Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/goZMcs7rhtPf2KSSKMBCxC5ILO0.roa
File: goZMcs7rhtPf2KSSKMBCxC5ILO0.roa (raw, json)
Hash identifier: GIi/aWP1ClzD3FUnAGJLgMKGFasDrbWl/lbe3tu+6RM=
Subject key identifier: 82:86:4C:72:CE:EB:86:D3:DF:D8:A4:92:28:C0:42:C4:2E:48:2C:ED
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852984551951F6A4AF27ADEB4C9D1BCEC3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/goZMcs7rhtPf2KSSKMBCxC5ILO0.roa
Signing time: Mon 19 Dec 2022 08:33:36 +0000
ROA not before: Mon 19 Dec 2022 08:33:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 194.87.11.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
212.193.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:84:55:19:51:f6:a4:af:27:ad:eb:4c:9d:1b:ce:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 08:33:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82864c72ceeb86d3dfd8a49228c042c42e482ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9a:40:48:db:35:cc:29:92:09:6a:db:89:5f:
a4:bd:c7:c3:6a:e7:44:84:e7:23:09:2f:cc:ef:0e:
75:fd:cc:50:a9:c5:cd:4d:ed:7d:af:63:0c:64:dc:
0d:b5:b2:3f:10:cf:8b:3f:93:38:18:17:3e:ae:2e:
63:bc:46:60:75:22:e1:93:29:c0:e6:96:25:94:53:
5b:bc:bd:39:63:bd:40:d2:b1:40:3e:cb:a9:77:31:
70:40:30:56:43:15:52:34:80:c2:36:60:d4:26:e5:
10:e3:31:b6:a8:f1:0e:77:0f:61:ae:3e:14:7c:63:
3a:b4:dd:1e:90:f1:57:e1:f2:e8:6e:ac:18:63:c0:
67:1e:23:23:2e:00:a6:66:6b:ad:8c:3d:bd:b0:ca:
48:a6:cb:4d:4e:d9:b2:5b:6a:5a:f5:8c:a4:8f:21:
0c:08:db:f7:05:03:ec:42:18:f1:21:6a:22:38:fe:
60:6d:72:78:e5:d0:39:23:e7:0c:e3:06:d7:e8:1a:
ce:b1:8e:b0:4e:74:76:3a:46:a7:9a:b8:e4:b0:89:
68:a7:ab:76:9b:1e:87:5d:0b:c3:01:14:53:5d:f5:
43:2d:65:b4:84:90:aa:56:b2:63:d6:53:54:49:b4:
f8:06:e1:94:4b:be:30:ce:ac:9e:a1:57:f9:1c:ff:
35:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:86:4C:72:CE:EB:86:D3:DF:D8:A4:92:28:C0:42:C4:2E:48:2C:ED
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/goZMcs7rhtPf2KSSKMBCxC5ILO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.58.0/24
194.87.11.0/24
212.193.7.0/24
Signature Algorithm: sha256WithRSAEncryption
01:1b:64:f6:53:90:3f:5a:e3:e7:05:ea:bf:56:e5:d9:3c:cc:
db:9e:aa:27:a9:41:89:2f:6d:8a:9e:69:d0:74:07:f2:56:f2:
29:f5:fb:83:2d:1f:a4:75:ce:d9:59:4e:74:8d:4b:21:88:78:
7c:4a:96:38:9a:c3:4d:05:f5:8b:97:2c:8c:cc:ad:a3:84:2d:
39:a2:52:36:c2:f7:f4:a3:5e:5b:8b:25:9a:40:92:b5:6e:02:
16:55:23:9e:a1:b8:d9:14:70:a3:29:5d:9c:77:64:d9:1b:69:
f9:2b:f0:14:13:b3:d4:6b:3b:e5:08:ec:8c:3a:f4:72:fa:c2:
95:8e:0c:d6:e1:f9:c9:94:b5:5b:70:98:43:92:10:f4:2d:2c:
d4:6b:36:5a:23:35:42:ff:91:18:2e:f5:88:75:af:fb:01:c6:
e4:c1:59:73:0c:49:2e:0e:0a:10:48:37:d1:49:ff:68:e2:0e:
b6:45:49:4f:83:a6:14:2f:56:93:cf:68:c3:c8:ef:f7:48:47:
78:08:16:81:ca:9c:39:83:e8:e4:59:42:eb:56:84:9b:99:13:
34:84:99:18:44:6c:b9:f2:57:c4:c3:7c:e4:36:6c:f5:fb:37:
41:b6:08:97:dc:be:24:24:4c:18:05:7d:28:50:0c:05:2a:45:
4e:dc:b8:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUphFUZUfakryet60ydG87DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE5MDgzMzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg2NGM3MmNlZWI4NmQzZGZkOGE0OTIyOGMwNDJjNDJlNDgyY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZpASNs1zCmSCWrbiV+kvcfDaudE
hOcjCS/M7w51/cxQqcXNTe19r2MMZNwNtbI/EM+LP5M4GBc+ri5jvEZgdSLhkynA
5pYllFNbvL05Y71A0rFAPsupdzFwQDBWQxVSNIDCNmDUJuUQ4zG2qPEOdw9hrj4U
fGM6tN0ekPFX4fLobqwYY8BnHiMjLgCmZmutjD29sMpIpstNTtmyW2pa9YykjyEM
CNv3BQPsQhjxIWoiOP5gbXJ45dA5I+cM4wbX6BrOsY6wTnR2OkanmrjksIlop6t2
mx6HXQvDARRTXfVDLWW0hJCqVrJj1lNUSbT4BuGUS74wzqyeoVf5HP81xQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIKGTHLO64bT39ikkijAQsQuSCztMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ29aTWNzN3JodFBmMktTU0tNQkN4QzVJTE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjo6AwQA
wlcLAwQA1MEHMA0GCSqGSIb3DQEBCwUAA4IBAQABG2T2U5A/WuPnBeq/VuXZPMzb
nqonqUGJL22KnmnQdAfyVvIp9fuDLR+kdc7ZWU50jUshiHh8SpY4msNNBfWLlyyM
zK2jhC05olI2wvf0o15biyWaQJK1bgIWVSOeobjZFHCjKV2cd2TZG2n5K/AUE7PU
azvlCOyMOvRy+sKVjgzW4fnJlLVbcJhDkhD0LSzUazZaIzVC/5EYLvWIda/7Acbk
wVlzDEkuDgoQSDfRSf9o4g62RUlPg6YUL1aTz2jDyO/3SEd4CBaBypw5g+jkWULr
VoSbmRM0hJkYRGy58lfEw3zkNmz1+zdBtgiX3L4kJEwYBX0oUAwFKkVO3LiJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:09 2023 by rpki-client on console-fra.rpki-client.org