Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/feHMoxl2P2VMIf_NQkeE2euRmKk.roa
File: feHMoxl2P2VMIf_NQkeE2euRmKk.roa (raw, json)
Hash identifier: 7rHugkIjIfVSD8fI1ejWUDg6lDZoIIVYPdGiXqLiV2U=
Subject key identifier: 7D:E1:CC:A3:19:76:3F:65:4C:21:FF:CD:42:47:84:D9:EB:91:98:A9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852F22C870A204276A8CC0DA39B940DB3B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/feHMoxl2P2VMIf_NQkeE2euRmKk.roa
Signing time: Tue 20 Dec 2022 10:44:46 +0000
ROA not before: Tue 20 Dec 2022 10:44:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
195.133.94.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:22:c8:70:a2:04:27:6a:8c:c0:da:39:b9:40:db:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 10:44:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7de1cca319763f654c21ffcd424784d9eb9198a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:f6:92:f2:33:d7:a4:88:a8:3b:a1:07:b3:
71:b5:9f:02:81:f6:ad:3a:51:fb:1d:39:fe:7b:04:
3a:a4:42:15:f5:bc:80:ca:a2:47:36:ca:1a:1c:69:
81:b2:6a:c8:06:a7:34:78:6a:f9:f9:d4:0a:11:04:
9d:b0:17:3b:66:d7:6a:d1:30:6a:83:9e:a1:28:01:
60:5c:2c:f8:1a:98:99:16:69:06:69:e4:fb:b3:3c:
85:f2:c3:2b:f3:9c:10:a5:71:a8:7d:4f:4f:6b:d5:
57:a3:64:e3:0b:05:49:2f:77:d6:30:2d:e4:32:62:
57:2f:34:37:00:8d:9e:44:4d:1f:a2:a2:3c:65:88:
ea:92:e2:e3:d8:3c:9c:ff:4b:57:e1:77:dc:a7:37:
dc:ce:68:ab:92:ac:d5:32:06:55:1a:8d:8c:ba:54:
25:cf:d5:2c:46:21:55:29:dd:3f:64:44:48:be:ab:
15:22:31:45:d5:63:98:b4:cc:55:8c:63:67:bf:65:
70:3a:ea:20:bf:56:38:c8:21:cc:36:e0:cb:42:5c:
fd:d8:c7:5a:db:0a:6e:cc:99:e7:4c:45:47:1c:24:
af:4d:8a:19:44:9f:1e:c2:2c:32:ef:a7:78:ed:5e:
93:fb:35:0d:71:41:ce:a9:1c:d3:b7:2a:20:68:56:
c4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E1:CC:A3:19:76:3F:65:4C:21:FF:CD:42:47:84:D9:EB:91:98:A9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/feHMoxl2P2VMIf_NQkeE2euRmKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
194.87.118.0/23
194.135.32.0/24
195.133.25.0-195.133.27.255
195.133.59.0/24
195.133.94.0/24
212.192.15.0/24
Signature Algorithm: sha256WithRSAEncryption
39:46:45:d7:05:4b:15:e2:d4:88:08:76:32:5a:23:11:50:47:
58:7e:0e:21:41:ad:e2:fb:4c:02:02:b5:58:7b:9a:b4:3b:eb:
f7:98:79:c6:9c:e9:bc:b3:d7:b5:66:2c:95:0e:e9:3c:2f:6f:
3e:b0:58:c8:35:5c:1d:af:db:a6:a9:d7:ff:50:39:02:9b:74:
bb:2b:15:d9:e0:bd:c6:c2:60:a3:1b:68:1d:38:5f:39:19:d9:
c9:6f:32:78:28:9d:ac:12:31:ea:0a:5a:5a:cf:76:fe:45:b6:
0c:a3:bb:c3:dc:ae:41:5e:54:44:61:90:16:68:d7:51:78:f8:
65:e7:b7:e3:43:05:28:ce:7c:19:d0:97:6c:db:f1:5c:92:45:
d4:b0:6d:bb:6e:7f:7a:60:c0:f5:43:4b:f3:43:80:4e:bf:f5:
a2:ca:28:95:e9:1e:32:2a:ca:90:d8:07:5f:6d:aa:55:b5:dc:
8c:9b:30:ec:09:4d:dd:ea:b9:5b:35:98:cd:f2:b9:70:d7:e0:
ba:17:99:0d:a9:2c:07:1e:e2:83:78:a3:2e:84:d5:66:2f:37:
97:7d:bc:2f:27:e0:7b:27:5a:8e:0e:6e:71:2a:ce:73:05:65:
8f:fe:de:b7:86:f1:d1:bc:9e:9a:73:81:94:76:35:33:7e:8c:
d0:a2:6f:0e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYUvIshwogQnaozA2jm5QNs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMTA0NDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGUxY2NhMzE5NzYzZjY1NGMyMWZmY2Q0MjQ3ODRkOWViOTE5OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnT2kvIz16SIqDuhB7NxtZ8Cgfat
OlH7HTn+ewQ6pEIV9byAyqJHNsoaHGmBsmrIBqc0eGr5+dQKEQSdsBc7Ztdq0TBq
g56hKAFgXCz4GpiZFmkGaeT7szyF8sMr85wQpXGofU9Pa9VXo2TjCwVJL3fWMC3k
MmJXLzQ3AI2eRE0foqI8ZYjqkuLj2Dyc/0tX4XfcpzfczmirkqzVMgZVGo2MulQl
z9UsRiFVKd0/ZERIvqsVIjFF1WOYtMxVjGNnv2VwOuogv1Y4yCHMNuDLQlz92Mda
2wpuzJnnTEVHHCSvTYoZRJ8ewiwy76d47V6T+zUNcUHOqRzTtyogaFbESQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFH3hzKMZdj9lTCH/zUJHhNnrkZipMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZmVITW94bDJQMlZNSWZfTlFrZUUyZXVSbUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAuUgKAwQB
wld2AwQAwocgMAwDBADDhRkDBALDhRgDBADDhTsDBADDhV4DBADUwA8wDQYJKoZI
hvcNAQELBQADggEBADlGRdcFSxXi1IgIdjJaIxFQR1h+DiFBreL7TAICtVh7mrQ7
6/eYecac6byz17VmLJUO6Twvbz6wWMg1XB2v26ap1/9QOQKbdLsrFdngvcbCYKMb
aB04XzkZ2clvMngonawSMeoKWlrPdv5Ftgyju8PcrkFeVERhkBZo11F4+GXnt+ND
BSjOfBnQl2zb8VySRdSwbbtuf3pgwPVDS/NDgE6/9aLKKJXpHjIqypDYB19tqlW1
3IybMOwJTd3quVs1mM3yuXDX4LoXmQ2pLAce4oN4oy6E1WYvN5d9vC8n4HsnWo4O
bnEqznMFZY/+3reG8dG8nppzgZR2NTN+jNCibw4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:08 2023 by rpki-client on console-fra.rpki-client.org