Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lrMGsMY5Uh-VVbrESH7KmpyAIzc.roa
File: lrMGsMY5Uh-VVbrESH7KmpyAIzc.roa (raw, json)
Hash identifier: iJk9RhCeNYGH/LpBQGAQESVj7W9GpBxqCzn1XzdYLcM=
Subject key identifier: 96:B3:06:B0:C6:39:52:1F:95:55:BA:C4:48:7E:CA:9A:9C:80:23:37
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018559884CE5D28A85233E736A5945B0B32F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lrMGsMY5Uh-VVbrESH7KmpyAIzc.roa
Signing time: Wed 28 Dec 2022 16:19:42 +0000
ROA not before: Wed 28 Dec 2022 16:19:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 194.87.151.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:88:4c:e5:d2:8a:85:23:3e:73:6a:59:45:b0:b3:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 28 16:19:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96b306b0c639521f9555bac4487eca9a9c802337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:71:af:7c:0c:48:55:70:57:6a:61:a6:93:56:
5f:ee:6f:e9:6c:92:d6:db:8d:29:ff:49:93:35:ae:
37:13:92:68:cf:fc:06:7e:cb:bb:bd:be:5f:70:55:
6f:13:07:ce:6f:a0:c3:e9:5c:6e:74:34:6c:f4:e0:
93:00:8a:19:05:b2:7d:19:2a:ce:df:c3:ef:59:0c:
74:96:e7:35:d1:fe:5a:89:bc:c4:e5:8b:19:33:dc:
ac:4c:83:0f:e9:4a:38:d7:cd:58:12:96:24:d3:6d:
b7:c5:cb:95:5e:8c:60:49:19:9e:74:40:8b:fe:f5:
69:23:74:a2:19:4f:92:df:63:c7:ce:0e:9f:bb:9d:
94:c3:0c:75:df:8f:23:58:3c:56:84:14:7b:61:83:
60:de:13:74:c6:dc:af:36:93:33:fb:12:98:18:73:
a4:59:6a:4d:8a:e1:93:df:d7:e0:28:c3:03:e0:1f:
8c:5a:8e:1b:57:f9:21:0b:f9:23:0d:d1:8d:b7:a4:
15:14:4d:53:63:02:ba:80:d2:48:bd:9b:62:fe:8e:
7a:f1:74:aa:68:c4:a9:3b:64:4d:85:cb:70:f7:54:
27:47:83:d8:f1:e1:4f:18:84:82:e9:63:72:77:39:
87:50:b0:32:e3:92:13:0e:96:b3:9e:7a:1f:3f:30:
7e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B3:06:B0:C6:39:52:1F:95:55:BA:C4:48:7E:CA:9A:9C:80:23:37
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lrMGsMY5Uh-VVbrESH7KmpyAIzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.84.0/22
194.87.151.0/24
195.133.18.0/24
195.133.38.0/24
195.133.40.0/24
212.192.8.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
76:7f:76:c6:0f:a7:8c:f9:5d:8d:de:f7:7e:57:dd:21:7b:df:
7e:6f:fe:8d:01:1a:58:7c:20:51:57:ed:a4:3e:e1:56:de:b9:
e4:2f:03:4a:12:97:8f:b6:97:10:65:87:02:08:dd:6d:d0:98:
4a:d5:80:d4:93:7e:a8:73:a5:35:70:63:de:2a:7a:07:9e:ef:
4e:f1:09:fa:e4:99:73:66:6c:15:0f:08:17:d4:18:1d:88:77:
f5:f3:9e:e9:9d:1b:91:7a:d9:be:c5:1d:90:40:e9:52:61:ec:
d2:13:43:a5:a4:ef:cd:28:f8:27:00:f3:c2:a7:dd:2b:5b:85:
4c:e1:1d:32:33:63:6d:f4:a0:d7:0b:9a:4c:11:34:e4:91:d6:
ea:78:a7:ac:0b:f2:5a:9a:2e:ca:86:c1:14:02:34:1e:99:05:
da:c2:27:4e:da:6a:92:07:c1:b4:2b:1f:58:e4:64:3e:5d:f0:
d5:d0:fe:2f:40:7b:d6:c0:4d:29:0f:32:90:39:3e:b8:59:3c:
f9:34:66:37:df:ea:43:18:d8:29:98:34:d0:b5:cb:81:e8:6f:
eb:bd:3d:77:1f:0b:f5:c7:48:bf:7e:4d:96:f1:1a:66:2a:8e:
cc:5c:7b:b6:6e:33:64:55:98:af:9e:1a:9a:f8:55:37:db:42:
6e:32:8f:4a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVZiEzl0oqFIz5zallFsLMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjI4MTYxOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmIzMDZiMGM2Mzk1MjFmOTU1NWJhYzQ0ODdlY2E5YTljODAyMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73GvfAxIVXBXamGmk1Zf7m/pbJLW
240p/0mTNa43E5Joz/wGfsu7vb5fcFVvEwfOb6DD6VxudDRs9OCTAIoZBbJ9GSrO
38PvWQx0luc10f5aibzE5YsZM9ysTIMP6Uo4181YEpYk0223xcuVXoxgSRmedECL
/vVpI3SiGU+S32PHzg6fu52Uwwx1348jWDxWhBR7YYNg3hN0xtyvNpMz+xKYGHOk
WWpNiuGT39fgKMMD4B+MWo4bV/khC/kjDdGNt6QVFE1TYwK6gNJIvZti/o568XSq
aMSpO2RNhctw91QnR4PY8eFPGISC6WNydzmHULAy45ITDpaznnofPzB+iwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJazBrDGOVIflVW6xEh+ypqcgCM3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbHJNR3NNWTVVaC1WVmJyRVNIN0ttcHlBSXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCwldUAwQA
wleXAwQAw4USAwQAw4UmAwQAw4UoAwQA1MAIAwQA1MAeMA0GCSqGSIb3DQEBCwUA
A4IBAQB2f3bGD6eM+V2N3vd+V90he99+b/6NARpYfCBRV+2kPuFW3rnkLwNKEpeP
tpcQZYcCCN1t0JhK1YDUk36oc6U1cGPeKnoHnu9O8Qn65JlzZmwVDwgX1BgdiHf1
857pnRuRetm+xR2QQOlSYezSE0OlpO/NKPgnAPPCp90rW4VM4R0yM2Nt9KDXC5pM
ETTkkdbqeKesC/Jami7KhsEUAjQemQXawidO2mqSB8G0Kx9Y5GQ+XfDV0P4vQHvW
wE0pDzKQOT64WTz5NGY33+pDGNgpmDTQtcuB6G/rvT13Hwv1x0i/fk2W8RpmKo7M
XHu2bjNkVZivnhqa+FU320JuMo9K
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org