Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hE_Z2s4aoEOYWNFQkRcomsHsyrw.roa
File: hE_Z2s4aoEOYWNFQkRcomsHsyrw.roa (raw, json)
Hash identifier: C2d2MTolUTPE7afsBC12IbSAHgmDLOwIK0zWh5rBv28=
Subject key identifier: 84:4F:D9:DA:CE:1A:A0:43:98:58:D1:50:91:17:28:9A:C1:EC:CA:BC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C0D92E9908A7E39C59550FBC8FD32A0A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hE_Z2s4aoEOYWNFQkRcomsHsyrw.roa
Signing time: Mon 10 Oct 2022 07:43:22 +0000
ROA not before: Mon 10 Oct 2022 07:43:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.169.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c0:d9:2e:99:08:a7:e3:9c:59:55:0f:bc:8f:d3:2a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 10 07:43:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=844fd9dace1aa0439858d1509117289ac1eccabc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7e:4c:8c:5d:57:65:76:94:3a:2f:11:7e:16:
ac:fb:60:8d:cb:63:ef:f5:39:80:8d:07:06:30:eb:
e0:66:02:5c:ba:de:3f:34:34:57:d9:7a:7e:b4:d8:
6c:1b:6d:de:74:1e:3e:2e:fb:10:30:7d:da:fd:56:
70:c9:8c:3d:45:17:d7:f1:93:2a:9e:d0:1d:1c:a7:
5d:c2:1a:18:bc:2d:e8:3f:48:8b:78:87:6d:e8:47:
bf:11:4b:89:bb:1e:1e:b7:e5:eb:51:31:ef:ed:8f:
d2:1c:2d:01:56:82:55:96:85:58:6d:83:33:f1:fc:
ee:ef:fe:f8:c8:ff:02:44:da:54:31:1d:d4:01:74:
8a:37:6c:53:2b:52:2b:55:53:a7:f9:86:fd:6a:39:
32:a2:b3:51:db:73:0d:b2:9b:e9:c1:dd:e7:a4:0d:
26:dc:f3:97:aa:d6:15:99:a9:f4:19:d0:c0:08:83:
03:de:77:6f:58:38:b0:69:ad:51:b0:70:d7:ee:ab:
ba:0b:86:83:a9:b1:4e:9b:97:5f:9e:e9:56:b7:49:
38:47:7c:da:0f:e6:e2:f5:98:c4:d9:2e:51:c4:5d:
da:0b:80:b4:e4:e7:83:60:5b:d6:9a:6e:ad:50:0a:
69:c3:28:fe:be:bd:03:e5:7b:1a:d4:52:a2:84:2a:
00:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4F:D9:DA:CE:1A:A0:43:98:58:D1:50:91:17:28:9A:C1:EC:CA:BC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hE_Z2s4aoEOYWNFQkRcomsHsyrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.169.0/24
194.87.180.0/24
Signature Algorithm: sha256WithRSAEncryption
14:64:7a:a0:3e:9d:74:48:c4:eb:c4:c6:88:34:51:f1:1a:91:
8e:d0:ea:de:2b:14:0b:5d:c2:73:93:8b:e3:04:03:e9:a5:92:
67:dc:01:b7:62:92:5c:58:32:4c:d5:90:6d:e5:a3:fe:88:ff:
1a:7e:65:b6:ab:13:32:ac:a9:8b:11:6e:eb:a3:37:bb:39:1f:
af:38:b2:6c:c7:59:36:fe:e7:45:2e:25:de:32:33:25:c9:b1:
31:7d:1a:0f:16:bb:41:4b:c7:7d:98:b2:4f:64:90:b9:eb:95:
1c:ef:4f:ff:8c:c1:13:95:56:e5:0d:28:8a:6c:fc:3d:ec:cd:
d5:e7:dd:0d:92:5d:1e:ef:c9:df:00:78:25:e9:db:86:20:d2:
10:24:29:0a:30:b1:78:81:f0:e2:f5:bc:cb:c5:4f:25:47:74:
b3:af:64:88:9e:c3:b7:cc:a0:56:ef:00:24:23:b8:2f:a3:89:
2b:fd:8f:9d:9f:72:f2:de:d0:40:3e:b1:ed:60:63:c2:16:e4:
4e:cb:31:04:46:4a:de:0a:72:1d:83:75:f4:5f:41:42:fd:63:
a3:a7:4b:86:04:88:62:a7:85:42:77:27:45:e1:01:be:fe:b7:
79:38:31:9b:d4:ca:88:3d:76:e5:db:1d:2d:2a:3b:0b:cb:d4:
08:fc:51:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPA2S6ZCKfjnFlVD7yP0yoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEwMDc0MzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDRmZDlkYWNlMWFhMDQzOTg1OGQxNTA5MTE3Mjg5YWMxZWNjYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH5MjF1XZXaUOi8Rfhas+2CNy2Pv
9TmAjQcGMOvgZgJcut4/NDRX2Xp+tNhsG23edB4+LvsQMH3a/VZwyYw9RRfX8ZMq
ntAdHKddwhoYvC3oP0iLeIdt6Ee/EUuJux4et+XrUTHv7Y/SHC0BVoJVloVYbYMz
8fzu7/74yP8CRNpUMR3UAXSKN2xTK1IrVVOn+Yb9ajkyorNR23MNspvpwd3npA0m
3POXqtYVman0GdDACIMD3ndvWDiwaa1RsHDX7qu6C4aDqbFOm5dfnulWt0k4R3za
D+bi9ZjE2S5RxF3aC4C05OeDYFvWmm6tUAppwyj+vr0D5Xsa1FKihCoAmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIRP2drOGqBDmFjRUJEXKJrB7Mq8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaEVfWjJzNGFvRU9ZV05GUWtSY29tc0hzeXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlepAwQA
wle0MA0GCSqGSIb3DQEBCwUAA4IBAQAUZHqgPp10SMTrxMaINFHxGpGO0OreKxQL
XcJzk4vjBAPppZJn3AG3YpJcWDJM1ZBt5aP+iP8afmW2qxMyrKmLEW7roze7OR+v
OLJsx1k2/udFLiXeMjMlybExfRoPFrtBS8d9mLJPZJC565Uc70//jMETlVblDSiK
bPw97M3V590Nkl0e78nfAHgl6duGINIQJCkKMLF4gfDi9bzLxU8lR3Szr2SInsO3
zKBW7wAkI7gvo4kr/Y+dn3Ly3tBAPrHtYGPCFuROyzEERkreCnIdg3X0X0FC/WOj
p0uGBIhip4VCdydF4QG+/rd5ODGb1MqIPXbl2x0tKjsLy9QI/FE9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org