Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sV3aycORtq_5MzwXEAl5e6b_P7U.roa
File: sV3aycORtq_5MzwXEAl5e6b_P7U.roa (raw, json)
Hash identifier: PqJ8jkyyFdruMm7woKKA54rUblOZYY0TDnIPSFRI9Lo=
Subject key identifier: B1:5D:DA:C9:C3:91:B6:AF:F9:33:3C:17:10:09:79:7B:A6:FF:3F:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01853F7C8139A653E76EEE15BECD0E439C00
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sV3aycORtq_5MzwXEAl5e6b_P7U.roa
Signing time: Fri 23 Dec 2022 14:56:41 +0000
ROA not before: Fri 23 Dec 2022 14:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210388
IP address blocks: 194.87.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:7c:81:39:a6:53:e7:6e:ee:15:be:cd:0e:43:9c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 23 14:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b15ddac9c391b6aff9333c171009797ba6ff3fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c2:ea:82:d7:3b:32:1b:25:83:b3:5a:d7:a7:
e5:7a:df:90:b7:0a:87:f8:46:8c:db:77:db:59:4f:
c0:fe:4b:c4:82:0e:e1:e4:c6:f8:02:7d:ee:ea:1b:
d2:41:07:d6:8d:01:74:7b:d1:f0:06:90:64:5a:9c:
0b:dc:dc:aa:54:55:16:2b:4d:f1:8d:e9:25:e6:d2:
96:b4:e3:b2:39:57:49:35:4f:66:77:06:1e:e3:4b:
85:71:ea:eb:ea:25:0d:17:92:a6:98:b2:ae:e3:89:
40:00:82:51:ad:92:09:9a:3e:f9:4b:43:bd:cd:93:
e3:b6:5f:be:13:34:05:cf:30:6b:b7:76:e1:0c:f6:
22:d7:40:4f:71:18:1d:c1:e4:3f:a3:83:cb:af:66:
2f:bf:3f:dd:55:f7:26:c2:42:64:e4:4c:3c:07:ce:
0f:bc:c6:5f:40:80:63:fc:a7:50:f1:50:f1:46:a6:
6b:bc:a0:44:d7:9d:cd:af:f8:50:5f:aa:10:e1:3a:
54:d2:e2:d8:9d:76:b0:3e:30:a1:c6:00:a9:40:82:
19:c6:5f:4a:c0:3f:2d:46:2b:31:a2:42:7f:d6:75:
e9:cb:f1:9d:91:6e:c3:a4:39:25:7a:2c:4f:a7:38:
0e:a8:1d:33:2e:af:41:5a:8f:31:fd:44:16:93:83:
7a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:5D:DA:C9:C3:91:B6:AF:F9:33:3C:17:10:09:79:7B:A6:FF:3F:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sV3aycORtq_5MzwXEAl5e6b_P7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.160.0/24
Signature Algorithm: sha256WithRSAEncryption
19:17:fd:6f:4e:8f:7a:3e:89:47:22:a7:54:03:6d:d2:a2:fe:
ab:70:a2:19:c6:93:40:2d:96:a4:0a:50:e7:0b:e7:4d:96:4e:
24:c8:45:c7:6d:d0:4d:cc:69:4c:b3:74:a7:63:6f:70:03:ea:
13:fb:55:1d:6b:11:3c:54:f6:f9:44:56:d7:c8:74:b1:7e:bb:
35:82:8a:28:e5:4b:9d:18:ce:99:59:93:c9:a7:25:e0:c6:f0:
99:8d:75:16:be:8f:a1:53:d2:12:d0:a1:2b:e2:b0:2a:ba:e5:
7f:c3:d5:aa:36:7b:91:49:dd:81:05:69:25:71:b9:75:47:d4:
4a:6e:92:8a:eb:84:c3:f8:29:0d:49:b2:11:ea:17:3a:09:79:
88:2f:63:3e:58:6b:19:1e:bc:b1:6b:85:9e:28:ae:6d:ee:66:
1f:18:cc:56:bb:2d:92:59:c3:a4:17:6f:1b:1c:86:70:89:f6:
c7:ae:8b:ba:f6:fc:92:64:5d:49:52:5f:fc:19:ad:09:6d:4f:
72:9d:55:91:13:b0:29:ce:8e:fc:a0:a8:5d:ac:e5:fa:f5:03:
2e:b7:57:5f:26:01:c2:ad:09:5a:74:88:61:46:38:0a:ac:d8:
28:5f:5e:e7:cf:c7:ec:4e:d8:50:eb:f9:32:63:15:1d:c3:d6:
cc:5f:90:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU/fIE5plPnbu4Vvs0OQ5wAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIzMTQ1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTVkZGFjOWMzOTFiNmFmZjkzMzNjMTcxMDA5Nzk3YmE2ZmYzZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcLqgtc7Mhslg7Na16flet+QtwqH
+EaM23fbWU/A/kvEgg7h5Mb4An3u6hvSQQfWjQF0e9HwBpBkWpwL3NyqVFUWK03x
jekl5tKWtOOyOVdJNU9mdwYe40uFcerr6iUNF5KmmLKu44lAAIJRrZIJmj75S0O9
zZPjtl++EzQFzzBrt3bhDPYi10BPcRgdweQ/o4PLr2Yvvz/dVfcmwkJk5Ew8B84P
vMZfQIBj/KdQ8VDxRqZrvKBE153Nr/hQX6oQ4TpU0uLYnXawPjChxgCpQIIZxl9K
wD8tRisxokJ/1nXpy/GdkW7DpDkleixPpzgOqB0zLq9BWo8x/UQWk4N6TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFd2snDkbav+TM8FxAJeXum/z+1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc1YzYXljT1J0cV81TXp3WEVBbDVlNmJfUDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlegMA0G
CSqGSIb3DQEBCwUAA4IBAQAZF/1vTo96PolHIqdUA23Sov6rcKIZxpNALZakClDn
C+dNlk4kyEXHbdBNzGlMs3SnY29wA+oT+1UdaxE8VPb5RFbXyHSxfrs1gooo5Uud
GM6ZWZPJpyXgxvCZjXUWvo+hU9IS0KEr4rAquuV/w9WqNnuRSd2BBWklcbl1R9RK
bpKK64TD+CkNSbIR6hc6CXmIL2M+WGsZHryxa4WeKK5t7mYfGMxWuy2SWcOkF28b
HIZwifbHrou69vySZF1JUl/8Ga0JbU9ynVWRE7Apzo78oKhdrOX69QMut1dfJgHC
rQladIhhRjgKrNgoX17nz8fsTthQ6/kyYxUdw9bMX5Ck
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org