Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jP02kdeTYw1wl5FyWpiMQAwaSCU.roa
File: jP02kdeTYw1wl5FyWpiMQAwaSCU.roa (raw, json)
Hash identifier: G5RDiCSN1LWw6uaywA0tAJoQBxAO/jNKCDZsOr4J3iY=
Subject key identifier: 8C:FD:36:91:D7:93:63:0D:70:97:91:72:5A:98:8C:40:0C:1A:48:25
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C2764EC59BCA26CA7DF68D19C205139C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jP02kdeTYw1wl5FyWpiMQAwaSCU.roa
Signing time: Mon 10 Oct 2022 15:14:36 +0000
ROA not before: Mon 10 Oct 2022 15:14:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:76:4e:c5:9b:ca:26:ca:7d:f6:8d:19:c2:05:13:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 10 15:14:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cfd3691d793630d709791725a988c400c1a4825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ec:a2:7f:26:44:62:00:5a:ac:89:06:52:46:
7f:7c:d7:b6:a1:ab:99:c2:db:fb:31:52:12:cc:99:
63:d7:f6:17:2e:da:19:da:ad:f3:84:15:1a:85:3f:
17:07:0f:93:92:e8:be:46:2b:23:7e:2c:b9:33:8d:
58:c2:9b:e3:e3:e4:b9:e5:ae:17:f6:45:ef:d0:0c:
63:8c:fb:73:66:1b:02:48:db:25:33:ce:8b:b0:12:
1c:1c:b3:2f:08:ca:49:99:75:40:65:d9:fb:38:8c:
df:c9:27:d9:83:e6:07:fc:14:96:77:2b:44:a5:77:
1f:11:4c:69:30:e8:50:ae:61:21:b6:8b:61:a9:0c:
43:49:4e:94:4f:1c:8f:9a:1f:73:3f:04:75:9e:54:
ea:7e:83:60:6e:cb:b1:3b:dc:0e:a5:4e:b2:c2:20:
da:49:2b:c2:55:dd:d6:92:26:59:c0:c8:c4:67:0e:
99:e8:b2:43:04:3e:3f:68:1b:44:4a:39:a1:9d:54:
f8:99:90:eb:cf:9b:06:8d:80:1b:d5:51:48:d7:59:
70:36:37:13:8b:97:ec:f3:80:8f:ec:61:76:d6:ef:
43:b0:36:15:d1:09:aa:e7:2e:0b:8a:14:95:24:58:
1c:b6:6a:73:c4:52:e4:07:56:2c:77:41:77:04:8b:
d2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:FD:36:91:D7:93:63:0D:70:97:91:72:5A:98:8C:40:0C:1A:48:25
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jP02kdeTYw1wl5FyWpiMQAwaSCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.93.0/24
193.124.125.0/24
194.87.37.0/24
194.87.56.0/24
194.87.162.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
67:e9:02:13:32:30:f8:d6:47:aa:aa:97:da:0e:11:8b:13:11:
da:32:98:3d:7d:0f:71:37:cd:5f:70:e9:54:27:ff:15:99:9d:
00:6d:c9:cb:31:54:72:90:03:3e:b7:a3:2b:c1:1e:7d:16:23:
3a:5b:7e:91:6a:98:12:cd:a8:c5:bc:f1:81:ea:62:2e:48:9a:
f1:3c:73:e9:7c:9d:07:f6:b8:b0:dc:8a:c5:e1:3f:51:4c:5a:
5f:5c:f7:30:27:ab:a0:c4:28:aa:9c:ce:e8:e6:6c:7d:61:f1:
22:f2:bd:48:89:cf:38:47:51:b0:4a:d2:f3:05:ad:dc:c3:23:
f4:71:80:a3:d8:89:e8:d0:f0:49:34:8e:8e:4a:31:ff:d8:98:
63:90:a4:29:cb:a1:05:a4:47:b4:bb:eb:b4:be:26:5a:4e:56:
5c:85:c8:ee:bd:d7:a4:78:57:d8:61:c1:7e:16:8c:b2:da:bc:
0e:54:d4:f9:88:35:b9:a3:d8:a6:ec:62:4f:f2:14:32:6b:46:
d0:dc:f0:0c:7a:15:bc:bf:97:fb:d7:4a:52:4d:bd:aa:32:29:
b0:2f:a1:89:b1:5a:8a:d4:96:c0:18:d4:d0:06:96:85:f1:e3:
f8:48:3c:5c:b4:81:af:10:70:0b:42:4c:12:dd:1e:82:ab:e9:
90:70:7a:84
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYPCdk7Fm8omyn32jRnCBROcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEwMTUxNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2ZkMzY5MWQ3OTM2MzBkNzA5NzkxNzI1YTk4OGM0MDBjMWE0ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+yifyZEYgBarIkGUkZ/fNe2oauZ
wtv7MVISzJlj1/YXLtoZ2q3zhBUahT8XBw+Tkui+Risjfiy5M41Ywpvj4+S55a4X
9kXv0AxjjPtzZhsCSNslM86LsBIcHLMvCMpJmXVAZdn7OIzfySfZg+YH/BSWdytE
pXcfEUxpMOhQrmEhtothqQxDSU6UTxyPmh9zPwR1nlTqfoNgbsuxO9wOpU6ywiDa
SSvCVd3WkiZZwMjEZw6Z6LJDBD4/aBtESjmhnVT4mZDrz5sGjYAb1VFI11lwNjcT
i5fs84CP7GF21u9DsDYV0Qmq5y4LihSVJFgctmpzxFLkB1Ysd0F3BIvS4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIz9NpHXk2MNcJeRclqYjEAMGkglMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvalAwMmtkZVRZdzF3bDVGeVdwaU1RQXdhU0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwEAwQA
wXxdAwQAwXx9AwQAwlclAwQAwlc4AwQAwleiAwQAw4VJMA0GCSqGSIb3DQEBCwUA
A4IBAQBn6QITMjD41keqqpfaDhGLExHaMpg9fQ9xN81fcOlUJ/8VmZ0AbcnLMVRy
kAM+t6MrwR59FiM6W36RapgSzajFvPGB6mIuSJrxPHPpfJ0H9riw3IrF4T9RTFpf
XPcwJ6ugxCiqnM7o5mx9YfEi8r1Iic84R1GwStLzBa3cwyP0cYCj2Ino0PBJNI6O
SjH/2JhjkKQpy6EFpEe0u+u0viZaTlZchcjuvdekeFfYYcF+Foyy2rwOVNT5iDW5
o9im7GJP8hQya0bQ3PAMehW8v5f710pSTb2qMimwL6GJsVqK1JbAGNTQBpaF8eP4
SDxctIGvEHALQkwS3R6Cq+mQcHqE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org