Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u0qx-HIl97XRlrSC3PXIqP5Agow.roa
File: u0qx-HIl97XRlrSC3PXIqP5Agow.roa (raw, json)
Hash identifier: /bvVF76+yl+UHFDJtPCiIeDqH1p77rA/U+bs7fsEUEQ=
Subject key identifier: BB:4A:B1:F8:72:25:F7:B5:D1:96:B4:82:DC:F5:C8:A8:FE:40:82:8C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182F7E2F6D06E50AA14EDAA598C7D819E7D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u0qx-HIl97XRlrSC3PXIqP5Agow.roa
Signing time: Thu 01 Sep 2022 07:10:22 +0000
ROA not before: Thu 01 Sep 2022 07:10:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399471
IP address blocks: 195.133.76.0/24 maxlen: 24
212.193.29.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
212.192.216.0/22 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.244.0/22 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f7:e2:f6:d0:6e:50:aa:14:ed:aa:59:8c:7d:81:9e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 1 07:10:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb4ab1f87225f7b5d196b482dcf5c8a8fe40828c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:71:27:42:7d:6c:04:17:a7:0c:67:a3:45:4d:
35:49:b7:4d:25:12:59:1a:ab:be:43:76:be:1e:bb:
b4:1f:1f:d6:70:56:b7:39:50:8d:b9:1c:9c:62:71:
01:e6:d2:df:1e:1b:b1:84:01:7c:94:4b:00:a7:73:
81:d0:d5:40:67:d0:c5:f3:d6:97:cc:84:8b:f6:af:
7e:b7:52:54:1e:f4:65:15:7e:40:34:75:19:50:82:
f4:5b:9f:8d:14:cf:4b:38:49:73:ef:20:8f:35:ac:
f5:50:09:67:a2:52:84:6e:df:8c:9d:c6:1f:10:c9:
08:a5:8b:34:50:c4:86:a6:90:6f:8f:c6:28:be:9e:
3b:6a:84:83:b9:23:ae:e4:cb:0f:74:f6:5a:bd:61:
b4:91:e5:8a:b2:3e:ee:f4:fc:49:c4:0a:95:d0:7e:
2e:cf:00:83:7e:74:2a:73:4e:db:be:a4:cd:12:ce:
1a:9d:0c:ca:7f:79:2c:32:7a:de:d1:05:5d:26:92:
86:e3:89:20:8c:1c:de:28:31:d3:ac:dc:c5:51:5b:
48:ec:37:8b:9b:70:33:92:52:52:96:fc:e0:30:f4:
8c:da:d2:58:09:f4:60:c0:c0:bd:86:c9:aa:28:63:
0d:0d:b4:9e:3c:0f:b8:97:02:a1:96:5c:58:f2:58:
64:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4A:B1:F8:72:25:F7:B5:D1:96:B4:82:DC:F5:C8:A8:FE:40:82:8C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u0qx-HIl97XRlrSC3PXIqP5Agow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.85.248.0/24
194.85.250.0/24
194.87.32.0/24
194.87.35.0/24
194.87.82.0/24
194.87.149.0/24
194.87.161.0/24
194.87.227.0/24
195.133.15.0/24
195.133.39.0/24
195.133.76.0/24
212.192.11.0/24
212.192.216.0/22
212.192.244.0/22
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:b3:94:75:de:5a:5f:df:5b:7a:da:b2:87:e6:b7:9f:cd:a3:
42:35:4c:a9:64:6f:81:28:c9:70:c2:44:03:14:07:cd:c3:e8:
4d:7a:d0:a3:eb:3f:28:f4:e6:41:bd:46:d8:42:a5:0d:f3:8f:
c2:17:f0:f9:60:3f:12:33:81:bd:92:87:10:27:70:57:62:94:
6d:7c:37:9a:37:07:b2:3f:1e:ce:38:6c:d2:a8:44:f2:ed:20:
8b:20:e1:cf:4d:17:7a:ec:34:b1:4e:ba:2b:b0:1e:f5:d6:32:
58:33:d4:69:36:08:e3:36:27:46:85:42:7a:37:f7:6e:86:dc:
b9:03:ec:c0:9f:65:c4:e9:10:a4:66:53:bc:c1:9d:06:23:f9:
cf:b9:36:81:34:10:34:c0:5d:f5:e6:1f:ae:f4:e2:09:19:22:
24:84:43:36:f2:18:cc:84:bb:5e:0b:57:e9:4a:e0:eb:a6:f9:
65:5b:cf:34:f4:d6:d8:6b:9d:d5:c5:ff:6b:a6:62:62:5b:a6:
bb:16:0c:8e:f5:96:3a:d0:e5:a3:ee:94:00:55:a9:03:a4:b7:
0d:00:de:2b:5b:99:4d:b5:d0:c5:ee:96:ce:a7:43:f8:f1:71:
35:b9:7c:7a:8e:0a:2d:70:99:d3:d6:41:5f:f3:ba:9c:cf:90:
24:ce:4d:20
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYL34vbQblCqFO2qWYx9gZ59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTAxMDcxMDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRhYjFmODcyMjVmN2I1ZDE5NmI0ODJkY2Y1YzhhOGZlNDA4MjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3EnQn1sBBenDGejRU01SbdNJRJZ
Gqu+Q3a+Hru0Hx/WcFa3OVCNuRycYnEB5tLfHhuxhAF8lEsAp3OB0NVAZ9DF89aX
zISL9q9+t1JUHvRlFX5ANHUZUIL0W5+NFM9LOElz7yCPNaz1UAlnolKEbt+MncYf
EMkIpYs0UMSGppBvj8Yovp47aoSDuSOu5MsPdPZavWG0keWKsj7u9PxJxAqV0H4u
zwCDfnQqc07bvqTNEs4anQzKf3ksMnre0QVdJpKG44kgjBzeKDHTrNzFUVtI7DeL
m3AzklJSlvzgMPSM2tJYCfRgwMC9hsmqKGMNDbSePA+4lwKhllxY8lhkbQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFLtKsfhyJfe10Za0gtz1yKj+QIKMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdTBxeC1ISWw5N1hSbHJTQzNQWElxUDVBZ293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAwXzLAwQA
wlX4AwQAwlX6AwQAwlcgAwQAwlcjAwQAwldSAwQAwleVAwQAwlehAwQAwlfjAwQA
w4UPAwQAw4UnAwQAw4VMAwQA1MALAwQC1MDYAwQC1MD0AwQA1MEdMA0GCSqGSIb3
DQEBCwUAA4IBAQAds5R13lpf31t62rKH5refzaNCNUypZG+BKMlwwkQDFAfNw+hN
etCj6z8o9OZBvUbYQqUN84/CF/D5YD8SM4G9kocQJ3BXYpRtfDeaNweyPx7OOGzS
qETy7SCLIOHPTRd67DSxTrorsB711jJYM9RpNgjjNidGhUJ6N/duhty5A+zAn2XE
6RCkZlO8wZ0GI/nPuTaBNBA0wF315h+u9OIJGSIkhEM28hjMhLteC1fpSuDrpvll
W8809NbYa53Vxf9rpmJiW6a7FgyO9ZY60OWj7pQAVakDpLcNAN4rW5lNtdDF7pbO
p0P48XE1uXx6jgotcJnT1kFf87qcz5Akzk0g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:13 2023 by rpki-client on console-fra.rpki-client.org