Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pIs1qKIsNnujlyDls5KUKWl7bY4.roa
File: pIs1qKIsNnujlyDls5KUKWl7bY4.roa (raw, json)
Hash identifier: 2skU7kGtgrE+1e16o9HC3f9rYdBa/VylvHb7lQq5DAU=
Subject key identifier: A4:8B:35:A8:A2:2C:36:7B:A3:97:20:E5:B3:92:94:29:69:7B:6D:8E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01843F876B4BAB535B3B1D09A3CAB55953FF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pIs1qKIsNnujlyDls5KUKWl7bY4.roa
Signing time: Thu 03 Nov 2022 22:05:50 +0000
ROA not before: Thu 03 Nov 2022 22:05:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3f:87:6b:4b:ab:53:5b:3b:1d:09:a3:ca:b5:59:53:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 3 22:05:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a48b35a8a22c367ba39720e5b3929429697b6d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:34:55:a3:50:cd:82:6d:42:ba:7f:f7:26:26:
e1:0e:67:c9:3e:11:6d:ec:f2:ce:c1:82:07:1f:ff:
ce:27:39:6e:1d:74:66:13:de:02:ad:b0:f1:09:ca:
40:39:3b:c3:ba:b6:82:e9:9e:46:f9:fe:b8:0d:c5:
85:bb:45:f5:5a:df:90:57:ea:4e:5f:cb:eb:56:8e:
e2:21:aa:31:a0:05:69:24:bb:8a:24:eb:ed:5c:6f:
0e:8d:6b:be:3e:a8:e8:da:66:3d:95:2a:12:82:e8:
94:90:9b:0d:6e:e4:40:dd:e5:82:a3:af:0a:f4:c3:
ed:cc:31:c7:4d:09:7f:47:39:69:71:7a:d2:7b:1c:
ae:15:9c:47:74:35:86:cb:f9:e1:e0:0c:f3:c4:3f:
12:c8:ab:a8:4b:e9:09:57:69:b0:e7:a5:e2:f5:0b:
41:5a:a9:43:b7:07:65:82:ef:16:da:09:4f:7f:c6:
b4:12:bf:49:73:28:35:61:63:5d:6d:b6:6d:fd:40:
35:c2:6d:5e:a2:1b:aa:d4:0c:86:b1:15:07:a8:cd:
9e:40:92:bc:47:96:8a:6e:06:7f:f4:f4:7c:cb:ca:
70:c4:c2:a5:9d:30:e9:69:ba:b3:70:e1:9f:6b:71:
6b:3e:75:38:29:1f:e2:60:58:7a:24:fe:12:ff:94:
bc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8B:35:A8:A2:2C:36:7B:A3:97:20:E5:B3:92:94:29:69:7B:6D:8E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pIs1qKIsNnujlyDls5KUKWl7bY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
195.133.88.0/24
212.192.14.0/24
Signature Algorithm: sha256WithRSAEncryption
70:6a:2d:46:d8:87:0d:8e:4f:43:7e:bc:b6:37:af:2e:6d:7e:
f5:c7:1a:f7:90:b3:05:fc:8b:87:d8:85:72:22:75:5e:4f:b4:
70:8a:d3:2e:5c:21:f6:43:0e:90:90:7a:89:da:9e:fd:8f:0d:
77:ba:5b:7b:6e:ab:5c:05:8c:6e:da:f2:d6:d0:50:95:bb:d8:
e7:1a:7c:dc:be:fa:c7:ba:60:58:ee:53:50:7a:5b:12:08:c2:
42:70:4d:81:2a:f8:99:ed:29:1e:12:56:f8:93:50:fd:a7:42:
c5:6c:ae:f8:48:29:27:98:d7:12:a7:df:4c:15:e5:01:30:03:
89:af:ea:de:fa:2b:2c:40:70:87:da:c1:75:c1:de:2b:45:c1:
41:0a:f7:e1:de:fa:a8:b5:86:70:94:ba:e7:81:cf:f7:4d:2a:
d9:6e:1f:e9:13:8e:f4:9a:ac:89:02:a4:47:6f:42:07:ee:5b:
60:ac:d3:2c:fa:9b:d6:4f:e0:80:41:11:16:da:19:83:31:11:
33:05:bf:e3:e7:d2:5c:de:79:dc:9f:ac:bf:95:00:18:b7:db:
04:84:6d:25:51:94:aa:dc:c2:f5:44:4d:01:f5:db:f7:73:1e:
57:dc:03:b8:fe:a3:42:30:e3:73:bf:10:ab:ae:e9:dd:79:32:
91:50:c7:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQ/h2tLq1NbOx0Jo8q1WVP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAzMjIwNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhiMzVhOGEyMmMzNjdiYTM5NzIwZTViMzkyOTQyOTY5N2I2ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjRVo1DNgm1Cun/3JibhDmfJPhFt
7PLOwYIHH//OJzluHXRmE94CrbDxCcpAOTvDuraC6Z5G+f64DcWFu0X1Wt+QV+pO
X8vrVo7iIaoxoAVpJLuKJOvtXG8OjWu+Pqjo2mY9lSoSguiUkJsNbuRA3eWCo68K
9MPtzDHHTQl/RzlpcXrSexyuFZxHdDWGy/nh4AzzxD8SyKuoS+kJV2mw56Xi9QtB
WqlDtwdlgu8W2glPf8a0Er9Jcyg1YWNdbbZt/UA1wm1eohuq1AyGsRUHqM2eQJK8
R5aKbgZ/9PR8y8pwxMKlnTDpabqzcOGfa3FrPnU4KR/iYFh6JP4S/5S8gQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKSLNaiiLDZ7o5cg5bOSlClpe22OMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcElzMXFLSXNObnVqbHlEbHM1S1VLV2w3Ylk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaAwQAw4VYAwQA1MAOMA0GCSqGSIb3DQEBCwUA
A4IBAQBwai1G2IcNjk9Dfry2N68ubX71xxr3kLMF/IuH2IVyInVeT7RwitMuXCH2
Qw6QkHqJ2p79jw13ult7bqtcBYxu2vLW0FCVu9jnGnzcvvrHumBY7lNQelsSCMJC
cE2BKviZ7SkeElb4k1D9p0LFbK74SCknmNcSp99MFeUBMAOJr+re+issQHCH2sF1
wd4rRcFBCvfh3vqotYZwlLrngc/3TSrZbh/pE470mqyJAqRHb0IH7ltgrNMs+pvW
T+CAQREW2hmDMREzBb/j59Jc3nncn6y/lQAYt9sEhG0lUZSq3ML1RE0B9dv3cx5X
3AO4/qNCMONzvxCrrundeTKRUMcS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-ams.rpki-client.org