Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/su4mUcA6olrYWwIbKS07a6WlG7g.roa
File: su4mUcA6olrYWwIbKS07a6WlG7g.roa (raw, json)
Hash identifier: A2yEVNs+ibNWurrQOHhD6G2SxQKwf+Y9xexjqbhs6Gw=
Subject key identifier: B2:EE:26:51:C0:3A:A2:5A:D8:5B:02:1B:29:2D:3B:6B:A5:A5:1B:B8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840FE53C5A52F0B7CA9CE45003BEC85476
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/su4mUcA6olrYWwIbKS07a6WlG7g.roa
Signing time: Tue 25 Oct 2022 16:06:32 +0000
ROA not before: Tue 25 Oct 2022 16:06:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.124.226.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
193.124.49.0/24 maxlen: 24
194.87.41.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
212.192.16.0/21 maxlen: 24
194.87.61.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.87.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:e5:3c:5a:52:f0:b7:ca:9c:e4:50:03:be:c8:54:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 16:06:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2ee2651c03aa25ad85b021b292d3b6ba5a51bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:cb:fc:b1:9e:72:02:93:d2:6f:e7:4d:82:
b6:6d:fd:96:a9:8a:6f:b3:56:06:18:5a:76:13:d8:
0f:9a:bc:d0:09:2d:cf:19:f1:9c:d8:11:81:2a:9e:
15:46:05:3e:a8:ca:f0:03:9c:2b:75:00:82:84:9b:
96:4c:e6:b9:f3:32:62:ae:38:07:80:25:c7:58:2f:
ca:77:5a:e6:7e:6d:ac:4e:d5:9f:ed:99:28:e5:37:
54:5b:53:5c:1b:d7:1a:17:fe:69:7f:2b:2b:72:5c:
52:91:f7:f5:f6:80:62:9c:3b:48:f6:2c:d7:91:f0:
e5:33:0e:5b:91:e6:2a:f6:6a:2d:21:f3:90:aa:15:
e0:00:c5:19:49:d2:3d:25:2f:6d:99:43:03:b5:5e:
5c:e1:1d:ef:41:e6:da:9c:5f:41:d7:13:3d:3b:d4:
52:b2:72:d9:1e:6a:40:e9:51:df:e6:18:67:7c:4f:
ce:c9:ff:af:c8:3b:d9:61:07:88:07:83:1b:fe:df:
b6:aa:f1:5d:9f:1a:74:37:a4:ca:e3:be:98:15:43:
61:4b:9b:30:b0:93:a9:fb:af:8c:e3:76:f5:43:b2:
39:d9:96:3b:28:83:df:38:a3:e7:da:ff:dd:4a:d8:
21:91:ae:e8:ba:fe:cf:b1:4d:34:ac:5b:f3:1f:e0:
60:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EE:26:51:C0:3A:A2:5A:D8:5B:02:1B:29:2D:3B:6B:A5:A5:1B:B8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/su4mUcA6olrYWwIbKS07a6WlG7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
193.124.224.0-193.124.226.255
194.87.41.0/24
194.87.61.0/24
194.87.192.0/22
194.135.46.0/24
195.58.56.0/21
195.133.22.0/24
212.192.16.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:2f:bb:cf:1d:af:ee:95:18:0f:66:68:0a:b1:1a:ba:b6:78:
e1:f7:84:8d:43:d0:09:43:21:8c:7a:ac:97:2f:ac:ff:23:a1:
49:ca:32:42:94:24:c3:6c:56:0c:a7:74:b0:e1:78:7b:77:9b:
e8:7c:26:6a:01:21:79:2c:b0:e6:e7:f1:cc:1f:d5:ae:b9:41:
83:7c:23:4a:d1:04:c0:fe:07:a4:6e:3e:1b:02:31:2c:65:6b:
83:ef:05:07:8a:57:7c:dc:41:3f:5c:23:13:c9:7e:3d:67:30:
44:3b:da:7c:5f:f0:d9:33:fe:0c:1d:40:b1:aa:ca:28:c6:b6:
56:90:ae:52:d9:74:f9:fa:db:a2:ab:6e:3e:6a:3d:8f:ca:36:
8d:2f:85:47:17:3a:55:b0:b7:81:e7:4b:16:ab:d9:ee:4c:91:
71:85:59:33:07:fc:5a:4b:82:47:49:88:f2:80:4d:8e:1d:50:
e9:8b:e0:b1:1d:93:6c:a1:c6:26:a7:76:37:2d:54:78:00:75:
7f:59:96:ae:79:21:25:eb:ad:7a:96:be:01:7f:36:5c:cc:36:
4e:55:71:c2:47:7e:63:dd:e3:08:f9:30:e3:ae:3f:46:34:02:
f3:65:77:90:43:e1:32:5f:5c:ff:54:14:9c:23:d6:97:23:1b:
cb:83:92:a1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYQP5TxaUvC3ypzkUAO+yFR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MTYwNjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVlMjY1MWMwM2FhMjVhZDg1YjAyMWIyOTJkM2I2YmE1YTUxYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAfL/LGecgKT0m/nTYK2bf2WqYpv
s1YGGFp2E9gPmrzQCS3PGfGc2BGBKp4VRgU+qMrwA5wrdQCChJuWTOa58zJirjgH
gCXHWC/Kd1rmfm2sTtWf7Zko5TdUW1NcG9caF/5pfysrclxSkff19oBinDtI9izX
kfDlMw5bkeYq9motIfOQqhXgAMUZSdI9JS9tmUMDtV5c4R3vQebanF9B1xM9O9RS
snLZHmpA6VHf5hhnfE/Oyf+vyDvZYQeIB4Mb/t+2qvFdnxp0N6TK476YFUNhS5sw
sJOp+6+M43b1Q7I52ZY7KIPfOKPn2v/dStghka7ouv7PsU00rFvzH+BgfQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLLuJlHAOqJa2FsCGyktO2ulpRu4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc3U0bVVjQTZvbHJZV3dJYktTMDdhNldsRzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAwXwxMAwD
BAXBfOADBADBfOIDBADCVykDBADCVz0DBALCV8ADBADChy4DBAPDOjgDBADDhRYD
BAPUwBAwDQYJKoZIhvcNAQELBQADggEBAA4vu88dr+6VGA9maAqxGrq2eOH3hI1D
0AlDIYx6rJcvrP8joUnKMkKUJMNsVgyndLDheHt3m+h8JmoBIXkssObn8cwf1a65
QYN8I0rRBMD+B6RuPhsCMSxla4PvBQeKV3zcQT9cIxPJfj1nMEQ72nxf8Nkz/gwd
QLGqyijGtlaQrlLZdPn626Krbj5qPY/KNo0vhUcXOlWwt4HnSxar2e5MkXGFWTMH
/FpLgkdJiPKATY4dUOmL4LEdk2yhxiandjctVHgAdX9Zlq55ISXrrXqWvgF/NlzM
Nk5VccJHfmPd4wj5MOOuP0Y0AvNld5BD4TJfXP9UFJwj1pcjG8uDkqE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org