Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cGbMmEHnj-9Nim6D09stl_ZUFjc.roa
File: cGbMmEHnj-9Nim6D09stl_ZUFjc.roa (raw, json)
Hash identifier: 1RX7AKtozgWo77Gs6XvoC45hDJotb3MG42H/TmwHN/g=
Subject key identifier: 70:66:CC:98:41:E7:8F:EF:4D:8A:6E:83:D3:DB:2D:97:F6:54:16:37
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018418C273FD9F43C243FAEF837AEBEAB99D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cGbMmEHnj-9Nim6D09stl_ZUFjc.roa
Signing time: Thu 27 Oct 2022 09:25:07 +0000
ROA not before: Thu 27 Oct 2022 09:25:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:18:c2:73:fd:9f:43:c2:43:fa:ef:83:7a:eb:ea:b9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 27 09:25:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7066cc9841e78fef4d8a6e83d3db2d97f6541637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c3:b3:7b:15:25:01:bf:c2:e1:80:46:f0:33:
b8:f4:c6:e9:63:82:ba:c0:08:e5:b1:67:5b:71:ec:
9a:57:21:97:75:d8:69:2d:0f:07:e6:8f:61:1e:e6:
0f:e4:cb:06:3a:a1:66:79:f4:d8:e6:1f:9b:d3:c8:
dd:66:92:dc:38:5f:3c:4f:84:ea:57:f1:bc:d5:56:
94:ae:c9:31:f8:56:2d:4b:fb:08:75:7f:fa:56:8d:
9d:ad:ed:ca:84:50:62:dc:9b:54:24:e3:9c:19:5f:
be:15:6a:ad:65:44:c3:40:66:54:2f:d0:08:c0:e1:
a6:ad:06:7e:7a:02:4c:00:83:1a:bf:db:95:75:27:
8c:43:67:11:25:70:cf:04:6b:28:7a:cf:7d:7b:b7:
1b:d8:10:75:5d:f0:39:65:f3:c6:8b:52:9b:46:f1:
5d:51:f3:4b:5b:fe:9b:66:af:5b:f2:eb:46:89:25:
68:b2:36:c4:1c:55:b9:e0:e1:a2:4f:d9:43:82:9b:
5a:9e:88:5f:14:a1:62:63:27:e2:13:61:3f:38:23:
47:a1:ad:2f:2f:b2:19:f6:4f:cd:38:37:cd:cd:96:
16:ed:33:69:84:07:7c:19:89:90:0e:e5:00:9b:4d:
61:72:8a:58:a6:69:c5:a2:6c:96:40:09:88:d6:c3:
6c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:66:CC:98:41:E7:8F:EF:4D:8A:6E:83:D3:DB:2D:97:F6:54:16:37
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cGbMmEHnj-9Nim6D09stl_ZUFjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.16.0/24
193.124.47.0/24
193.124.125.0/24
194.58.45.0/24
194.87.37.0/24
194.87.56.0/24
194.87.162.0/24
194.87.207.0/24
195.58.63.0/24
195.133.73.0/24
212.192.209.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b3:51:92:41:f3:43:fe:62:17:a5:d9:b3:22:49:ea:38:27:
67:1b:95:03:2b:08:30:46:f0:23:a9:dc:56:2d:a2:c2:3d:d2:
17:7c:23:2a:cb:ba:67:15:a2:f1:78:e1:e9:bc:87:c4:ac:a2:
b4:a2:cf:ae:9d:33:fd:98:fc:31:e5:d9:0c:2f:1b:00:b4:a2:
14:b6:c1:ea:af:00:40:9b:35:19:fd:28:13:07:41:3d:00:9c:
13:da:e3:5c:d6:ac:c5:b8:e2:76:b0:fd:31:f5:7f:86:26:40:
79:93:78:24:b0:49:0a:b1:14:04:12:b7:e4:ab:8f:e8:d0:75:
8d:c1:95:71:3e:48:72:16:02:56:88:eb:a6:c7:fb:1e:da:85:
05:5d:e4:c7:3a:7b:5f:e4:a4:59:25:c8:c8:55:5e:27:d3:b6:
1c:da:fd:82:46:84:5d:2f:e1:19:55:c3:f5:ee:00:a7:92:e5:
01:26:46:d8:86:d0:10:6c:b3:83:69:cc:71:71:71:9a:ac:be:
46:6e:4e:ef:d6:2f:2d:1b:1b:44:9f:e8:6b:14:c4:2d:8f:0e:
dc:e1:11:42:d7:b5:76:7f:0e:fa:b9:a4:ed:b2:ad:78:dc:78:
52:d4:cc:57:3c:3a:70:bb:c7:b5:42:c7:8d:76:d0:ec:75:4f:
f6:89:fc:11
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYQYwnP9n0PCQ/rvg3rr6rmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI3MDkyNTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY2Y2M5ODQxZTc4ZmVmNGQ4YTZlODNkM2RiMmQ5N2Y2NTQxNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssOzexUlAb/C4YBG8DO49MbpY4K6
wAjlsWdbceyaVyGXddhpLQ8H5o9hHuYP5MsGOqFmefTY5h+b08jdZpLcOF88T4Tq
V/G81VaUrskx+FYtS/sIdX/6Vo2dre3KhFBi3JtUJOOcGV++FWqtZUTDQGZUL9AI
wOGmrQZ+egJMAIMav9uVdSeMQ2cRJXDPBGsoes99e7cb2BB1XfA5ZfPGi1KbRvFd
UfNLW/6bZq9b8utGiSVosjbEHFW54OGiT9lDgptanohfFKFiYyfiE2E/OCNHoa0v
L7IZ9k/NODfNzZYW7TNphAd8GYmQDuUAm01hcopYpmnFomyWQAmI1sNsXwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHBmzJhB54/vTYpug9PbLZf2VBY3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY0diTW1FSG5qLTlOaW02RDA5c3RsX1pVRmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwXwEAwQA
wXwQAwQAwXwvAwQAwXx9AwQAwjotAwQAwlclAwQAwlc4AwQAwleiAwQAwlfPAwQA
wzo/AwQAw4VJAwQA1MDRMA0GCSqGSIb3DQEBCwUAA4IBAQB5s1GSQfND/mIXpdmz
IknqOCdnG5UDKwgwRvAjqdxWLaLCPdIXfCMqy7pnFaLxeOHpvIfErKK0os+unTP9
mPwx5dkMLxsAtKIUtsHqrwBAmzUZ/SgTB0E9AJwT2uNc1qzFuOJ2sP0x9X+GJkB5
k3gksEkKsRQEErfkq4/o0HWNwZVxPkhyFgJWiOumx/se2oUFXeTHOntf5KRZJcjI
VV4n07Yc2v2CRoRdL+EZVcP17gCnkuUBJkbYhtAQbLODacxxcXGarL5Gbk7v1i8t
GxtEn+hrFMQtjw7c4RFC17V2fw76uaTtsq143HhS1MxXPDpwu8e1QseNdtDsdU/2
ifwR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org