Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l09wyYkp_P9lUknxXm23jzJbJz4.roa
File: l09wyYkp_P9lUknxXm23jzJbJz4.roa (raw, json)
Hash identifier: KZm+jCBp8BMidbN7P/MgwK6E1VRpG7suFjvMutYW93E=
Subject key identifier: 97:4F:70:C9:89:29:FC:FF:65:52:49:F1:5E:6D:B7:8F:32:5B:27:3E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C0CE316A9EDCDA53F76BBB781381DFF8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l09wyYkp_P9lUknxXm23jzJbJz4.roa
Signing time: Mon 10 Oct 2022 07:31:21 +0000
ROA not before: Mon 10 Oct 2022 07:31:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212411
IP address blocks: 194.87.229.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c0:ce:31:6a:9e:dc:da:53:f7:6b:bb:78:13:81:df:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 10 07:31:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=974f70c98929fcff655249f15e6db78f325b273e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:af:f1:3b:f8:ad:01:4e:91:f6:e3:fc:d0:6a:
f8:4e:4e:a1:0b:52:10:9f:8a:cf:08:52:7a:92:44:
8e:7a:93:b7:52:73:a1:72:19:8f:8d:4a:a9:a3:1c:
84:0c:b1:d5:b1:49:7a:31:7e:0b:0e:4e:6f:4f:1e:
e5:dd:d1:bd:7f:29:0e:da:6b:04:d4:17:b5:9a:0e:
07:9f:81:82:e0:41:ec:59:74:69:6c:46:11:29:1a:
e2:11:58:68:8f:46:23:16:8c:d4:cc:70:f9:2f:38:
fd:07:44:03:91:7a:c6:1d:d7:47:7f:7e:da:e3:e0:
23:26:82:e1:e0:d4:28:32:ae:66:6a:b8:88:86:3a:
31:4a:0f:94:cc:d0:ee:ef:ce:3e:00:99:c7:2e:61:
7f:b9:03:f0:93:6d:04:83:12:08:a3:4e:04:c1:aa:
b2:5e:6b:63:b7:8a:8c:7d:4d:7a:4f:54:b2:6b:49:
5f:da:ce:aa:36:bc:2c:3d:f8:2b:c4:7e:08:f1:4c:
89:a1:f2:da:56:95:43:19:14:80:d7:64:84:10:d0:
66:37:cd:d0:ce:b1:70:e1:f8:0d:ea:13:c9:6d:cf:
46:37:92:99:00:3f:9f:b3:63:d5:b8:12:e0:2f:73:
7d:65:d6:80:f0:a7:0f:f5:a8:1b:c6:5b:3a:f6:52:
3c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4F:70:C9:89:29:FC:FF:65:52:49:F1:5E:6D:B7:8F:32:5B:27:3E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l09wyYkp_P9lUknxXm23jzJbJz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.228.0/23
Signature Algorithm: sha256WithRSAEncryption
06:12:65:59:47:d7:9a:74:d1:ca:da:e4:ce:bd:32:bd:63:57:
93:8f:89:4f:32:40:ca:4d:98:02:13:85:26:0a:9b:7b:df:cb:
b8:a3:ef:e0:9a:2f:f8:1b:06:3b:1c:c2:1f:7f:27:f3:3a:d9:
94:b7:9d:ae:65:52:45:7b:b8:4a:0a:c1:95:eb:5c:b6:00:d9:
22:f6:99:ce:02:d0:b8:70:3f:81:aa:13:cf:7b:a3:42:7b:f0:
ab:b5:8b:44:ee:7d:f8:01:d6:7c:3c:00:3d:7d:66:6f:c6:7c:
68:99:74:34:41:da:f1:d3:b9:c1:ec:94:eb:6b:fa:ee:7a:1b:
7c:3c:ac:9b:25:92:25:24:23:87:e9:64:db:38:b8:bd:2d:3d:
37:2e:59:9c:35:f2:60:b9:73:84:ad:39:67:18:ee:f8:00:eb:
41:ef:a1:09:fd:2a:62:e5:f6:b5:df:43:fe:ff:be:21:52:0c:
ab:9d:5f:bb:0b:88:19:ea:80:66:46:39:ac:96:59:76:95:f1:
de:81:7d:ad:5b:5b:1c:82:3f:37:3a:c5:1e:47:95:93:a0:12:
6e:fa:08:44:3c:bf:42:06:5b:aa:2a:d5:73:66:11:75:d6:18:
cc:56:f1:52:35:e0:be:4b:66:32:b1:70:88:75:80:ba:f3:4e:
0a:5e:42:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPAzjFqntzaU/dru3gTgd/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEwMDczMTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzRmNzBjOTg5MjlmY2ZmNjU1MjQ5ZjE1ZTZkYjc4ZjMyNWIyNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6/xO/itAU6R9uP80Gr4Tk6hC1IQ
n4rPCFJ6kkSOepO3UnOhchmPjUqpoxyEDLHVsUl6MX4LDk5vTx7l3dG9fykO2msE
1Be1mg4Hn4GC4EHsWXRpbEYRKRriEVhoj0YjFozUzHD5Lzj9B0QDkXrGHddHf37a
4+AjJoLh4NQoMq5mariIhjoxSg+UzNDu784+AJnHLmF/uQPwk20EgxIIo04Ewaqy
Xmtjt4qMfU16T1Sya0lf2s6qNrwsPfgrxH4I8UyJofLaVpVDGRSA12SEENBmN83Q
zrFw4fgN6hPJbc9GN5KZAD+fs2PVuBLgL3N9ZdaA8KcP9agbxls69lI8cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdPcMmJKfz/ZVJJ8V5tt48yWyc+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbDA5d3lZa3BfUDlsVWtueFhtMjNqekpiSno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwlfkMA0G
CSqGSIb3DQEBCwUAA4IBAQAGEmVZR9eadNHK2uTOvTK9Y1eTj4lPMkDKTZgCE4Um
Cpt738u4o+/gmi/4GwY7HMIffyfzOtmUt52uZVJFe7hKCsGV61y2ANki9pnOAtC4
cD+BqhPPe6NCe/CrtYtE7n34AdZ8PAA9fWZvxnxomXQ0Qdrx07nB7JTra/rueht8
PKybJZIlJCOH6WTbOLi9LT03LlmcNfJguXOErTlnGO74AOtB76EJ/Spi5fa130P+
/74hUgyrnV+7C4gZ6oBmRjmslll2lfHegX2tW1scgj83OsUeR5WToBJu+ghEPL9C
BluqKtVzZhF11hjMVvFSNeC+S2YysXCIdYC6804KXkLP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org