Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dz1WSYxDNT1HNaSXfLn7J51sZCE.roa
File: dz1WSYxDNT1HNaSXfLn7J51sZCE.roa (raw, json)
Hash identifier: cIJu1Xk7XFaSFWUYwu1CL5we8gDTEaLNONvOiyYJg5k=
Subject key identifier: 77:3D:56:49:8C:43:35:3D:47:35:A4:97:7C:B9:FB:27:9D:6C:64:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0F42A41C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dz1WSYxDNT1HNaSXfLn7J51sZCE.roa
Signing time: Sun 27 Mar 2022 12:24:44 +0000
ROA not before: Sun 27 Mar 2022 12:24:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 193.124.8.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256025628 (0xf42a41c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 27 12:24:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=773d56498c43353d4735a4977cb9fb279d6c6421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:98:27:b1:c7:0f:cf:9a:85:8a:21:8f:db:88:
66:1d:db:a7:c5:94:4c:fd:90:87:0f:0a:2b:12:90:
fb:32:6e:e7:13:54:8b:72:dd:2e:8d:c2:3b:d7:e7:
71:ee:97:36:bf:28:cf:c0:e4:8d:be:a4:b5:51:ed:
85:71:26:aa:3f:e1:67:e0:c4:db:2c:70:ce:45:a1:
fd:93:3e:cd:e5:58:cd:77:a5:a5:a6:52:07:36:57:
ea:e5:07:46:8e:1b:15:26:f0:42:3a:f0:73:e0:b6:
5b:ab:9d:d3:49:f0:89:d3:84:bb:02:06:f0:56:48:
eb:0f:48:fc:9c:94:65:5b:1f:3a:9c:aa:9c:7c:c1:
b1:4b:14:8a:fe:89:76:bf:f2:d5:1e:6a:aa:74:9b:
04:5d:57:d1:71:6b:8b:b4:74:4d:42:8e:9a:7c:ef:
05:73:89:72:68:54:2f:f4:41:fd:41:6f:5d:11:5c:
e2:dd:57:3d:91:7b:8a:2b:66:44:28:d6:bf:b5:11:
d0:73:2a:d1:a8:9c:bb:b8:64:53:18:de:14:8d:23:
ee:36:37:90:d8:79:fc:8f:fe:54:92:cc:28:31:6e:
cf:9f:95:55:40:5a:83:13:2f:7c:07:76:94:c0:07:
c8:df:cd:44:a2:f2:69:38:e5:61:d0:4c:94:f6:c8:
53:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3D:56:49:8C:43:35:3D:47:35:A4:97:7C:B9:FB:27:9D:6C:64:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dz1WSYxDNT1HNaSXfLn7J51sZCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.8.0/24
194.87.63.0/24
194.87.182.0/24
194.87.199.0/24
194.87.252.0/24
194.135.23.0/24
195.133.193.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:34:10:7b:fc:a6:d7:c4:aa:9b:23:64:8a:58:66:19:bb:62:
03:0d:56:6f:cd:c9:79:71:95:00:14:39:b2:81:9c:d2:23:cb:
83:0d:87:c8:ac:b7:40:f2:13:85:aa:57:11:c2:00:2c:19:dd:
d8:a5:e1:06:c8:fe:49:a0:12:84:d0:da:60:3a:d5:a8:82:45:
81:26:32:61:5b:90:b3:cb:a1:c7:b7:c3:4a:c1:8f:15:07:88:
67:a3:fa:4e:45:93:7a:25:50:46:6a:1c:a0:56:f3:a3:84:d3:
46:a3:07:63:86:1f:b2:42:38:6e:f9:14:3b:dc:fa:6b:6a:98:
ab:29:dd:2b:e9:ef:69:a2:45:46:73:f0:14:89:82:4e:31:2c:
cc:ed:fe:20:db:1a:08:67:b1:10:09:94:3a:eb:13:81:b2:bc:
a4:ab:18:e4:c4:cf:48:94:7e:f6:05:a5:b0:54:96:5b:c9:50:
bf:83:97:72:26:73:84:5c:ef:df:f6:56:fc:1d:5d:ee:21:2d:
e6:6b:c3:3f:43:c7:64:cb:1b:9e:75:41:88:90:4e:df:1f:0c:
77:de:f9:da:c5:32:65:fb:90:6d:3e:e8:88:cc:41:7b:36:fa:
92:89:42:94:8c:b3:d4:b1:d9:bf:d8:d9:70:9f:43:d9:18:04:
ab:c4:d9:05
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIED0KkHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDMy
NzEyMjQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzczZDU2NDk4YzQz
MzUzZDQ3MzVhNDk3N2NiOWZiMjc5ZDZjNjQyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOiYJ7HHD8+ahYohj9uIZh3bp8WUTP2Qhw8KKxKQ+zJu5xNU
i3LdLo3CO9fnce6XNr8oz8Dkjb6ktVHthXEmqj/hZ+DE2yxwzkWh/ZM+zeVYzXel
paZSBzZX6uUHRo4bFSbwQjrwc+C2W6ud00nwidOEuwIG8FZI6w9I/JyUZVsfOpyq
nHzBsUsUiv6Jdr/y1R5qqnSbBF1X0XFri7R0TUKOmnzvBXOJcmhUL/RB/UFvXRFc
4t1XPZF7iitmRCjWv7UR0HMq0aicu7hkUxjeFI0j7jY3kNh5/I/+VJLMKDFuz5+V
VUBagxMvfAd2lMAHyN/NRKLyaTjlYdBMlPbIUzkCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBR3PVZJjEM1PUc1pJd8ufsnnWxkITAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L2R6MVdTWXhETlQxSE5hU1hmTG43SjUxc1pDRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAMF8CAMEAMJXPwMEAMJXtgMEAMJX
xwMEAMJX/AMEAMKHFwMEAMOFwTANBgkqhkiG9w0BAQsFAAOCAQEALzQQe/ym18Sq
myNkilhmGbtiAw1Wb83JeXGVABQ5soGc0iPLgw2HyKy3QPIThapXEcIALBnd2KXh
Bsj+SaAShNDaYDrVqIJFgSYyYVuQs8uhx7fDSsGPFQeIZ6P6TkWTeiVQRmocoFbz
o4TTRqMHY4YfskI4bvkUO9z6a2qYqyndK+nvaaJFRnPwFImCTjEszO3+INsaCGex
EAmUOusTgbK8pKsY5MTPSJR+9gWlsFSWW8lQv4OXciZzhFzv3/ZW/B1d7iEt5mvD
P0PHZMsbnnVBiJBO3x8Md9752sUyZfuQbT7oiMxBezb6kolClIyz1LHZv9jZcJ9D
2RgEq8TZBQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org