Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fsrw5r0246uPzM60fFOYUqbJ8Cc.roa
File: fsrw5r0246uPzM60fFOYUqbJ8Cc.roa (raw, json)
Hash identifier: KVsJ74uHv1BJjeFnz9aOBGNLGc0jwZknBmvulAs99ec=
Subject key identifier: 7E:CA:F0:E6:BD:36:E3:AB:8F:CC:CE:B4:7C:53:98:52:A6:C9:F0:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0181CDB5172FFE536DFBF3F114D8409F8196
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fsrw5r0246uPzM60fFOYUqbJ8Cc.roa
Signing time: Tue 05 Jul 2022 09:33:26 +0000
ROA not before: Tue 05 Jul 2022 09:33:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:cd:b5:17:2f:fe:53:6d:fb:f3:f1:14:d8:40:9f:81:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 5 09:33:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ecaf0e6bd36e3ab8fccceb47c539852a6c9f027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:93:e3:41:5e:0a:e9:cf:ab:26:3c:8c:a8:08:
9d:6b:ab:d3:22:61:b2:85:7b:fc:36:47:8d:62:f1:
e7:b2:10:70:0e:bc:fc:24:e4:61:c4:89:72:a9:f4:
22:ba:a8:02:f7:ec:27:dc:4b:51:d0:6f:25:d6:c1:
8a:4b:03:43:39:50:47:87:e5:66:7a:03:b2:9a:3a:
da:1f:8a:20:6c:1c:db:4a:86:b7:19:52:a6:e2:0f:
53:5d:29:3b:22:42:63:40:a9:88:6d:fc:14:0f:9b:
26:cd:92:3b:5d:f5:a7:d1:33:b1:f1:f8:c6:48:04:
5e:42:e7:56:9e:f6:54:1c:a4:a9:27:16:58:e8:78:
09:b0:48:ab:7e:c9:d5:b2:21:d0:bd:28:20:40:27:
61:d9:82:b5:55:38:4d:0d:b1:7f:8e:37:ad:19:6b:
5c:bd:4a:ee:b0:39:19:c9:73:6f:02:28:17:e8:de:
f8:0e:fe:4c:b2:09:51:fa:61:0a:ce:32:fd:00:37:
5f:9c:a9:8d:38:10:86:af:6a:f9:89:98:74:c6:ca:
0c:e5:a9:cc:b3:19:43:bd:db:c0:0a:12:03:28:9b:
32:18:7b:61:bc:6d:ee:66:b6:3f:87:a6:75:dd:0d:
9d:28:53:52:fa:40:f1:83:52:bd:ec:f4:4d:39:a3:
e3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CA:F0:E6:BD:36:E3:AB:8F:CC:CE:B4:7C:53:98:52:A6:C9:F0:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fsrw5r0246uPzM60fFOYUqbJ8Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.93.0/24
193.124.125.0/24
194.87.56.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:9e:c6:33:a3:41:01:12:0f:52:82:a0:8e:ce:be:70:e8:0d:
b5:86:c2:2c:2f:c2:8e:98:39:ec:7b:ec:d8:4f:f7:1b:b7:3f:
4b:82:08:a6:00:3a:3d:7f:37:d7:21:6e:20:0f:65:e1:8d:d7:
0b:86:3d:6b:b8:9f:92:d2:24:29:35:37:84:7f:f1:cc:7e:88:
20:11:2d:1b:00:f3:62:53:ff:5c:ea:96:e4:5b:8c:74:80:b6:
ed:f1:7b:b8:6b:1c:d4:1b:89:2c:83:60:2c:85:67:12:b4:f7:
5d:44:1f:b6:ff:92:b5:09:db:4f:3f:c2:c4:ea:5a:d4:6f:62:
b0:05:89:a8:22:3f:d9:04:02:22:8f:25:ab:b4:20:15:ae:47:
fa:85:74:2d:1b:d3:1f:5b:65:5b:1c:6a:c8:1b:cc:58:42:99:
a6:34:52:ce:9f:82:dc:80:87:c9:15:74:61:14:30:bb:a2:28:
50:5b:cb:b7:55:fd:6c:da:9b:0a:43:03:f7:c2:a1:c8:99:c4:
5b:39:99:86:e4:7d:b9:aa:ae:57:cc:ac:c6:7d:6a:d2:61:ce:
dc:9a:11:8b:66:f4:6c:31:1d:f6:23:1c:5d:a5:e3:00:ce:a2:
6e:fd:c3:5f:bc:cd:6c:c3:6a:4f:3e:6b:41:43:bd:51:9b:94:
77:12:0c:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYHNtRcv/lNt+/PxFNhAn4GWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzA1MDkzMzI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNhZjBlNmJkMzZlM2FiOGZjY2NlYjQ3YzUzOTg1MmE2YzlmMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pPjQV4K6c+rJjyMqAida6vTImGy
hXv8NkeNYvHnshBwDrz8JORhxIlyqfQiuqgC9+wn3EtR0G8l1sGKSwNDOVBHh+Vm
egOymjraH4ogbBzbSoa3GVKm4g9TXSk7IkJjQKmIbfwUD5smzZI7XfWn0TOx8fjG
SAReQudWnvZUHKSpJxZY6HgJsEirfsnVsiHQvSggQCdh2YK1VThNDbF/jjetGWtc
vUrusDkZyXNvAigX6N74Dv5MsglR+mEKzjL9ADdfnKmNOBCGr2r5iZh0xsoM5anM
sxlDvdvAChIDKJsyGHthvG3uZrY/h6Z13Q2dKFNS+kDxg1K97PRNOaPjDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH7K8Oa9NuOrj8zOtHxTmFKmyfAnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZnNydzVyMDI0NnVQek02MGZGT1lVcWJKOENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwEAwQA
wXxdAwQAwXx9AwQAwlc4MA0GCSqGSIb3DQEBCwUAA4IBAQCOnsYzo0EBEg9SgqCO
zr5w6A21hsIsL8KOmDnse+zYT/cbtz9LggimADo9fzfXIW4gD2XhjdcLhj1ruJ+S
0iQpNTeEf/HMfoggES0bAPNiU/9c6pbkW4x0gLbt8Xu4axzUG4ksg2AshWcStPdd
RB+2/5K1CdtPP8LE6lrUb2KwBYmoIj/ZBAIijyWrtCAVrkf6hXQtG9MfW2VbHGrI
G8xYQpmmNFLOn4LcgIfJFXRhFDC7oihQW8u3Vf1s2psKQwP3wqHImcRbOZmG5H25
qq5XzKzGfWrSYc7cmhGLZvRsMR32IxxdpeMAzqJu/cNfvM1sw2pPPmtBQ71Rm5R3
Egzd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org