Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ndhuogUCrx5FoD3m4oARuhugMYI.roa
File: ndhuogUCrx5FoD3m4oARuhugMYI.roa (raw, json)
Hash identifier: MYRP06eQKk+iz0Wq+ZZRQRDPW+rR+2KlqFAqMQc6X5s=
Subject key identifier: 9D:D8:6E:A2:05:02:AF:1E:45:A0:3D:E6:E2:80:11:BA:1B:A0:31:82
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182EA8CBBDE48A535E14162A8AD07DB6FD9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ndhuogUCrx5FoD3m4oARuhugMYI.roa
Signing time: Mon 29 Aug 2022 17:01:07 +0000
ROA not before: Mon 29 Aug 2022 17:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
195.133.12.0/22 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:8c:bb:de:48:a5:35:e1:41:62:a8:ad:07:db:6f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 29 17:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dd86ea20502af1e45a03de6e28011ba1ba03182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:84:e7:57:3d:cb:aa:b8:a4:88:7f:22:86:fb:
1f:f2:2d:28:ad:bc:5c:df:59:74:47:30:9e:11:ea:
0f:06:aa:b6:dd:80:57:05:a9:a2:1b:19:b1:b9:6b:
1b:34:32:60:fa:49:9f:ff:18:bb:50:d6:84:12:cc:
69:f0:37:e9:44:1c:71:6d:51:54:9a:fb:97:1e:75:
bb:18:5b:63:35:6f:ac:b4:1d:5a:a0:84:8a:27:5a:
cc:88:17:a8:c4:b8:7f:e5:7d:98:5b:8b:45:f9:27:
76:3b:f1:05:26:8e:e7:35:a1:9d:11:2d:0b:8b:84:
93:e5:19:dd:c4:87:d4:da:f4:aa:cf:57:3d:59:df:
0f:c5:3b:5e:49:65:9c:79:6c:46:f0:07:63:26:d9:
91:23:f7:ec:cc:f1:28:d2:93:73:e2:2e:a9:67:67:
c3:3a:1b:11:66:a5:4c:f0:84:83:78:7b:d8:2f:f7:
6e:da:fc:4a:62:23:88:77:69:42:80:cf:5e:5b:62:
e3:11:57:10:12:62:74:09:af:74:b9:a7:83:48:53:
8f:57:0a:7c:e5:86:2c:1a:08:0b:38:57:4c:7d:d5:
c5:13:40:91:0a:fe:f3:fa:14:66:69:35:9b:b7:d3:
31:a8:46:68:17:5f:31:08:78:c3:4c:2b:34:04:5e:
49:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D8:6E:A2:05:02:AF:1E:45:A0:3D:E6:E2:80:11:BA:1B:A0:31:82
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ndhuogUCrx5FoD3m4oARuhugMYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.203.0/24
194.87.1.0/24
194.87.24.0/22
194.87.179.0/24
194.87.219.0/24
194.87.222.0/23
194.135.23.0/24
195.133.12.0/22
195.133.55.0/24
195.133.80.0/24
Signature Algorithm: sha256WithRSAEncryption
06:b6:f4:90:0b:ca:cd:dc:5d:24:b2:f2:c2:09:45:56:ee:26:
c7:ce:48:03:82:49:dd:3b:17:5e:cb:40:27:e8:bd:55:d3:96:
1e:67:f7:3f:a7:b0:6f:ab:91:73:2e:0f:79:55:15:74:cf:6b:
84:ab:05:14:c7:93:51:e4:88:66:bd:85:25:4d:3d:e4:74:97:
25:cc:83:83:26:bf:c0:de:58:8c:3a:f4:6c:c5:98:5b:9c:ae:
eb:73:1e:d3:51:08:5d:fa:fd:1a:05:f2:a7:fb:97:b4:3f:8f:
3d:05:b9:53:e6:6f:e6:6b:a6:bb:bb:20:23:f5:6e:31:26:6f:
51:14:51:25:6d:8b:1a:b9:ea:5c:7f:8d:22:39:8a:c5:15:a6:
5b:0e:3c:91:e5:7b:41:b0:11:e9:7e:80:c0:34:9f:da:4a:cb:
d5:70:f5:69:1e:35:df:a2:c3:a3:25:b0:dd:5c:5f:b6:c2:35:
fe:d2:24:02:cd:0d:ca:c6:97:cf:dc:42:b2:9b:3e:d4:aa:c5:
bc:fa:93:e6:5c:ce:7f:6c:bd:83:2c:79:94:50:b4:e5:f6:e1:
d0:58:bd:81:8f:19:ef:6a:69:80:9b:d1:8e:03:f1:93:af:ac:
0b:93:f1:36:e5:da:5b:e5:0d:14:c6:1b:63:1e:d8:43:24:57:
ab:e7:c4:a7
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYLqjLveSKU14UFiqK0H22/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODI5MTcwMTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ4NmVhMjA1MDJhZjFlNDVhMDNkZTZlMjgwMTFiYTFiYTAzMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYTnVz3LqrikiH8ihvsf8i0orbxc
31l0RzCeEeoPBqq23YBXBamiGxmxuWsbNDJg+kmf/xi7UNaEEsxp8DfpRBxxbVFU
mvuXHnW7GFtjNW+stB1aoISKJ1rMiBeoxLh/5X2YW4tF+Sd2O/EFJo7nNaGdES0L
i4ST5RndxIfU2vSqz1c9Wd8PxTteSWWceWxG8AdjJtmRI/fszPEo0pNz4i6pZ2fD
OhsRZqVM8ISDeHvYL/du2vxKYiOId2lCgM9eW2LjEVcQEmJ0Ca90uaeDSFOPVwp8
5YYsGggLOFdMfdXFE0CRCv7z+hRmaTWbt9MxqEZoF18xCHjDTCs0BF5JQwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFJ3YbqIFAq8eRaA95uKAEboboDGCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbmRodW9nVUNyeDVGb0QzbTRvQVJ1aHVnTVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAwHytAwQA
wHyyAwQCwHy0AwQCwHy8AwQAwHzRAwQAwXwDAwQAwXzLAwQAwlcBAwQCwlcYAwQA
wlezAwQAwlfbAwQBwlfeAwQAwocXAwQCw4UMAwQAw4U3AwQAw4VQMA0GCSqGSIb3
DQEBCwUAA4IBAQAGtvSQC8rN3F0ksvLCCUVW7ibHzkgDgkndOxdey0An6L1V05Ye
Z/c/p7Bvq5FzLg95VRV0z2uEqwUUx5NR5IhmvYUlTT3kdJclzIODJr/A3liMOvRs
xZhbnK7rcx7TUQhd+v0aBfKn+5e0P489BblT5m/ma6a7uyAj9W4xJm9RFFElbYsa
uepcf40iOYrFFaZbDjyR5XtBsBHpfoDANJ/aSsvVcPVpHjXfosOjJbDdXF+2wjX+
0iQCzQ3KxpfP3EKymz7UqsW8+pPmXM5/bL2DLHmUULTl9uHQWL2BjxnvammAm9GO
A/GTr6wLk/E25dpb5Q0UxhtjHthDJFer58Sn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org