Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mVG8YOE2UpbA3bJn4doj8kuJ8XM.roa
File: mVG8YOE2UpbA3bJn4doj8kuJ8XM.roa (raw, json)
Hash identifier: YLKAwTgTOe+wFOVlM8F3hKLp3TEA9d9UFF8i3sYnKww=
Subject key identifier: 99:51:BC:60:E1:36:52:96:C0:DD:B2:67:E1:DA:23:F2:4B:89:F1:73
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183E6327E09B85DD55C6C2E6D4E1FF39BBD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mVG8YOE2UpbA3bJn4doj8kuJ8XM.roa
Signing time: Mon 17 Oct 2022 13:46:52 +0000
ROA not before: Mon 17 Oct 2022 13:46:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 194.87.123.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:32:7e:09:b8:5d:d5:5c:6c:2e:6d:4e:1f:f3:9b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 17 13:46:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9951bc60e1365296c0ddb267e1da23f24b89f173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e7:4e:f0:34:89:34:ce:e5:bf:21:59:40:74:
09:91:a5:fe:b3:a4:0d:b5:94:04:6c:c4:6f:82:95:
0b:85:bb:b9:83:7e:bc:82:60:39:f2:ee:97:a2:ae:
df:c0:c7:5a:e1:f1:66:80:65:55:3d:5a:cf:78:f5:
83:47:4c:3d:e0:14:25:63:2a:4b:4f:8f:9f:e2:53:
96:e2:96:c4:e7:23:d9:4d:9a:cd:d8:45:bb:ed:d3:
7b:3e:69:bf:54:2b:78:a4:0a:d7:6b:59:bf:67:f5:
94:aa:35:29:b6:bb:3c:5f:c6:e0:d6:82:5f:4b:6e:
8a:d2:44:42:d8:1e:29:40:8c:a4:55:7d:52:6f:70:
5f:e4:12:01:02:b8:21:ce:0e:67:b3:31:fa:1c:9e:
3e:38:cc:68:04:38:08:5e:e2:c4:2f:ab:d5:b7:88:
2c:64:4f:4e:b9:47:b5:9d:24:88:50:52:e9:54:37:
41:2f:56:e9:f9:c8:6a:0e:bb:ca:f6:c5:e5:d2:a0:
8d:cb:28:28:99:3f:f4:8c:4c:d4:c1:ef:18:60:c2:
30:98:a4:5b:0f:e6:d5:99:41:79:6a:83:57:0f:ea:
4f:63:16:00:3a:f8:51:03:8b:37:3c:ed:83:ba:af:
14:06:3c:d9:2d:be:94:da:db:68:05:9d:ef:89:72:
41:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:51:BC:60:E1:36:52:96:C0:DD:B2:67:E1:DA:23:F2:4B:89:F1:73
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mVG8YOE2UpbA3bJn4doj8kuJ8XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0-193.124.46.255
194.58.43.0/24
194.87.123.0/24
194.87.191.0/24
212.192.6.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f3:dd:a4:d1:bc:4b:55:e0:8f:28:59:cd:9c:28:77:06:e4:
7f:3c:3d:c1:ba:84:18:b5:db:12:92:d9:fd:34:92:ed:21:d8:
e1:a1:18:04:58:2d:52:14:d3:23:bb:b8:f9:e0:70:62:61:0e:
b7:0a:17:b2:b6:37:23:da:c5:00:bc:ce:6a:c8:5f:a9:f2:c2:
c8:89:23:ab:3f:dc:13:d2:3e:db:f0:18:4b:66:6a:ea:29:bd:
eb:d5:62:27:6e:46:d8:17:82:ea:57:6b:e5:85:e8:7f:06:8b:
e8:10:0a:d8:40:80:b9:72:fa:4f:8d:9a:80:af:49:98:e0:55:
6d:8c:5d:7f:b6:9d:3a:cf:53:99:30:a0:40:df:46:09:22:06:
2f:76:bf:b2:93:df:c1:ef:dc:94:69:52:22:e8:a9:7c:ca:1c:
ea:01:58:50:d8:fd:82:5c:3f:02:98:e5:3e:79:fe:f8:ac:37:
a3:53:bc:f1:8e:a0:c4:03:5c:ef:a4:6b:9d:d3:06:0a:9a:d8:
fd:31:80:91:44:d5:3a:b1:81:62:89:27:2b:af:b7:c2:30:df:
bc:2c:41:95:ad:37:1f:92:e6:37:bc:8c:7c:a7:ec:5b:2b:06:
cc:17:b1:de:17:48:90:cf:c8:52:27:c4:50:23:95:6e:03:c0:
6b:5f:e0:b7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYPmMn4JuF3VXGwubU4f85u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE3MTM0NjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTUxYmM2MGUxMzY1Mjk2YzBkZGIyNjdlMWRhMjNmMjRiODlmMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+dO8DSJNM7lvyFZQHQJkaX+s6QN
tZQEbMRvgpULhbu5g368gmA58u6Xoq7fwMda4fFmgGVVPVrPePWDR0w94BQlYypL
T4+f4lOW4pbE5yPZTZrN2EW77dN7Pmm/VCt4pArXa1m/Z/WUqjUptrs8X8bg1oJf
S26K0kRC2B4pQIykVX1Sb3Bf5BIBArghzg5nszH6HJ4+OMxoBDgIXuLEL6vVt4gs
ZE9OuUe1nSSIUFLpVDdBL1bp+chqDrvK9sXl0qCNyygomT/0jEzUwe8YYMIwmKRb
D+bVmUF5aoNXD+pPYxYAOvhRA4s3PO2Duq8UBjzZLb6U2ttoBZ3viXJBqwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJlRvGDhNlKWwN2yZ+HaI/JLifFzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbVZHOFlPRTJVcGJBM2JKbjRkb2o4a3VKOFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBADBfC0D
BADBfC4DBADCOisDBADCV3sDBADCV78DBADUwAYDBADUwQYwDQYJKoZIhvcNAQEL
BQADggEBAGvz3aTRvEtV4I8oWc2cKHcG5H88PcG6hBi12xKS2f00ku0h2OGhGARY
LVIU0yO7uPngcGJhDrcKF7K2NyPaxQC8zmrIX6nywsiJI6s/3BPSPtvwGEtmauop
vevVYiduRtgXgupXa+WF6H8Gi+gQCthAgLly+k+NmoCvSZjgVW2MXX+2nTrPU5kw
oEDfRgkiBi92v7KT38Hv3JRpUiLoqXzKHOoBWFDY/YJcPwKY5T55/visN6NTvPGO
oMQDXO+ka53TBgqa2P0xgJFE1TqxgWKJJyuvt8Iw37wsQZWtNx+S5je8jHyn7Fsr
BswXsd4XSJDPyFInxFAjlW4DwGtf4Lc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org