:f2:34:62:40:36:7c:37:65:
03:57:c2:a4:b8:61:c0:50:c3:de:68:1c:c8:ec:e2:92:0a:60:
7c:12:1c:10:f9:79:32:90:3c:43:d0:9b:79:64:d4:72:17:f1:
aa:bc:d4:53:2d:e6:9f:9a:ba:d4:0e:f2:19:14:36:f3:41:46:
31:34:3f:c8:74:56:44:65:96:92:59:a7:67:78:34:78:4b:ed:
e9:88:b7:35
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIED10tSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDQw
NTE3MDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM2NjNlMzE4YWY3
NzIyMWE0ZTc4Y2EyMzk2ZDc5ODQ5ZmI2MjM3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPMk1aeCUst2LG3NdMSY/L8NDP254sXv7xIzBjc6JaYhonoB
QDJCk+Uavhu1sPBqyGH8jk1/BuWlbaNwaRjDxm40yH6DWZNxMflPWcVtLjDZrCiV
6IzHMnYQeYPdcTyllQCsQTjDp7NnsVDy9BvJAErn3uj7SX6qS0bftxytoZs4xKgs
KYi//nmjFxyftmY/WqBA9SI/PX7HTzkSsbl/ISM2PIOty0Zju0K5jy9Sj6iZCDK8
XS3y4/lXtUYTiP+EkqFvIdVnN8Ls7asezgaPy6bKWJg1TVvqSvHszH+ffKqxEzth
yTbmHaeCOFHjGIwQJeNderdYyzUz7vOevUnlOPECAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBRsZj4xivdyIaTnjKI5bXmEn7YjeDAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L2JHWS1NWXIzY2lHazU0eWlPVzE1aEotMkkzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAMF8MTAMAwQFwXzgAwQAwXziAwQC
wlcgAwQAwlcpAwQAwlc9MAwDBALCV3QDBAfCVwADBALCV8ADBADChy4DBADDhRYD
BAPUwBADBALUwNAwDAMEAtTBBAMEAtTBCAMEAtTBGDANBgkqhkiG9w0BAQsFAAOC
AQEAF5pGJPm5T1Wp+yTwwgcS0AoNnhWjC+u+XogRqQlrK3EsXH8xkS9yYQXRSzz2
qieyBhRE59txrAR8JAWMqR9Cv8JmYy9nAVsM+4GZKft7kzoR7j/0nhL1uGgQTfmA
EHHD+kDj5XSWmpZNvOU0YlDugrDiO/kt3SewCFPnnKSKLlcMayyGEgUtW6lIU6wc
pPDCog4ZuxSk+fwBFzz39FsCIzOCglDPkujo3qLHr/I0YkA2fDdlA1fCpLhhwFDD
3mgcyOzikgpgfBIcEPl5MpA8Q9CbeWTUchfxqrzUUy3mn5q61A7yGRQ280FGMTQ/
yHRWRGWWklmnZ3g0eEvt6Yi3NQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org