Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rQeKBpz83Kj6OAzRV1Z8WYNmdp0.roa
File: rQeKBpz83Kj6OAzRV1Z8WYNmdp0.roa (raw, json)
Hash identifier: QiAu5QaWQXkRVguFuSZSI9DJI1oNIBpqQxhus/YVm8A=
Subject key identifier: AD:07:8A:06:9C:FC:DC:A8:FA:38:0C:D1:57:56:7C:59:83:66:76:9D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01849A35F1A9133412AF32B98ED0671F0F28
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rQeKBpz83Kj6OAzRV1Z8WYNmdp0.roa
Signing time: Mon 21 Nov 2022 12:42:17 +0000
ROA not before: Mon 21 Nov 2022 12:42:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 193.124.46.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:35:f1:a9:13:34:12:af:32:b9:8e:d0:67:1f:0f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 21 12:42:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad078a069cfcdca8fa380cd157567c598366769d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:90:c8:22:5a:bd:e6:cc:61:22:88:58:eb:02:
b9:b5:e0:2d:a4:72:ee:ca:41:a0:23:ba:81:c1:84:
c6:45:53:6e:ca:38:1d:d9:64:15:c7:4f:ad:49:58:
df:77:85:97:0c:50:84:45:5c:ba:c9:fa:1e:5d:55:
12:de:fb:31:e1:72:f9:59:26:bd:fa:95:5b:7a:ca:
8e:44:e2:7d:14:eb:83:a2:7b:7a:3f:ea:a3:90:c9:
3f:8d:a8:f5:87:82:77:c3:12:3f:3f:b7:15:ae:80:
aa:5f:ca:42:90:a5:f9:68:64:c2:4d:9b:f7:eb:bc:
96:a5:2b:0b:5d:c8:15:0f:da:35:c1:5f:0a:84:f6:
d6:21:dd:a5:2f:d0:3c:5f:99:81:79:45:2a:f3:6e:
12:c6:34:5e:bb:77:47:bd:17:27:8b:38:14:b8:23:
26:7b:89:11:81:ea:cf:e6:0b:1e:9f:60:47:de:43:
0e:72:b1:85:62:7f:5c:52:89:a8:27:9f:fd:0a:af:
78:f1:16:11:5f:3a:65:24:8c:42:16:f2:fa:46:49:
25:b7:97:6e:85:99:71:b3:e3:68:82:a6:1a:a0:e4:
fe:86:fe:37:75:83:7c:d0:af:55:67:d0:38:c3:33:
07:99:f9:d2:4e:41:56:c9:89:f4:5d:ff:03:88:d7:
e3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:07:8A:06:9C:FC:DC:A8:FA:38:0C:D1:57:56:7C:59:83:66:76:9D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rQeKBpz83Kj6OAzRV1Z8WYNmdp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.46.0/24
194.87.176.0/24
212.192.210.0/24
Signature Algorithm: sha256WithRSAEncryption
01:dd:1e:85:3e:9b:e9:68:b0:4d:cf:9a:5b:cf:71:41:1d:12:
40:ed:f1:61:5d:04:80:8c:9c:f0:a2:71:59:4c:9b:a1:8a:c7:
1e:c3:a3:03:50:1d:a5:ee:49:fd:8b:ca:d9:62:35:7e:72:89:
98:7b:55:31:2d:84:6f:6f:99:d6:2e:41:ce:02:db:6e:93:0e:
39:8e:be:43:02:3c:95:04:a2:d7:04:77:8b:23:b5:b9:24:df:
01:93:d9:12:39:14:01:20:d2:d1:66:5c:be:13:b2:a3:0c:3b:
77:f7:cf:ed:ad:a8:42:8b:3b:3f:0c:9c:93:a0:b1:0e:cc:19:
39:fc:76:65:60:42:95:67:02:7c:a7:e5:c2:c6:d5:bc:cf:9c:
a3:fc:f2:c4:4a:3c:a9:a4:67:26:61:4e:2f:ca:36:fc:29:c6:
83:91:fb:90:49:a2:ef:dd:ea:30:56:1a:70:44:b7:ea:7d:5e:
a7:8f:06:a4:6b:53:f3:4a:db:26:97:0b:4e:e3:47:50:6c:1f:
61:cf:b9:ca:e7:3f:62:18:92:38:cd:62:7d:c3:4b:54:4e:5b:
65:5e:5a:a2:9b:98:d6:61:0f:d1:75:92:6c:2f:96:cd:ff:59:
e4:d7:28:06:62:2c:10:68:11:8d:84:98:4f:d4:07:8f:fe:ff:
27:2b:51:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSaNfGpEzQSrzK5jtBnHw8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIxMTI0MjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA3OGEwNjljZmNkY2E4ZmEzODBjZDE1NzU2N2M1OTgzNjY3NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJDIIlq95sxhIohY6wK5teAtpHLu
ykGgI7qBwYTGRVNuyjgd2WQVx0+tSVjfd4WXDFCERVy6yfoeXVUS3vsx4XL5WSa9
+pVbesqOROJ9FOuDont6P+qjkMk/jaj1h4J3wxI/P7cVroCqX8pCkKX5aGTCTZv3
67yWpSsLXcgVD9o1wV8KhPbWId2lL9A8X5mBeUUq824SxjReu3dHvRcnizgUuCMm
e4kRgerP5gsen2BH3kMOcrGFYn9cUomoJ5/9Cq948RYRXzplJIxCFvL6Rkklt5du
hZlxs+NogqYaoOT+hv43dYN80K9VZ9A4wzMHmfnSTkFWyYn0Xf8DiNfjCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK0Higac/Nyo+jgM0VdWfFmDZnadMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvclFlS0JwejgzS2o2T0F6UlYxWjhXWU5tZHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwuAwQA
wlewAwQA1MDSMA0GCSqGSIb3DQEBCwUAA4IBAQAB3R6FPpvpaLBNz5pbz3FBHRJA
7fFhXQSAjJzwonFZTJuhiscew6MDUB2l7kn9i8rZYjV+comYe1UxLYRvb5nWLkHO
Attukw45jr5DAjyVBKLXBHeLI7W5JN8Bk9kSORQBINLRZly+E7KjDDt398/trahC
izs/DJyToLEOzBk5/HZlYEKVZwJ8p+XCxtW8z5yj/PLESjyppGcmYU4vyjb8KcaD
kfuQSaLv3eowVhpwRLfqfV6njwaka1PzStsmlwtO40dQbB9hz7nK5z9iGJI4zWJ9
w0tUTltlXlqim5jWYQ/RdZJsL5bN/1nk1ygGYiwQaBGNhJhP1AeP/v8nK1Hg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org