Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sst4sKTidNagU4CGBTeNBjdj5CI.roa
File: sst4sKTidNagU4CGBTeNBjdj5CI.roa (raw, json)
Hash identifier: sThBXC5jGCm9HtvKFBFxBUjRvaba2K5aYkQQg0dhuK8=
Subject key identifier: B2:CB:78:B0:A4:E2:74:D6:A0:53:80:86:05:37:8D:06:37:63:E4:22
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018456BE0370CBD17089904E131DE1ED1FCB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sst4sKTidNagU4CGBTeNBjdj5CI.roa
Signing time: Tue 08 Nov 2022 10:16:44 +0000
ROA not before: Tue 08 Nov 2022 10:16:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.75.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:be:03:70:cb:d1:70:89:90:4e:13:1d:e1:ed:1f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 10:16:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2cb78b0a4e274d6a053808605378d063763e422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5e:0f:e4:59:d8:5c:b8:09:84:9c:24:c8:26:
86:e5:42:75:86:ea:79:7d:3f:7f:b2:c4:be:2c:60:
f4:23:5a:37:4e:04:70:16:80:a7:0e:33:b1:76:cf:
34:f3:de:f9:68:35:b1:ed:43:bb:e7:9e:4c:36:25:
72:05:c4:f9:49:ab:00:c3:cb:de:ac:37:83:f8:36:
ea:87:67:b8:af:71:0d:2e:ab:f8:63:66:77:ef:bc:
d4:3b:59:91:38:89:66:cd:03:17:9c:c0:16:59:2d:
25:df:0c:74:10:fe:6a:c0:51:80:61:ac:7f:c1:32:
55:9a:e8:28:c7:17:74:bc:04:ab:43:3f:c4:8b:f2:
c6:a5:1f:8d:6a:40:91:69:9c:c4:03:16:1a:7f:b9:
b1:20:6b:74:6e:23:ba:e2:0e:8c:68:6d:56:af:ff:
0b:03:87:1b:1d:c2:cf:92:d0:d4:a7:a4:69:0b:7f:
6c:7c:96:65:18:92:b2:34:fa:6a:40:a1:12:f6:4b:
52:91:7a:40:07:82:dd:5a:55:5d:80:9c:a5:b5:b3:
d4:09:49:b5:52:06:c3:a4:34:a1:5a:f4:d5:b6:19:
8b:77:04:ee:1d:b5:32:24:a3:bf:2a:8a:a3:d0:78:
ec:9f:93:e6:3e:b1:9c:c3:30:7f:23:18:15:a7:14:
9e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CB:78:B0:A4:E2:74:D6:A0:53:80:86:05:37:8D:06:37:63:E4:22
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sst4sKTidNagU4CGBTeNBjdj5CI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
192.124.188.0/24
193.124.41.0/24
193.124.91.0/24
193.124.93.0-193.124.95.255
193.124.227.0/24
194.58.39.0/24
194.58.58.0/24
194.58.60.0/23
194.85.249.0/24
194.85.251.0/24
194.87.187.0/24
194.87.190.0/24
195.58.59.0/24
195.58.62.0/24
195.133.13.0-195.133.14.255
195.133.29.0/24
195.133.31.0/24
195.133.37.0/24
195.133.39.0-195.133.43.255
195.133.75.0/24
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
