Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oYGsC3R5ugxSWFhDVZbY5DZHVV8.roa
File: oYGsC3R5ugxSWFhDVZbY5DZHVV8.roa (raw, json)
Hash identifier: f8wSIBMNga0CBBDjwD39Qm0IWlV2SeVwrjg9QzhMPAI=
Subject key identifier: A1:81:AC:0B:74:79:BA:0C:52:58:58:43:55:96:D8:E4:36:47:55:5F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0FCFA206
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oYGsC3R5ugxSWFhDVZbY5DZHVV8.roa
Signing time: Fri 13 May 2022 07:55:03 +0000
ROA not before: Fri 13 May 2022 07:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 194.87.216.0/24 maxlen: 24
194.87.218.0/24 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
212.192.0.0/21 maxlen: 21
195.133.21.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.25.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265265670 (0xfcfa206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 13 07:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a181ac0b7479ba0c525858435596d8e43647555f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:6a:0f:60:0b:02:52:52:09:21:33:d6:b1:
da:dc:3f:95:4c:6d:e0:5c:c8:9a:77:39:f7:6f:cf:
36:82:05:57:49:72:d2:cc:00:db:cc:be:ea:a5:57:
76:de:f0:e0:1c:cd:b8:82:27:43:0f:3b:5e:0a:a9:
ff:e3:bd:4d:71:0b:0e:15:c9:03:af:6c:f9:e4:cc:
3d:4a:14:fb:2c:e0:07:6e:fc:51:54:48:e4:47:bb:
79:0b:7b:2c:86:9b:0b:b2:97:b5:2a:f0:4e:1c:20:
c9:ee:f3:b8:c8:6e:27:3e:9a:ce:cb:4b:d9:a5:c3:
0a:d2:20:25:a6:7c:7a:7b:55:49:1d:a8:08:04:95:
b6:0f:db:4f:e3:d7:51:b1:09:35:42:49:05:f6:a5:
a6:19:c9:f3:c0:33:39:b2:12:fa:1b:cf:38:47:04:
0f:75:4e:47:b1:f6:3b:2f:49:4f:41:b0:1d:6a:68:
e7:9d:0d:b6:3a:c0:a7:4e:51:07:a4:9b:b7:71:47:
58:4a:30:61:46:3d:63:42:d3:42:17:86:71:65:d5:
3b:7b:55:80:b5:11:07:cc:52:2e:c6:54:b3:18:6e:
9e:1b:35:d1:98:d3:74:09:7d:b0:a5:3f:e0:7c:70:
5a:ed:f3:85:f4:0c:66:a4:79:87:f5:4e:57:ce:3a:
f1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:81:AC:0B:74:79:BA:0C:52:58:58:43:55:96:D8:E4:36:47:55:5F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oYGsC3R5ugxSWFhDVZbY5DZHVV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.31.0/24
194.87.36.0/22
194.87.216.0/24
194.87.218.0/24
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.0.0/21
212.192.14.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:9b:a3:d3:37:39:04:dc:a3:f1:7c:72:96:9b:d1:67:24:92:
6b:f2:76:f6:44:68:09:9c:d0:19:fe:de:d3:ac:86:16:8f:46:
d8:5c:2c:0d:27:be:54:ed:32:6f:cd:80:e3:45:d1:db:1e:df:
77:ac:8f:38:57:40:1c:7a:66:b8:6a:a9:41:be:e1:cb:1d:7c:
23:f9:d0:5f:b9:91:c4:7f:3e:e7:0a:91:80:46:51:57:ba:7a:
14:55:9c:2b:09:51:a9:66:d5:af:9f:70:22:3b:85:c0:31:82:
25:62:8a:40:49:5b:75:f5:39:95:d9:9f:4b:52:f8:eb:5c:65:
34:90:c7:b7:9f:4d:e4:b0:71:5f:71:bd:28:90:5e:65:45:92:
67:1b:20:7d:df:8f:bd:c2:c4:19:56:69:78:b9:95:f0:fa:97:
9d:c7:6c:9b:a4:0e:fe:8b:5a:86:5d:f1:24:40:51:41:e9:bd:
dc:15:3b:a8:d9:3f:ee:ed:cc:be:1e:9e:0a:89:5a:2a:27:b4:
77:e4:9a:1d:55:c4:63:27:79:c0:c7:c0:e7:0d:1b:6d:55:92:
36:5b:c0:b7:ef:55:47:b6:1b:41:e1:23:db:33:4b:6f:38:a0:
b4:8d:ef:22:fd:86:35:ff:35:a8:94:36:fd:cc:4d:53:14:28:
5f:d6:a5:69
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIED8+iBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDUx
MzA3NTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE4MWFjMGI3NDc5
YmEwYzUyNTg1ODQzNTU5NmQ4ZTQzNjQ3NTU1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSpag9gCwJSUgkhM9ax2tw/lUxt4FzImnc592/PNoIFV0ly
0swA28y+6qVXdt7w4BzNuIInQw87Xgqp/+O9TXELDhXJA69s+eTMPUoU+yzgB278
UVRI5Ee7eQt7LIabC7KXtSrwThwgye7zuMhuJz6azstL2aXDCtIgJaZ8entVSR2o
CASVtg/bT+PXUbEJNUJJBfalphnJ88AzObIS+hvPOEcED3VOR7H2Oy9JT0GwHWpo
550NtjrAp05RB6Sbt3FHWEowYUY9Y0LTQheGcWXVO3tVgLURB8xSLsZUsxhunhs1
0ZjTdAl9sKU/4HxwWu3zhfQMZqR5h/VOV8468fECAwEAAaOCAnIwggJuMB0GA1Ud
DgQWBBShgawLdHm6DFJYWENVltjkNkdVXzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L29ZR3NDM1I1dWd4U1dGaERWWmJZNURaSFZWOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hwYIKwYBBQUHAQcBAf8EeDB2MHQEAgABMG4DBADBbHADBADCVx8DBALCVyQDBADC
V9gDBADCV9oDBADCV+EDBADChyADBADChyYDBADCh2gDBADDhQkDBADDhRUwDAME
AMOFGQMEAsOFGAMEAMOFNwMEAMOFOwMEA9TAAAMEANTADgMEANTBAjANBgkqhkiG
9w0BAQsFAAOCAQEAS5uj0zc5BNyj8XxylpvRZySSa/J29kRoCZzQGf7e06yGFo9G
2FwsDSe+VO0yb82A40XR2x7fd6yPOFdAHHpmuGqpQb7hyx18I/nQX7mRxH8+5wqR
gEZRV7p6FFWcKwlRqWbVr59wIjuFwDGCJWKKQElbdfU5ldmfS1L461xlNJDHt59N
5LBxX3G9KJBeZUWSZxsgfd+PvcLEGVZpeLmV8PqXncdsm6QO/otahl3xJEBRQem9
3BU7qNk/7u3Mvh6eColaKie0d+SaHVXEYyd5wMfA5w0bbVWSNlvAt+9VR7YbQeEj
2zNLbzigtI3vIv2GNf81qJQ2/cxNUxQoX9alaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org