Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/olFUC8MYetwzxNO6HmlYzfADQMY.roa
File: olFUC8MYetwzxNO6HmlYzfADQMY.roa (raw, json)
Hash identifier: qny0DQOD3ovkrSdUuIRm6kqlD7ZIaVx5Q+zBV39MVmw=
Subject key identifier: A2:51:54:0B:C3:18:7A:DC:33:C4:D3:BA:1E:69:58:CD:F0:03:40:C6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E20E4FA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/olFUC8MYetwzxNO6HmlYzfADQMY.roa
Signing time: Sat 01 Jan 2022 01:58:20 +0000
ROA not before: Sat 01 Jan 2022 01:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208046
IP address blocks: 194.87.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 237036794 (0xe20e4fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a251540bc3187adc33c4d3ba1e6958cdf00340c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c4:75:7b:89:3d:f4:72:3c:1d:30:f8:93:02:
d3:34:d2:28:dc:6e:ef:ef:8e:54:5d:da:49:36:0a:
fa:f2:47:4e:09:72:dd:2e:de:71:6e:2f:21:fc:35:
b0:ef:d4:72:94:d8:a9:11:9d:f6:b4:a3:ae:c5:e4:
1b:8d:c5:45:91:04:7f:11:5f:9e:aa:5b:ed:c8:c8:
dc:56:4f:8c:95:ad:45:04:41:64:bc:2b:7b:3c:ea:
20:42:34:18:07:41:3a:f4:2c:2b:59:78:23:2d:1e:
a3:8c:fb:3e:8e:5d:5a:2c:03:12:bd:4e:10:8e:05:
fe:88:85:ea:48:fb:8e:7e:de:ee:63:3b:6f:31:97:
28:5b:16:fd:82:8c:32:e7:1a:27:1c:14:f6:dc:6c:
be:f1:8c:d3:9e:20:9e:4a:3f:c2:9d:23:d8:22:7c:
b8:50:a1:55:a1:4e:ed:fe:e0:ef:74:ce:3b:28:3f:
5d:32:ac:75:60:ee:8e:4f:99:2b:2c:06:ec:26:97:
f9:21:ce:e4:a2:32:d4:3f:5e:14:42:b7:ff:f9:6b:
d2:e2:a4:3e:d1:a0:e5:a8:2b:47:c6:20:81:7d:d4:
6f:79:f1:35:e0:82:fb:61:67:4d:ab:81:5d:37:43:
ac:18:ba:fc:1a:3e:8e:55:ae:e3:85:39:8d:3d:88:
08:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:51:54:0B:C3:18:7A:DC:33:C4:D3:BA:1E:69:58:CD:F0:03:40:C6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/olFUC8MYetwzxNO6HmlYzfADQMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.14.0/24
Signature Algorithm: sha256WithRSAEncryption
61:a5:d4:13:81:92:35:51:41:e2:48:63:d2:bc:b5:f3:7c:e5:
b9:7e:bc:4f:f3:ab:51:fa:b2:69:89:a9:1f:b1:3c:16:cf:56:
7b:47:5e:ba:e2:b1:7e:98:15:5d:66:f1:8d:ae:95:e5:f6:7b:
c2:ef:25:e6:08:d5:34:15:4a:6e:11:27:f8:c9:21:98:e4:fe:
59:9a:dc:80:4b:2f:ab:d2:49:ef:ad:33:f6:c1:ab:99:ed:fd:
45:a0:c2:0e:ad:88:e0:a6:ba:c3:07:2c:92:2a:86:a3:25:bd:
72:b6:ae:73:a8:52:e3:fd:be:ee:1d:05:a7:51:61:dc:0f:5a:
e2:57:53:53:ba:ea:24:40:56:8c:e0:49:2b:38:40:91:c3:d8:
93:9e:47:2f:ae:dd:6d:05:2d:ea:57:5e:03:87:00:d9:50:b8:
02:11:a6:66:1d:c0:b7:3a:16:7c:eb:ca:c0:47:62:8d:43:b8:
b3:79:f6:00:b1:87:9d:b2:6c:48:4f:66:80:d4:5f:c1:cb:57:
8b:0d:69:87:29:a6:1a:a1:02:cf:1f:ec:94:e4:61:be:69:a4:
e4:31:99:49:f2:4c:1a:3b:cc:4e:40:a4:8f:bb:d6:94:80:f9:
81:c8:1a:04:6a:d5:c7:93:3f:13:42:1f:cd:ae:d9:4d:4a:dc:
ac:ed:3e:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDiDk+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI1MTU0MGJjMzE4
N2FkYzMzYzRkM2JhMWU2OTU4Y2RmMDAzNDBjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTEdXuJPfRyPB0w+JMC0zTSKNxu7++OVF3aSTYK+vJHTgly
3S7ecW4vIfw1sO/UcpTYqRGd9rSjrsXkG43FRZEEfxFfnqpb7cjI3FZPjJWtRQRB
ZLwrezzqIEI0GAdBOvQsK1l4Iy0eo4z7Po5dWiwDEr1OEI4F/oiF6kj7jn7e7mM7
bzGXKFsW/YKMMucaJxwU9txsvvGM054gnko/wp0j2CJ8uFChVaFO7f7g73TOOyg/
XTKsdWDujk+ZKywG7CaX+SHO5KIy1D9eFEK3//lr0uKkPtGg5agrR8YggX3Ub3nx
NeCC+2FnTauBXTdDrBi6/Bo+jlWu44U5jT2ICHsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiUVQLwxh63DPE07oeaVjN8ANAxjAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L29sRlVDOE1ZZXR3enhOTzZIbWxZemZBRFFNWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJXDjANBgkqhkiG9w0BAQsFAAOC
AQEAYaXUE4GSNVFB4khj0ry183zluX68T/OrUfqyaYmpH7E8Fs9We0deuuKxfpgV
XWbxja6V5fZ7wu8l5gjVNBVKbhEn+MkhmOT+WZrcgEsvq9JJ760z9sGrme39RaDC
Dq2I4Ka6wwcskiqGoyW9crauc6hS4/2+7h0Fp1Fh3A9a4ldTU7rqJEBWjOBJKzhA
kcPYk55HL67dbQUt6ldeA4cA2VC4AhGmZh3AtzoWfOvKwEdijUO4s3n2ALGHnbJs
SE9mgNRfwctXiw1phymmGqECzx/slORhvmmk5DGZSfJMGjvMTkCkj7vWlID5gcga
BGrVx5M/E0Ifza7ZTUrcrO0+PA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org