Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ovVRj5MHcnuBp_lq32mQYc8Y56w.roa
File: ovVRj5MHcnuBp_lq32mQYc8Y56w.roa (raw, json)
Hash identifier: zXEvU5I72FccfJj/e9tFMa4EMj5MVeMrAQnVzuI5onI=
Subject key identifier: A2:F5:51:8F:93:07:72:7B:81:A7:F9:6A:DF:69:90:61:CF:18:E7:AC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183D55B0AC6A8557E57E8C8F10584AA0BC6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ovVRj5MHcnuBp_lq32mQYc8Y56w.roa
Signing time: Fri 14 Oct 2022 07:17:37 +0000
ROA not before: Fri 14 Oct 2022 07:17:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212871
IP address blocks: 193.124.49.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d5:5b:0a:c6:a8:55:7e:57:e8:c8:f1:05:84:aa:0b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 07:17:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2f5518f9307727b81a7f96adf699061cf18e7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c4:bb:aa:3d:47:b3:31:07:cc:dc:d9:f4:fe:
28:0a:05:79:2b:f7:da:c4:64:0b:6d:c5:52:e2:bf:
7f:04:ca:8a:4e:f3:30:54:6e:f3:e2:2e:46:9c:8a:
2d:e8:08:36:95:c4:0a:8f:af:45:a6:43:ad:e1:75:
ce:81:70:fc:ca:e7:b4:b3:d7:ec:73:42:c3:74:89:
2b:fc:2f:b1:2c:b5:09:22:6f:d3:6e:97:d8:10:ec:
64:3d:b4:b9:d7:9b:33:d7:56:bf:b6:bf:af:d1:e9:
2e:9a:9f:c3:14:31:03:85:ea:b0:ed:4f:6d:fa:05:
41:a5:13:4b:cb:ba:e4:6f:8f:3b:b7:cc:fe:91:59:
25:df:e6:14:bc:ba:e4:b5:6d:96:46:9e:c6:73:c8:
81:f9:9a:3d:e0:60:a1:2a:81:ed:d8:b2:bf:bd:95:
a2:fc:5b:cc:9a:88:17:5f:b2:74:22:85:9c:a5:33:
61:b9:7a:40:5d:91:06:42:cc:83:87:6b:22:65:7b:
a5:3a:8b:66:84:a2:9f:38:d2:32:68:71:33:05:74:
51:ec:8a:6c:bb:63:ec:8f:bc:aa:aa:c5:c9:df:84:
db:02:e8:96:3c:6b:eb:e1:71:87:39:42:6e:17:b0:
0a:85:bf:bf:32:fe:b8:c1:5c:74:cd:fd:13:b1:9b:
9b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F5:51:8F:93:07:72:7B:81:A7:F9:6A:DF:69:90:61:CF:18:E7:AC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ovVRj5MHcnuBp_lq32mQYc8Y56w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
194.87.61.0/24
194.135.46.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f4:69:08:6b:ce:2d:09:ba:f2:90:c2:9c:4d:9d:36:96:35:
4c:cf:69:48:a7:0c:bc:4d:5f:83:b4:07:dd:68:8e:03:8e:31:
4a:4f:26:e9:12:6b:13:be:2c:ff:cb:a1:b5:79:dc:f5:ba:1c:
5b:0b:15:c5:bc:ac:7d:af:03:de:98:41:14:d5:6b:1a:1e:4c:
54:85:92:3c:fe:37:d0:e2:c4:9c:60:2b:a9:04:0b:b5:af:0c:
aa:d2:de:9f:b0:d8:63:17:84:ff:c3:ba:37:7f:65:35:79:c3:
e8:33:47:14:e9:39:b7:3e:08:68:97:10:d6:22:47:0e:ff:ac:
5a:75:5f:d2:d6:b8:1b:31:4d:84:36:ca:81:18:59:7c:04:b3:
01:80:e1:82:8d:c7:76:14:e8:1f:66:6a:f5:0b:32:ad:72:9e:
3d:63:fc:9d:06:bf:f2:86:fd:c8:c6:3a:67:59:d5:8f:7b:92:
32:03:33:8b:f6:5b:8a:44:60:cf:62:94:5d:9d:bb:d4:f1:dd:
cc:85:07:4a:6e:2f:7b:44:a6:15:7a:3e:0c:85:c8:9a:87:2e:
2f:81:b5:c4:76:ac:50:95:eb:e2:3b:e8:e0:b5:50:a6:a2:25:
f3:bd:e4:f0:da:07:76:d7:32:ed:a7:1f:e2:a7:a9:63:45:89:
12:2b:b0:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPVWwrGqFV+V+jI8QWEqgvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE0MDcxNzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmY1NTE4ZjkzMDc3MjdiODFhN2Y5NmFkZjY5OTA2MWNmMThlN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MS7qj1HszEHzNzZ9P4oCgV5K/fa
xGQLbcVS4r9/BMqKTvMwVG7z4i5GnIot6Ag2lcQKj69FpkOt4XXOgXD8yue0s9fs
c0LDdIkr/C+xLLUJIm/TbpfYEOxkPbS515sz11a/tr+v0ekump/DFDEDheqw7U9t
+gVBpRNLy7rkb487t8z+kVkl3+YUvLrktW2WRp7Gc8iB+Zo94GChKoHt2LK/vZWi
/FvMmogXX7J0IoWcpTNhuXpAXZEGQsyDh2siZXulOotmhKKfONIyaHEzBXRR7Ips
u2Psj7yqqsXJ34TbAuiWPGvr4XGHOUJuF7AKhb+/Mv64wVx0zf0TsZubcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKL1UY+TB3J7gaf5at9pkGHPGOesMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb3ZWUmo1TUhjbnVCcF9scTMybVFZYzhZNTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwxAwQA
wlc9AwQAwocuMA0GCSqGSIb3DQEBCwUAA4IBAQAA9GkIa84tCbrykMKcTZ02ljVM
z2lIpwy8TV+DtAfdaI4DjjFKTybpEmsTviz/y6G1edz1uhxbCxXFvKx9rwPemEEU
1WsaHkxUhZI8/jfQ4sScYCupBAu1rwyq0t6fsNhjF4T/w7o3f2U1ecPoM0cU6Tm3
PgholxDWIkcO/6xadV/S1rgbMU2ENsqBGFl8BLMBgOGCjcd2FOgfZmr1CzKtcp49
Y/ydBr/yhv3IxjpnWdWPe5IyAzOL9luKRGDPYpRdnbvU8d3MhQdKbi97RKYVej4M
hciahy4vgbXEdqxQleviO+jgtVCmoiXzveTw2gd21zLtpx/ip6ljRYkSK7AC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:11 2023 by rpki-client on console-fra.rpki-client.org