Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lrpPH7ZOUrN4idKHH9KXA3avi5Q.roa
File: lrpPH7ZOUrN4idKHH9KXA3avi5Q.roa (raw, json)
Hash identifier: 6NzNlcu8TQiFlz6+x3IzccFZzOD5V8yDyf8brxlrP8M=
Subject key identifier: 96:BA:4F:1F:B6:4E:52:B3:78:89:D2:87:1F:D2:97:03:76:AF:8B:94
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01853A42827F46A73D7C1B2E3670A895965E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lrpPH7ZOUrN4idKHH9KXA3avi5Q.roa
Signing time: Thu 22 Dec 2022 14:35:15 +0000
ROA not before: Thu 22 Dec 2022 14:35:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50321
IP address blocks: 194.135.30.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:42:82:7f:46:a7:3d:7c:1b:2e:36:70:a8:95:96:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 22 14:35:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96ba4f1fb64e52b37889d2871fd2970376af8b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5c:fc:5d:c3:7e:d1:32:69:88:e3:56:71:ac:
22:eb:d1:79:b2:05:a7:1d:38:4c:fe:c5:29:f9:34:
d1:32:ae:73:4f:7b:8d:7e:35:9a:38:45:45:04:20:
0a:e7:34:89:78:c8:89:0c:b2:05:69:17:f9:14:b1:
ff:2f:25:5b:8f:a7:a2:72:5b:e7:32:ed:55:fc:5b:
01:6e:e8:8c:9f:83:7f:7d:e9:68:df:e3:a3:ad:6b:
57:b6:da:c8:72:64:d9:d1:a8:52:eb:57:dc:16:a2:
f0:9a:15:b7:99:15:15:ca:6c:39:14:e8:2e:77:62:
dc:db:12:1c:20:06:66:9c:2f:8a:59:59:5b:81:72:
cb:c9:96:b0:d7:3b:b0:86:d2:67:30:40:c0:80:11:
9f:ca:17:a4:3d:15:d8:ba:eb:f4:0c:1d:c5:37:10:
68:88:df:26:f3:4b:60:2f:17:38:39:30:1a:90:7c:
c1:26:d6:fc:0f:27:72:b1:7a:23:32:12:e8:e6:da:
14:1c:44:87:61:5e:99:ac:ec:93:9d:3a:79:f5:22:
03:c8:a8:7d:2f:cd:22:24:05:2b:e7:d4:28:93:65:
86:dd:d3:da:55:b0:6b:61:08:91:f9:97:10:76:1f:
c3:72:9e:58:08:01:da:46:d1:7d:73:06:32:0e:9d:
75:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BA:4F:1F:B6:4E:52:B3:78:89:D2:87:1F:D2:97:03:76:AF:8B:94
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lrpPH7ZOUrN4idKHH9KXA3avi5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.30.0/24
212.192.0.0/24
Signature Algorithm: sha256WithRSAEncryption
11:46:0e:91:2f:4c:6a:76:dd:2b:12:5a:26:97:03:d4:64:56:
4b:b8:e2:d8:fa:21:5d:93:a8:c4:2d:1c:7e:a1:4f:a4:cc:1f:
98:79:97:78:c1:d1:57:f0:a0:5d:15:52:5b:5a:3d:53:bb:e0:
b0:d2:12:d9:56:04:fd:d7:a4:23:1f:b7:1a:6f:69:20:8d:37:
00:3c:f8:94:6b:2a:70:1f:c2:42:16:1d:1a:be:23:aa:aa:be:
e5:72:aa:db:1d:31:18:b1:9e:6c:89:4d:96:87:29:9e:6b:af:
02:d0:b1:67:42:47:e4:4a:2d:c3:fe:39:41:fd:0c:7f:c6:64:
83:26:47:b8:c9:ef:7c:4e:d2:59:f0:a6:e7:78:a3:84:22:2c:
e5:c6:a2:8b:ef:74:5c:8c:55:f6:08:f6:29:86:6e:01:0d:f4:
37:55:93:b0:25:32:6f:e5:70:ae:ec:89:63:f6:ae:73:d4:69:
44:8c:91:d5:b9:d8:a3:90:0f:cb:ae:21:f5:36:cf:ff:c5:09:
05:be:0c:0b:bc:55:ba:c7:3f:1a:42:bb:7e:be:46:5a:5b:cc:
fb:8b:54:94:10:f8:98:1b:76:42:e0:86:76:63:11:b4:45:58:
a5:81:f5:60:4f:6d:55:50:b9:6d:6d:be:8c:ba:a1:ba:68:03:
2e:8f:34:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU6QoJ/Rqc9fBsuNnColZZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIyMTQzNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJhNGYxZmI2NGU1MmIzNzg4OWQyODcxZmQyOTcwMzc2YWY4Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilz8XcN+0TJpiONWcawi69F5sgWn
HThM/sUp+TTRMq5zT3uNfjWaOEVFBCAK5zSJeMiJDLIFaRf5FLH/LyVbj6eiclvn
Mu1V/FsBbuiMn4N/felo3+OjrWtXttrIcmTZ0ahS61fcFqLwmhW3mRUVymw5FOgu
d2Lc2xIcIAZmnC+KWVlbgXLLyZaw1zuwhtJnMEDAgBGfyhekPRXYuuv0DB3FNxBo
iN8m80tgLxc4OTAakHzBJtb8DydysXojMhLo5toUHESHYV6ZrOyTnTp59SIDyKh9
L80iJAUr59Qok2WG3dPaVbBrYQiR+ZcQdh/Dcp5YCAHaRtF9cwYyDp11XQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJa6Tx+2TlKzeInShx/SlwN2r4uUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbHJwUEg3Wk9Vck40aWRLSEg5S1hBM2F2aTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwoceAwQA
1MAAMA0GCSqGSIb3DQEBCwUAA4IBAQARRg6RL0xqdt0rElomlwPUZFZLuOLY+iFd
k6jELRx+oU+kzB+YeZd4wdFX8KBdFVJbWj1Tu+Cw0hLZVgT916QjH7cab2kgjTcA
PPiUaypwH8JCFh0aviOqqr7lcqrbHTEYsZ5siU2Whymea68C0LFnQkfkSi3D/jlB
/Qx/xmSDJke4ye98TtJZ8KbneKOEIizlxqKL73RcjFX2CPYphm4BDfQ3VZOwJTJv
5XCu7Ilj9q5z1GlEjJHVudijkA/LriH1Ns//xQkFvgwLvFW6xz8aQrt+vkZaW8z7
i1SUEPiYG3ZC4IZ2YxG0RVilgfVgT21VULltbb6MuqG6aAMujzQ1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:10 2023 by rpki-client on console-fra.rpki-client.org