Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pyHhmUCBUUO9SaKzCc6z3Dlt-ME.roa
File: pyHhmUCBUUO9SaKzCc6z3Dlt-ME.roa (raw, json)
Hash identifier: xBvRk4oF3f3DCguiu/CygcpTabwKTQdz5f2t+7DT784=
Subject key identifier: A7:21:E1:99:40:81:51:43:BD:49:A2:B3:09:CE:B3:DC:39:6D:F8:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184321E31AE934A6A420EF5104EB28E67A5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pyHhmUCBUUO9SaKzCc6z3Dlt-ME.roa
Signing time: Tue 01 Nov 2022 07:35:50 +0000
ROA not before: Tue 01 Nov 2022 07:35:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 195.133.86.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:1e:31:ae:93:4a:6a:42:0e:f5:10:4e:b2:8e:67:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 07:35:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a721e19940815143bd49a2b309ceb3dc396df8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5d:45:6a:36:ce:a0:6c:5a:6b:f5:83:a7:56:
a2:ff:b3:3a:b5:6b:fb:62:27:95:18:82:2a:93:2c:
2d:2d:ef:71:1b:f7:dc:97:8a:1e:ff:15:4d:ad:a2:
e5:7e:e5:e9:e0:60:33:ee:30:4d:2c:24:a0:e7:d8:
e6:5c:27:cc:e4:c4:07:7a:03:d6:b5:19:f5:09:e5:
9f:e9:eb:28:2f:47:43:ac:87:1c:4c:03:f4:a7:66:
0f:2d:53:e6:b5:70:fc:6a:04:45:72:95:a1:de:d6:
96:fe:79:9f:e2:48:44:1f:81:23:57:f1:86:af:61:
20:af:93:b8:6f:11:39:a2:a5:83:ee:c1:8f:2e:14:
4f:4a:a5:b8:88:76:8f:89:d5:46:37:77:78:51:d3:
2c:db:cf:73:1f:ee:27:c8:5a:a2:6e:d0:a7:cd:d5:
5c:09:40:80:f7:3c:ce:8e:02:a7:dd:65:49:9d:4c:
7f:d2:cd:0e:1a:4d:20:ef:e8:75:ad:51:7b:85:9b:
98:2b:6c:01:1e:5b:a7:43:ea:ef:18:28:9a:f7:bb:
62:01:28:8b:ea:14:d3:0b:6c:8b:ce:dd:84:63:19:
b5:18:7b:b3:94:aa:7b:8d:23:b4:59:e3:2f:e0:e8:
4d:13:64:70:ee:86:6e:b4:5f:93:a2:8f:70:f2:9c:
f1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:21:E1:99:40:81:51:43:BD:49:A2:B3:09:CE:B3:DC:39:6D:F8:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pyHhmUCBUUO9SaKzCc6z3Dlt-ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.73.0/24
194.87.130.0/23
194.87.168.0/24
194.87.178.0/24
194.135.23.0/24
195.58.35.0/24
195.133.0.0/24
195.133.86.0/24
212.192.31.0/24
212.193.1.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:8a:c7:2a:64:83:28:e3:a6:ed:c1:13:23:d7:1f:60:43:49:
f8:ef:e2:39:d9:4b:da:ab:be:11:a6:c4:25:fd:c9:b2:81:a5:
4f:fa:b8:35:6a:34:0a:5c:6e:58:72:55:77:4e:ab:de:35:3e:
0a:10:0d:22:47:bc:80:97:22:55:6b:a0:2e:92:77:ba:15:dd:
7a:a0:29:6c:fe:7e:88:cc:16:53:6c:ea:d8:76:d0:b0:81:92:
07:58:f6:38:2a:a4:d8:7a:ae:30:ec:cb:42:f6:94:cc:1f:be:
21:6a:48:f6:56:6f:11:fd:57:9f:d1:da:32:64:84:0e:84:af:
a8:00:c4:5a:e7:e7:6b:07:42:f2:7d:ee:4d:61:c5:db:fb:7c:
ae:fe:73:38:3d:c3:14:ef:82:c9:d1:58:32:06:49:81:43:a4:
f8:1e:eb:a7:84:6f:26:39:34:0c:9f:36:e2:5d:bb:0f:35:4a:
75:76:bb:ab:ed:40:79:a9:76:ec:49:24:8a:26:77:a4:18:25:
b8:40:5c:6f:65:c4:85:92:9a:2c:02:d1:74:75:32:d8:90:b7:
c9:96:ab:38:c2:ee:90:82:89:95:8a:91:15:e3:e8:4e:dd:82:
56:ae:10:ff:22:8e:0e:95:7b:55:5f:e7:3f:a3:0d:76:1c:5a:
dd:05:9a:05
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYQyHjGuk0pqQg71EE6yjmelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAxMDczNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzIxZTE5OTQwODE1MTQzYmQ0OWEyYjMwOWNlYjNkYzM5NmRmOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F1FajbOoGxaa/WDp1ai/7M6tWv7
YieVGIIqkywtLe9xG/fcl4oe/xVNraLlfuXp4GAz7jBNLCSg59jmXCfM5MQHegPW
tRn1CeWf6esoL0dDrIccTAP0p2YPLVPmtXD8agRFcpWh3taW/nmf4khEH4EjV/GG
r2Egr5O4bxE5oqWD7sGPLhRPSqW4iHaPidVGN3d4UdMs289zH+4nyFqibtCnzdVc
CUCA9zzOjgKn3WVJnUx/0s0OGk0g7+h1rVF7hZuYK2wBHlunQ+rvGCia97tiASiL
6hTTC2yLzt2EYxm1GHuzlKp7jSO0WeMv4OhNE2Rw7oZutF+Too9w8pzxRwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKch4ZlAgVFDvUmiswnOs9w5bfjBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcHlIaG1VQ0JVVU85U2FLekNjNnozRGx0LU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwldJAwQB
wleCAwQAwleoAwQAwleyAwQAwocXAwQAwzojAwQAw4UAAwQAw4VWAwQA1MAfAwQA
1MEBAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQAuiscqZIMo46btwRMj1x9gQ0n4
7+I52Uvaq74RpsQl/cmygaVP+rg1ajQKXG5YclV3TqveNT4KEA0iR7yAlyJVa6Au
kne6Fd16oCls/n6IzBZTbOrYdtCwgZIHWPY4KqTYeq4w7MtC9pTMH74hakj2Vm8R
/Vef0doyZIQOhK+oAMRa5+drB0Lyfe5NYcXb+3yu/nM4PcMU74LJ0VgyBkmBQ6T4
HuunhG8mOTQMnzbiXbsPNUp1drur7UB5qXbsSSSKJnekGCW4QFxvZcSFkposAtF0
dTLYkLfJlqs4wu6QgomVipEV4+hO3YJWrhD/Io4OlXtVX+c/ow12HFrdBZoF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:12 2023 by rpki-client on console-fra.rpki-client.org