Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/koIp3WSVM2fBgR1FFzhrfnKS-Ok.roa
File: koIp3WSVM2fBgR1FFzhrfnKS-Ok.roa (raw, json)
Hash identifier: skG5GfVvJX/5uTfP1LvynlHmuH+XbdYPZPepewuHpOU=
Subject key identifier: 92:82:29:DD:64:95:33:67:C1:81:1D:45:17:38:6B:7E:72:92:F8:E9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184096F91D454CCFBAACE16BA1795F11204
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/koIp3WSVM2fBgR1FFzhrfnKS-Ok.roa
Signing time: Mon 24 Oct 2022 10:00:17 +0000
ROA not before: Mon 24 Oct 2022 10:00:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:6f:91:d4:54:cc:fb:aa:ce:16:ba:17:95:f1:12:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 24 10:00:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=928229dd64953367c1811d4517386b7e7292f8e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:68:38:1d:4d:2a:42:93:b0:26:ab:b1:53:8b:
06:ea:06:2f:93:4b:cb:8a:a4:5d:ff:92:f2:14:45:
aa:88:5f:a5:22:00:ef:c5:cf:c5:6f:68:25:56:b6:
0a:5c:3c:c7:06:1e:9d:4a:c6:b4:87:3e:06:bd:7c:
9a:5c:8e:22:1a:7d:68:04:f5:62:1d:97:9a:1b:1b:
88:b9:08:da:a2:46:10:37:0c:4c:91:e4:61:e6:3a:
e5:06:be:15:9b:25:a5:f0:f4:d2:bc:a4:ba:5a:2b:
15:a8:ca:21:ff:a5:93:2f:4d:02:de:47:9d:4e:eb:
b8:07:2e:39:9e:31:30:f7:c2:ab:71:19:b9:aa:41:
9e:10:8a:1b:ee:1b:49:4b:95:91:72:aa:00:be:41:
4f:8d:c6:28:a9:f3:e0:c9:fe:1c:45:92:e4:e9:34:
31:da:83:f3:ff:57:3f:b0:16:48:dc:d4:29:f1:20:
11:53:3c:90:bb:44:2d:cd:ee:1b:cc:53:0c:0d:25:
be:68:0e:56:f9:9a:cc:88:12:37:3b:a2:5c:bd:6e:
f5:c0:46:3b:67:20:31:ef:80:70:86:a4:1e:75:b4:
10:af:b1:11:04:4e:8e:e9:37:02:7f:8d:74:dd:91:
aa:fc:fc:fe:08:e0:ec:62:f3:26:23:d8:80:41:e1:
04:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:82:29:DD:64:95:33:67:C1:81:1D:45:17:38:6B:7E:72:92:F8:E9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/koIp3WSVM2fBgR1FFzhrfnKS-Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
192.124.183.0/24
193.124.90.0/24
193.124.133.0/24
194.87.199.0/24
194.87.252.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d0:65:14:46:83:f0:c3:72:3c:96:9d:62:c3:41:db:f7:30:
ce:13:05:c6:ff:d1:4a:22:1b:d9:72:e7:de:3e:04:c0:b4:f2:
52:dc:50:e4:40:4d:ee:25:1a:7c:62:9e:b2:bd:f2:72:f9:9a:
29:0c:2b:56:02:e0:51:8d:75:a8:56:4b:80:1c:db:2d:32:09:
76:6a:19:06:d3:52:b4:45:ec:00:99:75:f5:50:6a:36:22:17:
6f:50:86:85:57:e9:1d:b7:8e:7e:4e:db:a7:27:4d:85:30:0b:
69:19:d6:e2:64:d4:98:16:c6:8b:c6:81:0b:02:3a:31:9c:85:
fd:1a:c5:6e:b3:e5:9e:cd:6b:49:36:27:42:ae:af:aa:04:fd:
4f:56:25:6c:ee:b7:2a:46:20:91:67:0f:1e:09:cf:3e:ea:25:
90:5e:b1:0d:5d:2e:59:34:0d:a7:74:c9:f6:59:38:62:a7:5d:
29:8e:ea:a5:32:3f:e4:95:16:ef:d5:7f:9b:98:04:49:ab:70:
29:4d:6a:e6:c5:51:0a:e1:1e:12:ce:7a:b8:96:f6:09:ab:5c:
f4:1c:28:b9:dc:4c:bb:15:b8:56:fe:ea:8f:30:f0:ad:5c:7e:
32:a1:54:5b:04:7b:61:ea:52:7d:ff:b6:97:ae:71:ad:a5:ed:
78:eb:48:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYQJb5HUVMz7qs4WuheV8RIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI0MTAwMDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjgyMjlkZDY0OTUzMzY3YzE4MTFkNDUxNzM4NmI3ZTcyOTJmOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGg4HU0qQpOwJquxU4sG6gYvk0vL
iqRd/5LyFEWqiF+lIgDvxc/Fb2glVrYKXDzHBh6dSsa0hz4GvXyaXI4iGn1oBPVi
HZeaGxuIuQjaokYQNwxMkeRh5jrlBr4VmyWl8PTSvKS6WisVqMoh/6WTL00C3ked
Tuu4By45njEw98KrcRm5qkGeEIob7htJS5WRcqoAvkFPjcYoqfPgyf4cRZLk6TQx
2oPz/1c/sBZI3NQp8SARUzyQu0Qtze4bzFMMDSW+aA5W+ZrMiBI3O6JcvW71wEY7
ZyAx74BwhqQedbQQr7ERBE6O6TcCf4103ZGq/Pz+CODsYvMmI9iAQeEELwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJKCKd1klTNnwYEdRRc4a35ykvjpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva29JcDNXU1ZNMmZCZ1IxRkZ6aHJmbktTLU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwHy0AwQA
wHy3AwQAwXxaAwQAwXyFAwQAwlfHAwQAwlf8AwQAw4XBAwQA1MAFAwQA1MAJAwQA
1MECMA0GCSqGSIb3DQEBCwUAA4IBAQAy0GUURoPww3I8lp1iw0Hb9zDOEwXG/9FK
IhvZcufePgTAtPJS3FDkQE3uJRp8Yp6yvfJy+ZopDCtWAuBRjXWoVkuAHNstMgl2
ahkG01K0RewAmXX1UGo2IhdvUIaFV+kdt45+TtunJ02FMAtpGdbiZNSYFsaLxoEL
AjoxnIX9GsVus+WezWtJNidCrq+qBP1PViVs7rcqRiCRZw8eCc8+6iWQXrENXS5Z
NA2ndMn2WThip10pjuqlMj/klRbv1X+bmARJq3ApTWrmxVEK4R4Sznq4lvYJq1z0
HCi53Ey7FbhW/uqPMPCtXH4yoVRbBHth6lJ9/7aXrnGtpe1460hI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:10 2023 by rpki-client on console-fra.rpki-client.org