Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sGx4CH0xJNZBV-UeAk0ZlIjwCVU.roa
File: sGx4CH0xJNZBV-UeAk0ZlIjwCVU.roa (raw, json)
Hash identifier: ya02AZ2MSaGG+DEocjvq/dcDgNDv3tsE75E24zwtUWY=
Subject key identifier: B0:6C:78:08:7D:31:24:D6:41:57:E5:1E:02:4D:19:94:88:F0:09:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184437EBDC687AE43DC3D152AF755D6A2E3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sGx4CH0xJNZBV-UeAk0ZlIjwCVU.roa
Signing time: Fri 04 Nov 2022 16:34:50 +0000
ROA not before: Fri 04 Nov 2022 16:34:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.127.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:7e:bd:c6:87:ae:43:dc:3d:15:2a:f7:55:d6:a2:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 4 16:34:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b06c78087d3124d64157e51e024d199488f00955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ae:e1:59:8b:79:69:64:9f:09:86:0f:1c:f1:
13:15:14:19:aa:83:5e:64:a0:f7:fa:26:b2:95:f2:
98:65:ae:63:09:8e:f7:46:6d:ef:a6:66:12:30:ef:
08:16:e7:ea:0a:d2:9c:a0:40:72:8f:d3:90:67:e5:
a3:9a:c1:94:8d:08:ef:6d:94:f6:eb:90:34:2f:26:
15:93:c5:76:9a:21:17:52:31:d1:70:d6:ab:a7:32:
16:ef:2a:9f:3a:dd:4e:86:35:77:7e:d7:5f:44:72:
06:f9:7f:bc:da:c4:83:c4:9c:a1:23:42:fa:27:7b:
39:5d:4b:0b:99:02:73:4b:98:1c:40:8a:99:81:99:
78:9a:c0:77:86:53:a8:7f:c7:02:eb:08:12:89:5a:
ba:05:b5:93:38:45:46:e3:db:63:ad:0c:25:8f:f3:
e5:87:1b:44:7a:42:74:84:36:53:14:b1:13:01:13:
f2:87:f1:a3:0e:61:37:bf:04:98:fc:ee:b3:d9:84:
dd:5a:c1:ff:26:c1:d6:7b:91:be:93:b8:13:13:48:
eb:75:28:fe:67:82:4a:83:5e:41:6e:9f:ee:7e:6e:
66:79:6d:3c:28:a3:b0:b3:a9:f0:f5:11:e3:91:67:
ce:a8:9e:9d:6f:40:fd:8f:9b:27:f4:5e:6a:82:51:
25:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:6C:78:08:7D:31:24:D6:41:57:E5:1E:02:4D:19:94:88:F0:09:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sGx4CH0xJNZBV-UeAk0ZlIjwCVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
194.87.127.0/24
194.87.180.0/24
195.58.61.0/24
212.192.7.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:b5:4b:f5:93:82:98:12:b3:12:8a:ff:69:54:9c:1a:77:f6:
7e:ef:fa:b2:57:ed:6f:c1:0f:61:b9:95:01:36:a8:54:bd:07:
96:69:84:f8:00:44:39:00:7c:18:a4:06:09:cf:fc:11:9e:d6:
64:ef:7a:4b:0e:ac:bf:9e:05:89:5e:44:ed:d7:25:96:1f:93:
fc:f8:59:ba:0e:5b:9e:14:05:d8:ef:99:33:88:a5:90:a9:12:
d2:82:79:bb:32:50:95:4c:6c:e1:e8:1e:99:4c:5b:2f:fd:1e:
52:fb:33:d4:11:0b:ab:8c:59:ac:47:46:60:a4:ce:4b:a7:cf:
10:9f:f4:47:b7:8a:b2:76:07:5c:7a:df:86:35:14:77:46:c2:
b0:f1:e2:e6:16:1e:9b:a0:38:be:76:a4:ad:7b:a3:c1:b8:e3:
b7:be:28:ef:12:8c:d9:90:c4:93:43:1f:ef:ef:78:34:ed:8b:
75:b6:11:0d:c3:2a:5b:6c:82:a1:e8:46:20:54:af:26:1c:f6:
e4:29:f1:82:91:3d:40:9f:37:4d:a7:08:8d:5f:9d:10:44:20:
b7:d1:b0:22:d0:e4:13:f2:e2:0c:d7:51:f5:e0:62:35:a1:7b:
a7:9a:18:a6:59:ae:e5:38:eb:48:1a:ed:79:6e:00:8b:76:e9:
b2:50:89:f0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYRDfr3Gh65D3D0VKvdV1qLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA0MTYzNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDZjNzgwODdkMzEyNGQ2NDE1N2U1MWUwMjRkMTk5NDg4ZjAwOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq7hWYt5aWSfCYYPHPETFRQZqoNe
ZKD3+iaylfKYZa5jCY73Rm3vpmYSMO8IFufqCtKcoEByj9OQZ+WjmsGUjQjvbZT2
65A0LyYVk8V2miEXUjHRcNarpzIW7yqfOt1OhjV3ftdfRHIG+X+82sSDxJyhI0L6
J3s5XUsLmQJzS5gcQIqZgZl4msB3hlOof8cC6wgSiVq6BbWTOEVG49tjrQwlj/Pl
hxtEekJ0hDZTFLETARPyh/GjDmE3vwSY/O6z2YTdWsH/JsHWe5G+k7gTE0jrdSj+
Z4JKg15Bbp/ufm5meW08KKOws6nw9RHjkWfOqJ6db0D9j5sn9F5qglElcQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLBseAh9MSTWQVflHgJNGZSI8AlVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc0d4NENIMHhKTlpCVi1VZUFrMFpsSWp3Q1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwHy1AwQA
wld/AwQAwle0AwQAwzo9AwQA1MAHAwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQBb
tUv1k4KYErMSiv9pVJwad/Z+7/qyV+1vwQ9huZUBNqhUvQeWaYT4AEQ5AHwYpAYJ
z/wRntZk73pLDqy/ngWJXkTt1yWWH5P8+Fm6DlueFAXY75kziKWQqRLSgnm7MlCV
TGzh6B6ZTFsv/R5S+zPUEQurjFmsR0ZgpM5Lp88Qn/RHt4qydgdcet+GNRR3RsKw
8eLmFh6boDi+dqSte6PBuOO3vijvEozZkMSTQx/v73g07Yt1thENwypbbIKh6EYg
VK8mHPbkKfGCkT1AnzdNpwiNX50QRCC30bAi0OQT8uIM11H14GI1oXunmhimWa7l
OOtIGu15bgCLdumyUInw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org