Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/twff0_vHXYQC4yyoYOrYQRTEyzk.roa
File: twff0_vHXYQC4yyoYOrYQRTEyzk.roa (raw, json)
Hash identifier: +JhwTXKGOKnNRZscLMBB0VkGhFVg0M9OeKc/mltsu8M=
Subject key identifier: B7:07:DF:D3:FB:C7:5D:84:02:E3:2C:A8:60:EA:D8:41:14:C4:CB:39
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182013E829FD501CB38A886535039F9E713
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/twff0_vHXYQC4yyoYOrYQRTEyzk.roa
Signing time: Fri 15 Jul 2022 09:44:10 +0000
ROA not before: Fri 15 Jul 2022 09:44:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:3e:82:9f:d5:01:cb:38:a8:86:53:50:39:f9:e7:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 15 09:44:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b707dfd3fbc75d8402e32ca860ead84114c4cb39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6f:2d:d3:a1:f6:d3:93:22:bf:87:84:96:a9:
e4:d0:98:c5:e3:44:e4:22:eb:1a:5f:c7:f2:4c:a2:
70:3e:19:94:2d:ac:eb:0f:d5:93:bb:f9:71:ae:95:
cd:68:b7:f4:e1:ce:23:ff:3c:68:75:5b:2a:62:3c:
30:88:05:12:64:62:cb:53:5e:20:96:d1:f3:98:b8:
b9:18:f2:61:af:58:82:9b:c4:c4:aa:66:1c:64:2f:
24:b4:32:95:32:eb:d8:4d:bc:31:69:97:f1:38:4c:
af:73:86:0e:02:d8:69:04:08:60:28:09:4f:46:93:
76:12:5a:93:ae:1f:8c:49:25:c9:b2:87:16:1a:f2:
7d:a3:27:f9:f0:9a:ee:80:2d:50:4a:8c:26:c5:68:
09:f5:24:06:dc:7c:f8:be:34:e0:0b:fa:dc:cc:27:
bf:62:42:24:28:d1:42:de:92:7e:a1:31:be:f4:bf:
ff:e5:f6:f4:78:c0:72:73:f9:db:9b:99:45:c1:e7:
90:a0:c6:d4:98:70:b6:7b:12:0e:a5:5e:c5:65:3c:
e0:8b:76:89:21:da:bf:eb:05:32:2f:d7:6e:b6:26:
1e:f0:fa:06:ab:45:48:f2:d0:bc:f6:dd:87:94:e3:
74:87:33:37:e2:85:08:39:51:46:d1:c6:f6:bd:7e:
c5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:07:DF:D3:FB:C7:5D:84:02:E3:2C:A8:60:EA:D8:41:14:C4:CB:39
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/twff0_vHXYQC4yyoYOrYQRTEyzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
195.133.37.0/24
195.133.39.0-195.133.43.255
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
38:f8:2c:03:fc:37:39:84:7c:9b:3d:71:d2:22:cc:33:82:5e:
b3:7c:22:29:ff:43:a0:81:77:e1:5d:33:61:b2:30:89:0c:e8:
e9:6a:4f:3b:02:bf:e9:60:df:60:8d:6e:e2:92:a2:43:f5:dd:
f1:8d:92:81:52:b9:7c:47:b0:cb:b4:b8:31:0d:81:69:22:46:
44:f8:3c:45:50:57:43:ac:93:d9:f6:3c:ca:32:43:62:e5:7e:
47:8e:8c:f3:94:22:4a:0d:fb:1d:2b:c5:07:75:b3:79:75:e6:
ef:38:2e:fb:f1:c4:bc:2e:fa:84:b8:54:a5:cc:44:36:5a:64:
1d:ae:31:fd:7f:7b:f0:69:55:f7:cc:d1:85:47:cd:33:7e:14:
82:39:1b:10:32:c0:61:b7:2b:74:69:ee:42:f6:30:c1:fe:c7:
23:04:b0:0c:e8:80:36:9f:4a:12:57:ac:55:c7:b5:5c:59:50:
c8:d5:85:9e:94:b2:b6:a5:81:80:2d:41:07:00:01:e9:dc:8f:
27:c3:c6:08:eb:62:f6:d3:c4:ab:09:92:18:fd:c1:d0:2e:f1:
53:53:51:0d:b7:aa:82:f7:a9:78:d4:29:fa:bd:b0:07:e8:2d:
00:be:08:9a:71:bc:33:47:4c:85:01:46:97:37:d2:54:ce:6c:
83:d6:c4:67
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYIBPoKf1QHLOKiGU1A5+ecTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzE1MDk0NDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA3ZGZkM2ZiYzc1ZDg0MDJlMzJjYTg2MGVhZDg0MTE0YzRjYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW8t06H205Miv4eElqnk0JjF40Tk
IusaX8fyTKJwPhmULazrD9WTu/lxrpXNaLf04c4j/zxodVsqYjwwiAUSZGLLU14g
ltHzmLi5GPJhr1iCm8TEqmYcZC8ktDKVMuvYTbwxaZfxOEyvc4YOAthpBAhgKAlP
RpN2ElqTrh+MSSXJsocWGvJ9oyf58JrugC1QSowmxWgJ9SQG3Hz4vjTgC/rczCe/
YkIkKNFC3pJ+oTG+9L//5fb0eMByc/nbm5lFweeQoMbUmHC2exIOpV7FZTzgi3aJ
Idq/6wUyL9dutiYe8PoGq0VI8tC89t2HlON0hzM34oUIOVFG0cb2vX7FTQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLcH39P7x12EAuMsqGDq2EEUxMs5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdHdmZjBfdkhYWVFDNHl5b1lPcllRUlRFeXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAwXzjAwQA
wlX5AwQAwlX7AwQAw4UlMAwDBADDhScDBALDhSgDBADUwPADBADUwRwDBADUwR8w
DQYJKoZIhvcNAQELBQADggEBADj4LAP8NzmEfJs9cdIizDOCXrN8Iin/Q6CBd+Fd
M2GyMIkM6OlqTzsCv+lg32CNbuKSokP13fGNkoFSuXxHsMu0uDENgWkiRkT4PEVQ
V0Osk9n2PMoyQ2LlfkeOjPOUIkoN+x0rxQd1s3l15u84LvvxxLwu+oS4VKXMRDZa
ZB2uMf1/e/BpVffM0YVHzTN+FII5GxAywGG3K3Rp7kL2MMH+xyMEsAzogDafShJX
rFXHtVxZUMjVhZ6UsralgYAtQQcAAencjyfDxgjrYvbTxKsJkhj9wdAu8VNTUQ23
qoL3qXjUKfq9sAfoLQC+CJpxvDNHTIUBRpc30lTObIPWxGc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org