Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qHZnW5Z0McH3r9aerHsZh1kkY3w.roa
File: qHZnW5Z0McH3r9aerHsZh1kkY3w.roa (raw, json)
Hash identifier: zfAtF3p2/Zto7HLbjD19QvSoZUfluVxyLLYa0PZd3a0=
Subject key identifier: A8:76:67:5B:96:74:31:C1:F7:AF:D6:9E:AC:7B:19:87:59:24:63:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 10399314
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qHZnW5Z0McH3r9aerHsZh1kkY3w.roa
Signing time: Fri 03 Jun 2022 10:54:20 +0000
ROA not before: Fri 03 Jun 2022 10:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 193.108.112.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.25.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 272208660 (0x10399314)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 3 10:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a876675b967431c1f7afd69eac7b19875924637c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:be:5e:ee:f5:b6:e0:0f:d5:dd:ba:f2:7c:5b:
5e:70:aa:b1:b6:17:c2:f8:b7:f0:fb:79:b9:f6:e5:
58:5e:02:3a:e4:5c:75:d7:92:ef:4c:c7:73:76:d8:
01:25:ff:0d:1e:7a:99:c1:32:93:21:5b:75:60:3e:
07:d2:fc:bb:ce:86:31:db:10:f4:9c:e5:c1:54:21:
71:cc:d3:fc:21:b6:bc:d6:67:19:2a:7b:63:f6:c5:
d2:51:7d:4c:9d:f5:a3:da:4e:73:0f:ae:a0:85:40:
3d:35:ac:75:2f:dc:bf:6f:b4:2f:be:51:85:b2:13:
e6:4b:c5:e8:b8:f9:e2:e4:2b:4c:60:b3:70:af:37:
a5:a3:76:f8:2b:97:4a:d1:01:86:4d:de:8f:c1:51:
76:e8:91:53:31:80:f6:5c:f8:e9:c8:2d:21:6a:b2:
2d:28:d8:ee:62:e2:e0:dc:fb:bb:b3:bf:32:fe:7d:
b7:45:b4:07:b8:f3:1f:91:e1:86:78:e1:f5:e8:f5:
c0:72:fe:15:29:a6:9a:45:a3:2c:fd:f6:ff:de:b8:
c0:e5:6d:14:ba:a4:87:5b:5f:bf:b1:d5:5f:a2:0d:
4e:76:a6:14:f8:f7:b3:b4:55:94:50:fb:c4:4b:d1:
80:fa:ff:d0:f8:69:17:cd:b5:43:96:39:dc:af:92:
18:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:76:67:5B:96:74:31:C1:F7:AF:D6:9E:AC:7B:19:87:59:24:63:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qHZnW5Z0McH3r9aerHsZh1kkY3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.36.0/22
194.87.118.0/23
194.135.32.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d0:80:3e:a8:84:cd:27:56:b4:34:49:76:7b:1f:7e:27:eb:
e4:37:ea:d7:07:88:6c:5c:bb:24:6d:54:64:12:42:3c:ee:c2:
12:61:70:c0:c5:57:98:fe:e7:9d:37:f6:68:42:1e:37:d7:cd:
72:27:b2:5e:71:6e:71:90:1a:23:b9:3c:94:31:71:04:7f:df:
60:5f:ab:7e:08:ad:9f:2d:c1:19:3b:c6:98:33:51:4b:ad:84:
1f:be:12:5c:d8:67:38:9e:16:62:ef:3d:4e:31:49:94:e6:38:
5b:7e:52:fb:f7:cf:f1:03:69:95:b0:88:d7:d1:69:27:69:1c:
ce:6f:83:c4:e5:bd:5c:ef:e0:e7:82:aa:75:5a:37:83:aa:17:
24:9b:49:58:dc:58:b0:84:ef:67:c6:fe:b6:5a:9c:55:47:4c:
d2:c3:0b:a9:94:cb:50:19:3a:b1:74:2e:59:67:18:14:dc:69:
40:a6:7c:c7:ff:39:86:e8:d2:39:3f:31:d2:0c:f6:b4:1c:36:
f3:d5:b5:d3:4a:d6:78:f5:f6:cd:f1:86:15:2b:92:cd:33:fc:
2e:0c:aa:ce:a1:e2:4e:9d:45:27:26:23:18:f5:fb:f9:bd:9f:
f4:54:c4:ee:60:83:33:a5:69:0d:e9:dd:bd:ce:b2:7c:2a:cd:
86:a2:bf:31
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEEDmTFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDYw
MzEwNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg3NjY3NWI5Njc0
MzFjMWY3YWZkNjllYWM3YjE5ODc1OTI0NjM3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANC+Xu71tuAP1d268nxbXnCqsbYXwvi38Pt5ufblWF4COuRc
ddeS70zHc3bYASX/DR56mcEykyFbdWA+B9L8u86GMdsQ9JzlwVQhcczT/CG2vNZn
GSp7Y/bF0lF9TJ31o9pOcw+uoIVAPTWsdS/cv2+0L75RhbIT5kvF6Lj54uQrTGCz
cK83paN2+CuXStEBhk3ej8FRduiRUzGA9lz46cgtIWqyLSjY7mLi4Nz7u7O/Mv59
t0W0B7jzH5Hhhnjh9ej1wHL+FSmmmkWjLP32/964wOVtFLqkh1tfv7HVX6INTnam
FPj3s7RVlFD7xEvRgPr/0PhpF821Q5Y53K+SGJkCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBSodmdblnQxwfev1p6sexmHWSRjfDAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L3FIWm5XNVowTWNIM3I5YWVySHNaaDFra1kzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAMFscAMEAsJXJAMEAcJXdgMEAMKH
IDAMAwQAw4UZAwQCw4UYAwQAw4U3AwQAw4U7AwQA1MECMA0GCSqGSIb3DQEBCwUA
A4IBAQB20IA+qITNJ1a0NEl2ex9+J+vkN+rXB4hsXLskbVRkEkI87sISYXDAxVeY
/uedN/ZoQh43181yJ7JecW5xkBojuTyUMXEEf99gX6t+CK2fLcEZO8aYM1FLrYQf
vhJc2Gc4nhZi7z1OMUmU5jhbflL798/xA2mVsIjX0WknaRzOb4PE5b1c7+Dngqp1
WjeDqhckm0lY3FiwhO9nxv62WpxVR0zSwwuplMtQGTqxdC5ZZxgU3GlApnzH/zmG
6NI5PzHSDPa0HDbz1bXTStZ49fbN8YYVK5LNM/wuDKrOoeJOnUUnJiMY9fv5vZ/0
VMTuYIMzpWkN6d29zrJ8Ks2Gor8x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org