Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qEx-ElEl24HQ7HIoFZhODQzcevk.roa
File: qEx-ElEl24HQ7HIoFZhODQzcevk.roa (raw, json)
Hash identifier: CMqpjlzSsCEMy/6x2MS6dJQhEjJoq1YH16FCElkZNEQ=
Subject key identifier: A8:4C:7E:12:51:25:DB:81:D0:EC:72:28:15:98:4E:0D:0C:DC:7A:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183EAA3939B47141A47F2BB74961D67FF10
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qEx-ElEl24HQ7HIoFZhODQzcevk.roa
Signing time: Tue 18 Oct 2022 10:28:52 +0000
ROA not before: Tue 18 Oct 2022 10:28:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.82.0/24 maxlen: 24
185.72.9.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:a3:93:9b:47:14:1a:47:f2:bb:74:96:1d:67:ff:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 18 10:28:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a84c7e125125db81d0ec722815984e0d0cdc7af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:af:ae:99:4b:14:6c:2c:c3:62:10:16:09:fd:
b1:52:e5:87:50:4a:6f:9d:a0:2b:9f:56:9c:a5:af:
65:9c:45:1b:56:4b:75:24:8e:5e:34:6e:25:55:e6:
19:bf:25:8e:bf:2d:d6:78:31:18:1e:5b:bb:1f:9d:
99:1c:d2:19:6b:1d:3b:02:04:40:be:94:cc:9d:72:
47:7a:f8:86:85:29:ac:d3:21:58:b7:55:57:91:8f:
d2:1d:79:5a:6e:5a:4f:e9:26:b0:6f:ec:b8:62:e1:
67:c6:70:1c:64:46:31:48:1d:be:67:5c:57:ac:9e:
f5:ae:cd:56:c6:78:5e:e6:7a:3d:ea:f8:0e:dd:37:
ac:c5:27:2a:58:3b:4a:c2:65:dd:bb:0f:0e:14:9a:
8e:7e:ff:53:13:9d:b9:5a:e3:76:c9:0b:60:a1:b0:
dd:bd:97:05:5f:f8:4d:c2:90:30:2d:e2:21:b2:39:
24:82:38:12:49:3c:63:ff:79:9b:b0:30:b7:1b:1f:
fc:96:ff:fc:b9:22:af:07:55:23:53:41:1d:67:75:
7b:a9:73:74:27:e3:d8:8c:03:92:33:ca:1d:47:15:
fc:1d:2e:86:5f:08:05:96:60:cf:2c:b7:74:44:1f:
80:55:67:16:44:d2:bb:4b:4c:d7:dd:cf:9f:b4:74:
75:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4C:7E:12:51:25:DB:81:D0:EC:72:28:15:98:4E:0D:0C:DC:7A:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qEx-ElEl24HQ7HIoFZhODQzcevk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.9.0/24
194.87.73.0/24
194.87.90.0/24
194.87.181.0/24
194.87.198.0/24
195.133.82.0/24
Signature Algorithm: sha256WithRSAEncryption
76:60:7f:42:fb:45:da:11:01:bb:ad:1d:4d:ed:54:41:b0:07:
a4:9d:6f:77:71:2d:dc:1c:9d:87:f2:26:1e:5d:8c:11:2a:49:
94:09:c5:36:83:5c:d4:89:6f:7d:c2:f5:13:2a:2a:a2:27:91:
7f:17:76:c5:fd:f3:33:6d:80:03:1a:fd:50:fa:69:4a:0a:68:
8e:89:d3:23:63:c3:3e:50:51:5b:c7:5b:c6:6d:cd:e3:97:f4:
13:f4:73:1e:42:78:d8:ef:73:fa:74:a3:27:0c:4f:c8:e1:b5:
5c:c7:d3:b5:d2:69:07:fc:3d:04:3b:53:f4:9d:56:4d:0f:93:
83:48:a5:95:d2:15:ca:40:2a:4a:40:81:58:ce:da:bd:37:4d:
b2:58:cc:18:04:a3:26:1e:e2:be:51:cf:34:20:fa:c4:40:80:
6b:f4:78:c5:3d:19:ef:9e:a5:38:c1:70:34:ca:91:94:73:60:
64:20:3e:77:9d:1b:11:76:92:2c:c8:a1:b3:c8:65:48:bd:7a:
ba:7b:1c:91:8f:b6:25:f2:6d:53:48:79:b5:bf:40:76:6b:34:
58:ee:5f:0c:1a:9d:99:85:36:39:e2:0e:37:f9:4d:18:48:25:
02:6d:7d:a5:b2:95:de:ae:17:1e:0a:6d:cd:09:ce:b6:e3:fc:
30:46:82:32
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYPqo5ObRxQaR/K7dJYdZ/8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE4MTAyODUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODRjN2UxMjUxMjVkYjgxZDBlYzcyMjgxNTk4NGUwZDBjZGM3YWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK+umUsUbCzDYhAWCf2xUuWHUEpv
naArn1acpa9lnEUbVkt1JI5eNG4lVeYZvyWOvy3WeDEYHlu7H52ZHNIZax07AgRA
vpTMnXJHeviGhSms0yFYt1VXkY/SHXlablpP6Sawb+y4YuFnxnAcZEYxSB2+Z1xX
rJ71rs1Wxnhe5no96vgO3TesxScqWDtKwmXduw8OFJqOfv9TE525WuN2yQtgobDd
vZcFX/hNwpAwLeIhsjkkgjgSSTxj/3mbsDC3Gx/8lv/8uSKvB1UjU0EdZ3V7qXN0
J+PYjAOSM8odRxX8HS6GXwgFlmDPLLd0RB+AVWcWRNK7S0zX3c+ftHR1KQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKhMfhJRJduB0OxyKBWYTg0M3Hr5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcUV4LUVsRWwyNEhRN0hJb0ZaaE9EUXpjZXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUgJAwQA
wldJAwQAwldaAwQAwle1AwQAwlfGAwQAw4VSMA0GCSqGSIb3DQEBCwUAA4IBAQB2
YH9C+0XaEQG7rR1N7VRBsAeknW93cS3cHJ2H8iYeXYwRKkmUCcU2g1zUiW99wvUT
KiqiJ5F/F3bF/fMzbYADGv1Q+mlKCmiOidMjY8M+UFFbx1vGbc3jl/QT9HMeQnjY
73P6dKMnDE/I4bVcx9O10mkH/D0EO1P0nVZND5ODSKWV0hXKQCpKQIFYztq9N02y
WMwYBKMmHuK+Uc80IPrEQIBr9HjFPRnvnqU4wXA0ypGUc2BkID53nRsRdpIsyKGz
yGVIvXq6exyRj7Yl8m1TSHm1v0B2azRY7l8MGp2ZhTY54g43+U0YSCUCbX2lspXe
rhceCm3NCc624/wwRoIy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:12 2023 by rpki-client on console-fra.rpki-client.org