Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mas1vsDnPwibRothloIMTA2amfk.roa
File: mas1vsDnPwibRothloIMTA2amfk.roa (raw, json)
Hash identifier: I+BuPRBRnZQE4cuCt6jX/bBk4eIbz4zgH+KjCMQcqhw=
Subject key identifier: 99:AB:35:BE:C0:E7:3F:08:9B:46:8B:61:96:82:0C:4C:0D:9A:99:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0EAE3AC1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mas1vsDnPwibRothloIMTA2amfk.roa
Signing time: Fri 11 Feb 2022 08:46:41 +0000
ROA not before: Fri 11 Feb 2022 08:46:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.22.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.32.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
212.192.0.0/21 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.25.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
194.87.114.0/23 maxlen: 24
194.87.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246299329 (0xeae3ac1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 11 08:46:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99ab35bec0e73f089b468b6196820c4c0d9a99f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0b:dc:49:4c:44:bd:a4:53:d4:c6:f1:35:5c:
90:df:55:17:49:01:00:d7:d1:ad:fb:fe:98:1d:bf:
85:7f:8b:2f:55:b9:ea:1b:64:4c:cf:77:76:9d:3f:
d5:33:f2:80:b0:86:60:42:17:0a:95:a8:1d:e7:a6:
47:d7:66:c2:3f:45:42:b3:f9:ed:aa:4b:c6:74:1e:
74:64:3f:cf:61:9c:f1:88:ee:09:a2:6f:38:61:21:
af:f3:7a:36:9c:41:fa:f5:30:eb:59:3d:7c:73:54:
1c:3d:e4:37:9a:29:88:15:b2:46:cc:32:be:96:34:
63:86:c2:e4:cf:d8:82:7a:e1:19:87:94:4c:72:c7:
5b:fb:3b:3d:2e:54:e7:9c:95:c3:84:69:c1:ac:a7:
bc:ec:65:e4:3a:58:10:62:b9:fd:6a:61:d6:20:02:
80:e5:e1:c5:cc:18:8d:cc:3a:46:41:48:2a:74:56:
6c:58:93:77:3c:14:68:f4:02:26:60:f2:47:cb:e7:
46:7e:6c:9a:49:82:44:b2:b3:f5:c2:a5:3f:b9:4d:
04:17:95:59:8f:a0:aa:3f:7d:af:3b:58:72:52:41:
8f:15:08:c3:69:bf:2e:3d:aa:20:68:32:be:a4:b1:
02:cc:a2:1c:26:1f:8f:fd:8e:64:9a:5d:25:a6:0a:
26:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:AB:35:BE:C0:E7:3F:08:9B:46:8B:61:96:82:0C:4C:0D:9A:99:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mas1vsDnPwibRothloIMTA2amfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.22.0/24
194.87.36.0/22
194.87.72.0/22
194.87.114.0/23
194.87.118.0/23
194.135.32.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.0.0/21
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:57:7c:27:19:f9:f6:89:af:3f:22:b0:ba:16:b9:00:3b:1e:
9e:4e:59:82:f4:80:b4:83:16:39:f8:5d:55:0a:6b:9e:76:77:
41:3a:6e:f6:0d:7d:bd:19:4f:8e:36:09:e2:96:b7:68:e3:2e:
94:0a:41:b6:62:24:be:a4:6e:50:cf:d2:65:d3:b4:22:4e:00:
4b:9d:2f:df:94:d8:b6:ce:bd:47:9a:8a:fc:43:a7:2f:6d:28:
98:58:e1:a0:f0:b9:3f:30:f7:90:cb:73:b8:60:9f:2b:32:99:
16:cb:d0:3b:49:4d:45:96:8f:3c:af:2a:ec:63:32:b0:6c:ee:
29:52:0b:76:a0:76:9a:d4:32:1c:74:99:8d:8e:af:78:d0:5b:
d2:0b:e0:58:49:ad:eb:1c:f4:a9:0f:03:a3:fc:a1:6f:94:9d:
df:d0:f4:1b:a7:e8:80:46:9b:5e:d3:4e:0d:ce:f0:8d:6f:27:
30:9e:28:04:dd:bd:04:13:76:d6:fd:ef:ff:6c:d6:28:4b:d8:
16:7d:44:ef:41:94:8e:06:94:3b:d1:e0:cf:e7:7d:27:3c:79:
79:fd:7c:9d:20:dc:f9:1b:61:43:3f:c3:ef:ce:13:ff:aa:66:
2a:21:6a:9c:b7:0e:7a:74:99:7f:ae:7f:dd:a7:78:ff:49:38:
c5:e4:e3:98
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEDq46wTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDIx
MTA4NDY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlhYjM1YmVjMGU3
M2YwODliNDY4YjYxOTY4MjBjNGMwZDlhOTlmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJkL3ElMRL2kU9TG8TVckN9VF0kBANfRrfv+mB2/hX+LL1W5
6htkTM93dp0/1TPygLCGYEIXCpWoHeemR9dmwj9FQrP57apLxnQedGQ/z2Gc8Yju
CaJvOGEhr/N6NpxB+vUw61k9fHNUHD3kN5opiBWyRswyvpY0Y4bC5M/YgnrhGYeU
THLHW/s7PS5U55yVw4RpwaynvOxl5DpYEGK5/Wph1iACgOXhxcwYjcw6RkFIKnRW
bFiTdzwUaPQCJmDyR8vnRn5smkmCRLKz9cKlP7lNBBeVWY+gqj99rztYclJBjxUI
w2m/Lj2qIGgyvqSxAsyiHCYfj/2OZJpdJaYKJh0CAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBSZqzW+wOc/CJtGi2GWggxMDZqZ+TAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L21hczF2c0RuUHdpYlJvdGhsb0lNVEEyYW1may5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAMFscAMEAMJXFgMEAsJXJAMEAsJX
SAMEAcJXcgMEAcJXdgMEAMKHIDAMAwQAw4UZAwQCw4UYAwQAw4U3AwQAw4U7AwQD
1MAAAwQA1MECMA0GCSqGSIb3DQEBCwUAA4IBAQAsV3wnGfn2ia8/IrC6FrkAOx6e
TlmC9IC0gxY5+F1VCmuedndBOm72DX29GU+ONgnilrdo4y6UCkG2YiS+pG5Qz9Jl
07QiTgBLnS/flNi2zr1Hmor8Q6cvbSiYWOGg8Lk/MPeQy3O4YJ8rMpkWy9A7SU1F
lo88ryrsYzKwbO4pUgt2oHaa1DIcdJmNjq940FvSC+BYSa3rHPSpDwOj/KFvlJ3f
0PQbp+iARpte004NzvCNbycwnigE3b0EE3bW/e//bNYoS9gWfUTvQZSOBpQ70eDP
530nPHl5/XydINz5G2FDP8PvzhP/qmYqIWqctw56dJl/rn/dp3j/STjF5OOY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org