Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fBQVIqJWuAM7Erdoh3wgYMlSAA4.roa
File: fBQVIqJWuAM7Erdoh3wgYMlSAA4.roa (raw, json)
Hash identifier: DeyAF6uKw5kKKTonnbJ786jRXOGbKJg9i2aRw6X2tc8=
Subject key identifier: 7C:14:15:22:A2:56:B8:03:3B:12:B7:68:87:7C:20:60:C9:52:00:0E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01851AA3BA24DD0B8E72E33C0CA891297690
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fBQVIqJWuAM7Erdoh3wgYMlSAA4.roa
Signing time: Fri 16 Dec 2022 11:13:35 +0000
ROA not before: Fri 16 Dec 2022 11:13:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:a3:ba:24:dd:0b:8e:72:e3:3c:0c:a8:91:29:76:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 16 11:13:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c141522a256b8033b12b768877c2060c952000e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9e:2f:e3:01:68:96:0c:e2:44:54:6b:cc:58:
9e:7d:1f:93:3e:93:d5:e2:38:4b:fc:b8:db:ad:20:
b4:3f:8e:f4:ca:f1:22:37:50:7b:b8:82:b9:bf:dc:
c0:4f:2f:44:90:40:0d:17:8a:69:f1:0e:d2:af:66:
94:f2:9f:e6:a4:f5:43:f9:95:91:e6:85:bd:93:b4:
2a:7f:84:ed:a5:d5:2c:2e:44:b5:f8:32:79:8b:40:
7b:ca:3d:b3:1e:0d:cf:bb:45:07:23:e1:99:8d:9d:
45:bc:1c:fc:d4:d1:37:07:74:82:d8:0c:98:62:24:
2e:8e:20:94:2e:1d:b8:e5:fe:97:2b:88:66:be:87:
7a:7a:83:42:93:9e:e9:53:cb:c9:25:15:b7:4c:67:
07:f4:bc:43:c9:35:02:25:e1:ae:2e:a9:5e:2b:f9:
cd:aa:59:ba:ce:4c:af:20:48:78:19:37:64:24:92:
05:40:1e:38:d4:c9:38:e4:51:2c:24:24:df:d5:fb:
5d:40:82:a2:09:56:c6:ec:c6:8b:67:c2:eb:9b:1e:
e9:d4:ff:3a:7f:c8:39:b9:db:6f:5b:8f:ff:8a:3a:
5c:04:53:c6:2b:43:59:8d:b7:4e:f4:7a:02:2e:46:
ab:20:b8:69:7b:84:24:5e:70:16:ad:dd:e8:34:5c:
11:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:14:15:22:A2:56:B8:03:3B:12:B7:68:87:7C:20:60:C9:52:00:0E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fBQVIqJWuAM7Erdoh3wgYMlSAA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.1.0/24
194.87.38.0/24
194.87.42.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/23
194.87.187.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.133.0.0/24
195.133.30.0/24
195.133.35.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c1:cf:99:19:f3:40:d5:8f:4b:57:77:bf:c7:de:ca:5f:12:
c6:54:99:65:1e:c4:6a:9a:80:eb:a9:36:75:90:84:68:9e:ef:
bd:38:3c:e6:39:ce:c3:36:7c:3c:f1:99:f7:b7:3f:86:00:01:
da:04:24:5c:6b:c4:70:d3:6d:a8:d9:b5:10:01:7f:fc:d9:44:
82:a0:e8:6b:ed:46:cf:ff:51:e9:4c:be:15:3f:4d:63:fe:fc:
1e:6c:00:cb:ee:57:fe:6b:84:69:94:7a:a3:5a:79:f8:9b:6d:
fa:5f:67:12:ba:9f:56:bc:7c:0e:78:26:58:26:a1:e5:7b:ef:
fb:f9:9d:fb:b2:a0:41:45:da:c0:6c:fd:ac:71:7f:57:b9:86:
5d:fe:a2:23:51:54:e6:b3:36:64:b8:e6:cd:b4:c5:67:f8:bd:
3e:fc:8e:ff:3a:ed:57:64:68:2a:8f:d4:30:cd:20:08:31:1c:
dc:c5:02:a6:75:3f:06:05:7f:c2:ad:9e:5a:e3:cf:27:c4:dc:
34:01:f9:cf:af:51:9f:56:d3:7c:6a:71:e1:fb:82:7b:d3:2f:
07:37:05:7b:8c:fa:ce:14:56:49:cc:75:9f:5b:50:a3:b6:6c:
84:23:40:41:2b:b9:e0:a2:82:a9:35:85:2e:52:16:50:50:4a:
a5:44:7b:5b
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYUao7ok3QuOcuM8DKiRKXaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE2MTExMzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE0MTUyMmEyNTZiODAzM2IxMmI3Njg4NzdjMjA2MGM5NTIwMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ4v4wFolgziRFRrzFiefR+TPpPV
4jhL/LjbrSC0P470yvEiN1B7uIK5v9zATy9EkEANF4pp8Q7Sr2aU8p/mpPVD+ZWR
5oW9k7Qqf4TtpdUsLkS1+DJ5i0B7yj2zHg3Pu0UHI+GZjZ1FvBz81NE3B3SC2AyY
YiQujiCULh245f6XK4hmvod6eoNCk57pU8vJJRW3TGcH9LxDyTUCJeGuLqleK/nN
qlm6zkyvIEh4GTdkJJIFQB441Mk45FEsJCTf1ftdQIKiCVbG7MaLZ8Lrmx7p1P86
f8g5udtvW4//ijpcBFPGK0NZjbdO9HoCLkarILhpe4QkXnAWrd3oNFwRsQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFHwUFSKiVrgDOxK3aId8IGDJUgAOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZkJRVklxSld1QU03RXJkb2gzd2dZTWxTQUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAMF8AwME
AMJXAQMEAMJXJgMEAMJXKgMEAMJXSQMEAcJXggMEAMJXpgMEAMJXqAMEAcJXsgME
AMJXuwMEAMKHEgMEAMKHFzAMAwQAwzojAwQAwzokAwQAw4UAAwQAw4UeAwQAw4Uj
AwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQAcwc+ZGfNA1Y9LV3e/x97KXxLGVJll
HsRqmoDrqTZ1kIRonu+9ODzmOc7DNnw88Zn3tz+GAAHaBCRca8Rw022o2bUQAX/8
2USCoOhr7UbP/1HpTL4VP01j/vwebADL7lf+a4RplHqjWnn4m236X2cSup9WvHwO
eCZYJqHle+/7+Z37sqBBRdrAbP2scX9XuYZd/qIjUVTmszZkuObNtMVn+L0+/I7/
Ou1XZGgqj9QwzSAIMRzcxQKmdT8GBX/CrZ5a488nxNw0AfnPr1GfVtN8anHh+4J7
0y8HNwV7jPrOFFZJzHWfW1CjtmyEI0BBK7ngooKpNYUuUhZQUEqlRHtb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org