Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jlIrTcFDs3X2jJmZdKIJ76-a624.roa
File: jlIrTcFDs3X2jJmZdKIJ76-a624.roa (raw, json)
Hash identifier: bnMTxi4E8YqfkR18ZGPrCj/lJNVog9oVEJ0dDq5h1vg=
Subject key identifier: 8E:52:2B:4D:C1:43:B3:75:F6:8C:99:99:74:A2:09:EF:AF:9A:EB:6E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0F2765AD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jlIrTcFDs3X2jJmZdKIJ76-a624.roa
Signing time: Thu 17 Mar 2022 08:07:41 +0000
ROA not before: Thu 17 Mar 2022 08:07:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210654
IP address blocks: 194.87.114.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.132.0/22 maxlen: 24
194.87.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254240173 (0xf2765ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 17 08:07:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e522b4dc143b375f68c999974a209efaf9aeb6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:a3:fe:4a:e4:81:91:19:8c:ce:a1:0d:35:
da:69:d5:c0:1b:c2:ef:46:b2:39:7b:b7:5e:8f:b5:
3a:24:c2:85:bc:e0:a0:0f:0a:6e:7d:6d:30:18:ba:
5f:dd:31:49:d0:16:f9:90:35:42:a4:b9:12:66:8c:
cd:9e:6f:fb:14:c6:eb:cf:dd:86:cf:51:a6:2e:c9:
7d:12:89:a7:46:c3:b1:91:a9:f4:49:58:04:79:c9:
d3:89:f2:c0:23:49:46:7e:f1:b0:bb:1f:61:79:72:
c2:6f:53:21:65:3b:78:1f:52:66:23:66:e3:a8:4c:
e6:10:31:64:16:3f:c9:6f:c7:22:7b:55:32:ad:1a:
5c:c1:a2:73:e6:03:9f:31:0f:33:fe:a0:a6:04:c5:
41:af:3c:69:00:4b:b3:2f:c5:5a:e8:ec:6b:e9:79:
f6:da:ac:3d:8d:97:33:e2:37:f5:cd:cb:de:ca:8b:
46:54:43:05:2d:97:08:04:a1:62:d5:f7:40:e9:ff:
e1:f8:41:7a:72:56:f1:6b:06:d2:e1:fa:cb:c7:48:
d6:6e:8e:eb:2f:1e:5c:13:9b:7d:ec:17:fc:7f:1b:
85:76:a8:17:25:a9:aa:83:6e:ce:6f:c3:a3:78:4a:
13:30:55:59:f3:d9:95:6d:40:8b:4b:e1:b4:d6:48:
26:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:52:2B:4D:C1:43:B3:75:F6:8C:99:99:74:A2:09:EF:AF:9A:EB:6E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jlIrTcFDs3X2jJmZdKIJ76-a624.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.42.0/24
194.87.114.0/24
194.87.131.0-194.87.135.255
194.87.227.0/24
Signature Algorithm: sha256WithRSAEncryption
14:10:ec:d0:c6:10:e7:91:f7:36:60:f2:cb:42:61:10:77:59:
da:e8:b8:03:d0:79:23:f8:50:b3:94:88:02:2a:f1:de:3e:3d:
9e:7e:7c:e0:38:78:24:16:25:12:4e:50:d4:c4:c2:9b:3c:76:
fd:bc:07:e1:b6:c3:03:be:45:2e:0f:2f:ce:7f:e3:bd:bd:21:
45:66:01:c4:70:ee:02:7f:34:6c:1d:95:d0:1b:26:4d:04:3b:
72:4f:6f:2a:10:b4:c4:9e:7b:3e:e9:33:fa:e2:3e:11:6c:63:
55:09:10:36:4a:49:68:57:f8:b8:e4:36:4e:fc:b8:3e:36:de:
95:38:cd:e7:92:76:95:c7:17:9a:e6:e8:eb:bf:c3:9c:fa:29:
cc:91:53:90:7e:69:92:54:e9:5c:6c:ab:7f:35:50:e4:fa:42:
df:40:58:89:3f:63:4a:0e:92:ff:55:5d:f4:80:4d:fe:e5:1c:
d8:a0:0a:81:de:16:6c:0a:4b:0f:e8:bc:00:9d:cc:db:22:0c:
ff:6d:03:98:a5:3e:0e:59:85:b7:94:44:22:eb:4c:3d:b3:10:
98:2e:31:76:5d:ca:21:10:76:01:3a:37:55:ab:66:86:df:82:
03:7e:db:1d:ff:2f:ef:38:d9:1a:1d:93:96:49:53:67:2d:fb:
ba:74:b3:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEDydlrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDMx
NzA4MDc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU1MjJiNGRjMTQz
YjM3NWY2OGM5OTk5NzRhMjA5ZWZhZjlhZWI2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPAo/5K5IGRGYzOoQ012mnVwBvC70ayOXu3Xo+1OiTChbzg
oA8Kbn1tMBi6X90xSdAW+ZA1QqS5EmaMzZ5v+xTG68/dhs9Rpi7JfRKJp0bDsZGp
9ElYBHnJ04nywCNJRn7xsLsfYXlywm9TIWU7eB9SZiNm46hM5hAxZBY/yW/HIntV
Mq0aXMGic+YDnzEPM/6gpgTFQa88aQBLsy/FWujsa+l59tqsPY2XM+I39c3L3sqL
RlRDBS2XCAShYtX3QOn/4fhBenJW8WsG0uH6y8dI1m6O6y8eXBObfewX/H8bhXao
FyWpqoNuzm/Do3hKEzBVWfPZlW1Ai0vhtNZIJpMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSOUitNwUOzdfaMmZl0ognvr5rrbjAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L2psSXJUY0ZEczNYMmpKbVpkS0lKNzYtYTYyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAMJXKgMEAMJXcjAMAwQAwleDAwQD
wleAAwQAwlfjMA0GCSqGSIb3DQEBCwUAA4IBAQAUEOzQxhDnkfc2YPLLQmEQd1na
6LgD0Hkj+FCzlIgCKvHePj2efnzgOHgkFiUSTlDUxMKbPHb9vAfhtsMDvkUuDy/O
f+O9vSFFZgHEcO4CfzRsHZXQGyZNBDtyT28qELTEnns+6TP64j4RbGNVCRA2Sklo
V/i45DZO/Lg+Nt6VOM3nknaVxxea5ujrv8Oc+inMkVOQfmmSVOlcbKt/NVDk+kLf
QFiJP2NKDpL/VV30gE3+5RzYoAqB3hZsCksP6LwAnczbIgz/bQOYpT4OWYW3lEQi
60w9sxCYLjF2XcohEHYBOjdVq2aG34IDftsd/y/vONkaHZOWSVNnLfu6dLPp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:04 2023 by rpki-client on console-ams.rpki-client.org