Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r5_vJV1mUEDGwkegLE9iRVoeL5Y.roa
File: r5_vJV1mUEDGwkegLE9iRVoeL5Y.roa (raw, json)
Hash identifier: AQRMQlK87R4Ad4A1gjgWP0lTRXBR+nT98lRfHjeOYy8=
Subject key identifier: AF:9F:EF:25:5D:66:50:40:C6:C2:47:A0:2C:4F:62:45:5A:1E:2F:96
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184330FE805AAEF555D3E74C2120467D036
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r5_vJV1mUEDGwkegLE9iRVoeL5Y.roa
Signing time: Tue 01 Nov 2022 11:59:51 +0000
ROA not before: Tue 01 Nov 2022 11:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399471
IP address blocks: 212.193.29.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
212.192.216.0/22 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.244.0/22 maxlen: 24
212.193.8.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:0f:e8:05:aa:ef:55:5d:3e:74:c2:12:04:67:d0:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 11:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af9fef255d665040c6c247a02c4f62455a1e2f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:97:d5:3a:f4:89:2e:94:5f:e8:a1:91:a2:
10:87:8e:de:7d:73:9b:e6:f7:21:bb:b9:57:ac:e0:
65:62:d7:4e:ee:c2:28:2f:e6:e7:27:da:4e:3a:0e:
50:be:e7:fd:7d:bf:29:03:29:6a:49:a9:a2:a4:2c:
6a:f0:37:1e:e3:c8:b5:b9:0c:78:12:f1:f0:f4:c1:
15:76:71:81:f4:77:a7:38:b5:0c:a2:49:98:07:b9:
e6:de:71:11:b1:04:5a:d6:ae:61:10:7c:04:82:60:
27:4b:44:ca:69:61:13:0f:e7:e0:bb:a9:19:0a:9a:
5f:4b:b8:33:7d:e9:6d:59:25:38:bd:15:97:53:97:
58:ba:aa:ea:ed:84:00:f7:28:75:91:7e:48:78:2a:
c6:33:9c:6c:a1:21:5d:62:be:6c:aa:a9:6e:9c:7e:
55:3a:63:38:9f:49:7a:52:6a:6e:16:b4:2c:47:37:
cf:78:b7:b1:c2:62:b3:d9:e7:5b:ec:c3:b4:fa:bb:
73:ee:ad:9e:1f:51:37:b6:12:7c:8b:06:03:4c:c3:
5a:40:7a:28:2b:8f:24:de:9b:53:1e:1c:91:03:f4:
0b:af:e2:0e:f4:21:b6:4a:2e:50:f3:ee:ec:fc:10:
ef:17:bb:9a:fa:a5:6e:9e:57:77:d6:3e:36:d1:f6:
85:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:9F:EF:25:5D:66:50:40:C6:C2:47:A0:2C:4F:62:45:5A:1E:2F:96
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r5_vJV1mUEDGwkegLE9iRVoeL5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.248.0/24
194.85.250.0/24
194.87.32.0/24
194.87.35.0/24
194.87.149.0/24
194.87.161.0/24
194.87.227.0/24
195.133.39.0/24
212.192.11.0/24
212.192.216.0/22
212.192.244.0/22
212.193.8.0/23
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
10:82:1c:64:01:92:13:37:fd:75:36:b1:06:00:7f:7a:e5:62:
a1:b1:5d:5e:f9:d5:ab:c5:b1:3f:70:8e:6c:68:6a:0f:e1:e0:
50:41:25:0f:98:6e:aa:47:68:3d:c5:73:bc:de:49:35:78:28:
ef:19:bc:90:3c:07:8f:a1:d8:3b:16:28:96:be:ee:c4:47:78:
55:c1:c9:40:53:c6:a0:c8:40:da:ec:1e:f4:6f:65:e5:8e:8e:
85:c0:ba:6d:9f:bf:4b:d2:98:0d:d9:b3:ec:3c:16:95:7e:db:
7a:e1:8d:49:0b:88:3f:fb:a6:6a:dc:7f:d9:3c:27:02:4a:c3:
01:26:e6:b0:b2:33:0a:e4:6c:a4:ad:a5:3f:ab:48:c1:e0:2f:
c0:29:9b:90:d4:08:b3:9f:30:f5:0f:3b:8a:2a:e5:72:c9:3d:
28:71:c0:03:03:bd:79:cb:47:ac:9d:09:f3:29:fe:7c:aa:f3:
26:ab:12:ae:fa:18:3f:be:4a:5a:b0:06:57:26:c9:e0:4e:d2:
04:a1:fc:ed:41:a0:ad:70:6e:06:ee:43:0e:fd:8a:0a:99:0a:
e7:0c:d7:77:5d:13:36:43:d1:a5:f6:76:95:dd:95:55:ee:25:
8a:8d:c3:cd:1b:8a:00:2a:44:38:75:0f:61:ff:a7:2c:aa:72:
2c:35:11:2d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYQzD+gFqu9VXT50whIEZ9A2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAxMTE1OTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjlmZWYyNTVkNjY1MDQwYzZjMjQ3YTAyYzRmNjI0NTVhMWUyZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprKX1Tr0iS6UX+ihkaIQh47efXOb
5vchu7lXrOBlYtdO7sIoL+bnJ9pOOg5Qvuf9fb8pAylqSamipCxq8Dce48i1uQx4
EvHw9MEVdnGB9HenOLUMokmYB7nm3nERsQRa1q5hEHwEgmAnS0TKaWETD+fgu6kZ
CppfS7gzfeltWSU4vRWXU5dYuqrq7YQA9yh1kX5IeCrGM5xsoSFdYr5sqqlunH5V
OmM4n0l6UmpuFrQsRzfPeLexwmKz2edb7MO0+rtz7q2eH1E3thJ8iwYDTMNaQHoo
K48k3ptTHhyRA/QLr+IO9CG2Si5Q8+7s/BDvF7ua+qVunld31j420faFZQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFK+f7yVdZlBAxsJHoCxPYkVaHi+WMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcjVfdkpWMW1VRURHd2tlZ0xFOWlSVm9lTDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwlX4AwQA
wlX6AwQAwlcgAwQAwlcjAwQAwleVAwQAwlehAwQAwlfjAwQAw4UnAwQA1MALAwQC
1MDYAwQC1MD0AwQB1MEIAwQA1MEdMA0GCSqGSIb3DQEBCwUAA4IBAQAQghxkAZIT
N/11NrEGAH965WKhsV1e+dWrxbE/cI5saGoP4eBQQSUPmG6qR2g9xXO83kk1eCjv
GbyQPAePodg7FiiWvu7ER3hVwclAU8agyEDa7B70b2Xljo6FwLptn79L0pgN2bPs
PBaVftt64Y1JC4g/+6Zq3H/ZPCcCSsMBJuawsjMK5GykraU/q0jB4C/AKZuQ1Aiz
nzD1DzuKKuVyyT0occADA715y0esnQnzKf58qvMmqxKu+hg/vkpasAZXJsngTtIE
ofztQaCtcG4G7kMO/YoKmQrnDNd3XRM2Q9Gl9naV3ZVV7iWKjcPNG4oAKkQ4dQ9h
/6csqnIsNREt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org