Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o5ssYhYzHbFe6_RKf7R8wCJxbVo.roa
File: o5ssYhYzHbFe6_RKf7R8wCJxbVo.roa (raw, json)
Hash identifier: IMFc1KsdIZUeqlgXsfIDbMrtpgQQi2s9l+ATzrEK91g=
Subject key identifier: A3:9B:2C:62:16:33:1D:B1:5E:EB:F4:4A:7F:B4:7C:C0:22:71:6D:5A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182357BD8451F6C8EDB8F70E2F57293261F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o5ssYhYzHbFe6_RKf7R8wCJxbVo.roa
Signing time: Mon 25 Jul 2022 13:11:24 +0000
ROA not before: Mon 25 Jul 2022 13:11:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.32.0/22 maxlen: 24
194.87.166.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.116.0/22 maxlen: 24
194.135.124.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:35:7b:d8:45:1f:6c:8e:db:8f:70:e2:f5:72:93:26:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 25 13:11:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a39b2c6216331db15eebf44a7fb47cc022716d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:80:88:29:a6:c9:73:7c:ac:fd:09:a0:aa:22:
10:4b:ac:36:c5:b5:50:70:0e:4e:de:ef:79:5c:0c:
bb:9c:01:70:e9:23:af:9d:fd:89:d2:09:38:85:3f:
66:b8:81:0f:98:c2:6b:95:eb:37:17:6c:af:97:bc:
a3:3f:89:6c:89:d0:b1:a5:0a:e6:86:95:13:f0:1e:
3a:53:71:8d:53:92:99:ca:c3:9b:29:a0:f9:19:fa:
f0:e8:a1:b9:2f:16:7c:38:f8:4e:3d:35:ae:22:ee:
27:4d:ca:e3:b1:b7:ed:2f:b6:b1:1c:c2:5b:a9:73:
7a:23:07:26:b7:2c:50:b2:17:b6:d9:af:9f:43:22:
d3:a4:c4:94:23:70:2d:af:de:90:89:a6:b5:95:a0:
98:34:ff:e4:2e:b6:86:d8:07:fd:ad:cf:02:c3:79:
a3:73:98:81:28:60:98:77:01:02:db:8b:8f:36:c0:
d1:25:b6:cb:83:d0:81:f1:02:90:c4:15:87:96:fc:
bf:10:85:2c:0c:b5:74:de:11:d1:3e:6a:fe:10:19:
47:60:8b:91:5d:6d:64:a4:2d:a4:13:f3:24:c8:bd:
15:7c:c4:71:59:e1:e1:cc:98:0d:25:c5:8f:d9:f2:
cf:90:94:59:de:13:eb:86:9d:2b:65:75:58:9c:45:
88:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:9B:2C:62:16:33:1D:B1:5E:EB:F4:4A:7F:B4:7C:C0:22:71:6D:5A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o5ssYhYzHbFe6_RKf7R8wCJxbVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.203.0/24
194.87.1.0/24
194.87.32.0/22
194.87.64.0/24
194.87.116.0/22
194.87.166.0/24
194.87.179.0/24
194.135.23.0/24
194.135.124.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
79:78:03:88:0e:d7:76:96:b1:74:03:dd:5e:e7:0e:16:11:e8:
d8:74:84:20:52:54:eb:af:89:24:d6:22:f4:c1:2d:92:8e:28:
1d:e4:32:b8:9d:ba:68:60:b0:d3:7e:22:04:9a:5f:98:6c:07:
22:8c:75:71:8f:71:63:fe:90:f3:04:31:20:0d:28:19:31:43:
68:b4:09:68:67:5b:0e:7c:82:36:44:c1:4c:2f:61:7a:4a:4a:
7b:9f:dd:21:04:27:26:e5:17:11:6f:1e:00:97:66:a2:13:ad:
7a:1e:49:a9:11:22:fe:80:b9:b5:04:35:e6:ef:c1:cd:9a:10:
dd:63:6e:44:08:61:30:c5:48:fc:5d:bd:1a:c8:8e:7b:3c:34:
d8:ee:f4:93:c4:80:fc:47:05:7c:68:18:9f:b4:0c:c3:b4:87:
a3:ec:e3:28:9e:8c:a3:40:a5:ae:db:ed:8c:9b:36:ef:ae:85:
50:d7:90:50:20:0e:79:f9:0b:8e:31:15:61:41:54:4c:d1:78:
1e:ea:e5:16:e3:d9:64:c9:dc:c3:54:93:b0:c5:11:90:c1:ed:
6e:36:3e:4e:9e:62:63:62:da:9a:58:f7:4e:9b:79:c0:c0:db:
7b:9d:e7:b8:f1:40:40:a8:0d:ef:c8:5d:b2:8e:c2:60:3d:40:
b1:26:58:cd
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYI1e9hFH2yO249w4vVykyYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzI1MTMxMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzliMmM2MjE2MzMxZGIxNWVlYmY0NGE3ZmI0N2NjMDIyNzE2ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4CIKabJc3ys/QmgqiIQS6w2xbVQ
cA5O3u95XAy7nAFw6SOvnf2J0gk4hT9muIEPmMJrles3F2yvl7yjP4lsidCxpQrm
hpUT8B46U3GNU5KZysObKaD5Gfrw6KG5LxZ8OPhOPTWuIu4nTcrjsbftL7axHMJb
qXN6IwcmtyxQshe22a+fQyLTpMSUI3Atr96Qiaa1laCYNP/kLraG2Af9rc8Cw3mj
c5iBKGCYdwEC24uPNsDRJbbLg9CB8QKQxBWHlvy/EIUsDLV03hHRPmr+EBlHYIuR
XW1kpC2kE/MkyL0VfMRxWeHhzJgNJcWP2fLPkJRZ3hPrhp0rZXVYnEWINQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFKObLGIWMx2xXuv0Sn+0fMAicW1aMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbzVzc1loWXpIYkZlNl9SS2Y3Ujh3Q0p4YlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwHytAwQA
wHyyAwQCwHy0AwQCwHy8AwQAwHzRAwQAwXzLAwQAwlcBAwQCwlcgAwQAwldAAwQC
wld0AwQAwlemAwQAwlezAwQAwocXAwQAwod8AwQA1MEOMA0GCSqGSIb3DQEBCwUA
A4IBAQB5eAOIDtd2lrF0A91e5w4WEejYdIQgUlTrr4kk1iL0wS2Sjigd5DK4nbpo
YLDTfiIEml+YbAcijHVxj3Fj/pDzBDEgDSgZMUNotAloZ1sOfII2RMFML2F6Skp7
n90hBCcm5RcRbx4Al2aiE616HkmpESL+gLm1BDXm78HNmhDdY25ECGEwxUj8Xb0a
yI57PDTY7vSTxID8RwV8aBiftAzDtIej7OMonoyjQKWu2+2MmzbvroVQ15BQIA55
+QuOMRVhQVRM0Xge6uUW49lkydzDVJOwxRGQwe1uNj5OnmJjYtqaWPdOm3nAwNt7
nee48UBAqA3vyF2yjsJgPUCxJljN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:11 2023 by rpki-client on console-fra.rpki-client.org