Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ki5-5Byss0Qq2KP7E0uiKrYSoyY.roa
File: ki5-5Byss0Qq2KP7E0uiKrYSoyY.roa (raw, json)
Hash identifier: qORNFkyZvvAK8pdO9z7y1aD2df1Q7H/3sDHDJ3FnX7Q=
Subject key identifier: 92:2E:7E:E4:1C:AC:B3:44:2A:D8:A3:FB:13:4B:A2:2A:B6:12:A3:26
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840AF3BEB7FF98207CF3B3AA0EA6790E06
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ki5-5Byss0Qq2KP7E0uiKrYSoyY.roa
Signing time: Mon 24 Oct 2022 17:04:16 +0000
ROA not before: Mon 24 Oct 2022 17:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 194.87.6.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:f3:be:b7:ff:98:20:7c:f3:b3:aa:0e:a6:79:0e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 24 17:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=922e7ee41cacb3442ad8a3fb134ba22ab612a326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:62:25:99:5b:e2:cb:a5:54:88:0f:ed:29:11:
9a:3d:62:da:95:44:cc:cd:24:37:16:17:66:e1:9a:
f7:71:d4:3c:72:e1:18:ab:b7:2a:5d:14:e7:fe:01:
b6:2e:60:9f:05:d9:74:4f:f4:19:6f:9a:17:36:dc:
32:56:89:a9:5e:e5:c9:cc:b7:a7:14:9b:39:d5:9d:
92:5f:21:0b:15:df:b7:a5:13:8c:0a:6a:4c:57:6e:
ff:c4:94:9e:a8:02:9b:23:4d:7b:e3:c5:6e:56:f2:
29:9a:25:65:d0:66:1f:b1:64:8d:02:d1:13:31:c0:
b6:e8:ad:66:85:22:48:06:b0:01:3e:bf:5b:8c:c5:
87:a5:10:42:e1:0c:33:5d:dc:c5:9b:0c:25:59:61:
c5:dd:26:87:8b:d8:0d:69:4a:b1:78:74:27:25:1c:
9e:40:c3:48:84:f0:14:dc:ed:c9:51:c1:15:4a:95:
f5:55:bf:6d:20:6a:f6:f1:a4:4b:8a:78:48:49:22:
6b:ac:45:7f:6e:e5:0a:86:43:4b:2f:a0:cf:c3:38:
49:13:92:aa:8b:98:7c:83:b4:62:04:78:19:49:94:
69:d3:ea:dd:f7:48:79:21:c6:40:78:f8:ef:f2:95:
7e:09:8f:3d:9f:20:3f:01:7c:0b:e9:fc:1c:71:e2:
3f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2E:7E:E4:1C:AC:B3:44:2A:D8:A3:FB:13:4B:A2:2A:B6:12:A3:26
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ki5-5Byss0Qq2KP7E0uiKrYSoyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.6.0/24
194.87.119.0/24
194.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
00:dc:8b:37:3e:98:b6:78:56:0b:dc:47:5b:df:f6:e7:43:68:
04:1c:e1:5d:b1:d3:1a:87:d6:f6:cc:d3:30:05:ec:22:89:5b:
39:63:c3:f5:90:15:95:e0:9c:9d:47:26:b4:07:eb:0e:11:35:
f8:bb:50:ea:6a:07:0c:10:41:20:f7:64:55:4f:be:50:f9:6b:
c4:bd:5a:3d:dd:ca:de:0f:8e:27:86:c1:70:26:3c:04:ba:ee:
b3:0f:78:b2:f5:94:8b:3d:09:03:d0:f3:16:0b:c6:ed:33:ec:
e6:33:4e:4c:d5:8a:ae:71:f9:2f:4d:68:9a:4b:68:c1:ab:f7:
65:c5:5c:85:2c:e2:ef:e7:34:ba:4b:8c:dc:ff:3d:39:1c:12:
45:d7:ac:03:b7:3f:e2:85:ab:97:13:6b:3a:3d:7f:7b:70:c7:
3c:64:97:4a:9f:14:3e:aa:2e:01:41:41:0c:b4:06:34:43:d6:
b2:13:16:9c:b0:88:c3:82:fa:83:2d:18:3e:c3:13:cf:ec:be:
83:5c:63:bc:d3:65:6a:d3:2c:f2:98:5d:b6:c0:1e:02:0c:52:
7d:0a:b1:e5:d8:9f:53:55:b4:e0:2c:89:17:48:e3:98:8a:6c:
96:d0:84:64:20:30:70:c9:f5:d7:c6:f1:06:83:1f:bd:56:96:
72:fd:aa:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQK8763/5ggfPOzqg6meQ4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI0MTcwNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJlN2VlNDFjYWNiMzQ0MmFkOGEzZmIxMzRiYTIyYWI2MTJhMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGIlmVviy6VUiA/tKRGaPWLalUTM
zSQ3Fhdm4Zr3cdQ8cuEYq7cqXRTn/gG2LmCfBdl0T/QZb5oXNtwyVompXuXJzLen
FJs51Z2SXyELFd+3pROMCmpMV27/xJSeqAKbI01748VuVvIpmiVl0GYfsWSNAtET
McC26K1mhSJIBrABPr9bjMWHpRBC4QwzXdzFmwwlWWHF3SaHi9gNaUqxeHQnJRye
QMNIhPAU3O3JUcEVSpX1Vb9tIGr28aRLinhISSJrrEV/buUKhkNLL6DPwzhJE5Kq
i5h8g7RiBHgZSZRp0+rd90h5IcZAePjv8pV+CY89nyA/AXwL6fwcceI/XwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJIufuQcrLNEKtij+xNLoiq2EqMmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva2k1LTVCeXNzMFFxMktQN0UwdWlLcllTb3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcGAwQA
wld3AwQAwlfeMA0GCSqGSIb3DQEBCwUAA4IBAQAA3Is3Ppi2eFYL3Edb3/bnQ2gE
HOFdsdMah9b2zNMwBewiiVs5Y8P1kBWV4JydRya0B+sOETX4u1DqagcMEEEg92RV
T75Q+WvEvVo93creD44nhsFwJjwEuu6zD3iy9ZSLPQkD0PMWC8btM+zmM05M1Yqu
cfkvTWiaS2jBq/dlxVyFLOLv5zS6S4zc/z05HBJF16wDtz/ihauXE2s6PX97cMc8
ZJdKnxQ+qi4BQUEMtAY0Q9ayExacsIjDgvqDLRg+wxPP7L6DXGO802Vq0yzymF22
wB4CDFJ9CrHl2J9TVbTgLIkXSOOYimyW0IRkIDBwyfXXxvEGgx+9VpZy/aqt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org