Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bnpqu8pwdHSwbM6i6Je1EwWyahE.roa
File: bnpqu8pwdHSwbM6i6Je1EwWyahE.roa (raw, json)
Hash identifier: NNMy6JRmj8ovwrndavDLqJPIUmo3WemNdf0dOJppu8k=
Subject key identifier: 6E:7A:6A:BB:CA:70:74:74:B0:6C:CE:A2:E8:97:B5:13:05:B2:6A:11
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018216986A1618801B14BE2BB31896D20487
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bnpqu8pwdHSwbM6i6Je1EwWyahE.roa
Signing time: Tue 19 Jul 2022 13:14:23 +0000
ROA not before: Tue 19 Jul 2022 13:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 194.87.216.0/24 maxlen: 24
194.87.218.0/24 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.25.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:98:6a:16:18:80:1b:14:be:2b:b3:18:96:d2:04:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 19 13:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e7a6abbca707474b06ccea2e897b51305b26a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:13:63:71:12:87:9e:c3:9b:1e:ca:80:df:85:
67:f1:b0:03:a1:65:61:40:3b:db:9b:40:73:60:f0:
34:fd:0d:bb:5b:a4:81:fc:4e:1b:12:8a:be:fc:85:
89:d3:1a:9d:30:92:f8:6d:d8:8b:52:f7:5d:5d:49:
bf:83:2d:94:21:c2:c5:fd:6a:3b:32:68:87:88:5e:
a0:ce:6f:a9:a6:74:98:4c:04:6d:b9:8b:7b:76:b2:
bb:a9:0f:b5:91:43:f8:c0:39:18:3a:9b:88:4d:8b:
c0:0f:c3:b7:dc:e3:3e:6b:b9:58:fd:46:e0:6a:b9:
e5:6d:e8:ea:88:13:30:c4:63:76:3b:e3:ed:04:8d:
90:ee:81:a9:5c:83:6d:d6:8f:59:ce:10:07:6b:7c:
53:87:c5:db:41:93:21:a4:24:a0:a0:5f:45:60:6c:
82:32:84:51:1c:f1:11:64:ec:f8:9d:85:83:fe:2d:
9b:49:d9:40:7b:7c:c2:0a:31:03:b6:f5:d0:ce:bc:
fe:6b:6e:61:67:bb:66:31:98:d5:47:9c:df:6f:9a:
32:13:32:1c:3a:9c:62:6b:9f:bf:f8:ab:7a:e9:2b:
5c:a0:95:5a:2c:ef:41:aa:13:2c:87:34:5f:05:0c:
88:d1:33:22:a9:d5:d9:df:74:01:33:b7:fb:d1:11:
47:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7A:6A:BB:CA:70:74:74:B0:6C:CE:A2:E8:97:B5:13:05:B2:6A:11
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bnpqu8pwdHSwbM6i6Je1EwWyahE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.36.0/22
194.87.216.0/24
194.87.218.0/24
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.14.0/24
Signature Algorithm: sha256WithRSAEncryption
64:97:ff:3c:00:6f:3f:4d:b5:01:41:70:cf:5b:b2:d2:8b:bc:
2d:41:48:b3:57:46:56:88:c0:d5:49:c4:90:03:95:96:ec:ca:
de:fc:f1:7a:e4:1a:56:ed:7b:bd:29:09:c1:22:77:a0:6c:42:
5f:0e:58:00:b4:6b:20:5b:57:38:80:b3:24:0c:51:90:17:ed:
dd:73:e8:9e:a1:3c:11:b9:38:f8:aa:40:dd:8f:7d:e7:d7:e2:
d6:18:09:d7:67:07:79:95:f3:35:61:cc:58:da:87:7a:9e:85:
2c:4f:cd:fd:ff:02:5f:ce:6e:36:e8:59:f9:01:7c:43:ec:d3:
38:75:0f:a3:b3:dc:19:d3:06:e5:6a:b6:2b:da:b5:c5:dc:f4:
46:68:20:cf:34:a8:11:92:31:fa:6e:7a:1d:57:56:78:8c:5d:
e6:bd:61:cc:b6:d6:54:ab:96:6e:fd:a2:96:0d:43:da:67:9d:
08:84:a7:fb:1b:55:53:aa:02:14:04:f4:3b:95:12:8a:fe:c5:
e9:bb:d7:f1:45:0a:f9:59:f9:67:4a:30:02:16:84:f7:90:93:
13:f1:1b:47:c4:e1:b2:cb:7c:e9:b2:29:37:e9:e7:05:c2:68:
49:fd:22:36:d9:e1:11:26:0f:df:a1:df:5c:68:9f:65:ef:2f:
31:c1:70:01
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYIWmGoWGIAbFL4rsxiW0gSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzE5MTMxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdhNmFiYmNhNzA3NDc0YjA2Y2NlYTJlODk3YjUxMzA1YjI2YTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRNjcRKHnsObHsqA34Vn8bADoWVh
QDvbm0BzYPA0/Q27W6SB/E4bEoq+/IWJ0xqdMJL4bdiLUvddXUm/gy2UIcLF/Wo7
MmiHiF6gzm+ppnSYTARtuYt7drK7qQ+1kUP4wDkYOpuITYvAD8O33OM+a7lY/Ubg
arnlbejqiBMwxGN2O+PtBI2Q7oGpXINt1o9ZzhAHa3xTh8XbQZMhpCSgoF9FYGyC
MoRRHPERZOz4nYWD/i2bSdlAe3zCCjEDtvXQzrz+a25hZ7tmMZjVR5zfb5oyEzIc
Opxia5+/+Kt66StcoJVaLO9BqhMshzRfBQyI0TMiqdXZ33QBM7f70RFH6wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFG56arvKcHR0sGzOouiXtRMFsmoRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYm5wcXU4cHdkSFN3Yk02aTZKZTFFd1d5YWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAwlcfAwQC
wlckAwQAwlfYAwQAwlfaAwQAwlfhAwQAwocgAwQAwocmAwQAwodoAwQAw4UJAwQA
w4UVMAwDBADDhRkDBALDhRgDBADDhTcDBADDhTsDBADUwA4wDQYJKoZIhvcNAQEL
BQADggEBAGSX/zwAbz9NtQFBcM9bstKLvC1BSLNXRlaIwNVJxJADlZbsyt788Xrk
Glbte70pCcEid6BsQl8OWAC0ayBbVziAsyQMUZAX7d1z6J6hPBG5OPiqQN2PfefX
4tYYCddnB3mV8zVhzFjah3qehSxPzf3/Al/ObjboWfkBfEPs0zh1D6Oz3BnTBuVq
tivatcXc9EZoIM80qBGSMfpueh1XVniMXea9Ycy21lSrlm79opYNQ9pnnQiEp/sb
VVOqAhQE9DuVEor+xem71/FFCvlZ+WdKMAIWhPeQkxPxG0fE4bLLfOmyKTfp5wXC
aEn9IjbZ4REmD9+h31xon2XvLzHBcAE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org