23:84:cb:ae:f6:1e:7e:ed:e0:f8:3a:c5:2a:4a:ca:14:26:06:
76:80:fd:a7:63:a8:b2:68:cc:14:36:ce:2f:60:71:77:0b:d7:
c6:78:97:f0:18:9f:33:8e:1e:9a:a5:f8:53:c8:b6:94:e7:fb:
e1:c1:75:78:c7:1b:f3:ca:9e:cd:af:7a:a5:6a:e8:21:4e:c9:
ab:f8:fd:77:f8:52:86:22:d0:70:f1:5a:fd:5a:f2:4a:96:db:
05:f2:67:02:97:ce:87:95:e8:8d:6c:86:7f:ca:0a:46:16:a9:
89:bd:7e:fb:d5:c2:df:93:dc:0d:70:bf:1e:7e:ec:a7:2b:e8:
34:96:bb:c4:78:6a:01:f5:5c:56:19:a9:ae:0c:e2:49:e4:04:
8f:f5:8b:00:14:f8:3a:fa:24:80:fd:a9:c7:4d:50:af:3c:54:
a0:80:42:12:1e:ef:f7:04:24:17:15:3e:66:ee:0a:26:be:55:
47:4b:27:0b:e0:9c:a2:c3:e5:30:ac:85:5c:91:05:76:cb:eb:
d1:ce:09:3e:36:6c:d3:a5:2d:29:47:5f:6c:f4:4e:5b:76:79:
1b:b5:95:6c:2e:0b:64:47:d4:b8:bb:72:59:fe:7f:45:09:44:
58:90:dc:cd:8d:74:b7:5e:ed:a4:db:fa:9c:9a:3a:5e:a4:91:
74:f8:2d:75
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYRWvgNwy9FwiZBOEx3h7R/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA4MTAxNjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmNiNzhiMGE0ZTI3NGQ2YTA1MzgwODYwNTM3OGQwNjM3NjNlNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l4P5FnYXLgJhJwkyCaG5UJ1hup5
fT9/ssS+LGD0I1o3TgRwFoCnDjOxds808975aDWx7UO7555MNiVyBcT5SasAw8ve
rDeD+Dbqh2e4r3ENLqv4Y2Z377zUO1mROIlmzQMXnMAWWS0l3wx0EP5qwFGAYax/
wTJVmugoxxd0vASrQz/Ei/LGpR+NakCRaZzEAxYaf7mxIGt0biO64g6MaG1Wr/8L
A4cbHcLPktDUp6RpC39sfJZlGJKyNPpqQKES9ktSkXpAB4LdWlVdgJyltbPUCUm1
UgbDpDShWvTVthmLdwTuHbUyJKO/Koqj0Hjsn5PmPrGcwzB/IxgVpxSe0wIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFLLLeLCk4nTWoFOAhgU3jQY3Y+QiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc3N0NHNLVGlkTmFnVTRDR0JUZU5CamRqNUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBADA
fLYDBADAfLwDBADBfCkDBADBfFswDAMEAMF8XQMEBcF8QAMEAMF84wMEAMI6JwME
AMI6OgMEAcI6PAMEAMJV+QMEAMJV+wMEAMJXuwMEAMJXvgMEAMM6OwMEAMM6PjAM
AwQAw4UNAwQAw4UOAwQAw4UdAwQAw4UfAwQAw4UlMAwDBADDhScDBALDhSgDBADD
hUsDBADUwAQDBADUwPADBADUwRwDBADUwR8wDQYJKoZIhvcNAQELBQADggEBACOE
y672Hn7t4Pg6xSpKyhQmBnaA/adjqLJozBQ2zi9gcXcL18Z4l/AYnzOOHpql+FPI
tpTn++HBdXjHG/PKns2veqVq6CFOyav4/Xf4UoYi0HDxWv1a8kqW2wXyZwKXzoeV
6I1shn/KCkYWqYm9fvvVwt+T3A1wvx5+7Kcr6DSWu8R4agH1XFYZqa4M4knkBI/1
iwAU+Dr6JID9qcdNUK88VKCAQhIe7/cEJBcVPmbuCia+VUdLJwvgnKLD5TCshVyR
BXbL69HOCT42bNOlLSlHX2z0Tlt2eRu1lWwuC2RH1Li7cln+f0UJRFiQ3M2NdLde
7aTb+pyaOl6kkXT4LXU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:13 2023 by rpki-client on console-fra.rpki-client.org