Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uxjePjaEQKhKUj_A4sAbvU0UZPg.roa
File: uxjePjaEQKhKUj_A4sAbvU0UZPg.roa (raw, json)
Hash identifier: Fs1mccGbQtcFNy1bt+8nURqoNgjK3i4kTPxxagB1lFM=
Subject key identifier: BB:18:DE:3E:36:84:40:A8:4A:52:3F:C0:E2:C0:1B:BD:4D:14:64:F8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018291C5499BD68C945BDF6B97DAE5BB0252
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uxjePjaEQKhKUj_A4sAbvU0UZPg.roa
Signing time: Fri 12 Aug 2022 11:16:41 +0000
ROA not before: Fri 12 Aug 2022 11:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 194.87.222.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:91:c5:49:9b:d6:8c:94:5b:df:6b:97:da:e5:bb:02:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 12 11:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb18de3e368440a84a523fc0e2c01bbd4d1464f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:36:d1:30:74:f9:87:1e:37:3e:4c:21:c3:07:
0d:0f:b1:6b:3b:79:9b:f5:20:aa:b8:db:ae:c4:0a:
f3:2b:f0:6c:ed:67:2e:dd:aa:bd:7f:c1:74:5b:18:
26:43:53:e5:dd:f4:cb:66:13:4c:f9:0d:c4:92:3c:
54:89:2a:f4:6d:74:40:9c:47:23:fc:86:cc:dc:40:
fa:cc:0e:b6:9d:5b:d6:6e:d7:95:2c:ca:ce:45:1d:
b4:c6:3d:a1:63:1a:79:3d:c6:21:23:52:35:e5:73:
59:1a:b1:ff:77:64:62:88:72:de:7c:ed:42:55:ab:
f0:75:e2:4b:48:a1:aa:c7:62:81:29:4e:76:b2:5e:
1a:a8:50:57:4f:b0:27:bf:b5:6e:5c:81:ce:f2:8d:
bd:ce:7b:34:48:f9:9e:4f:39:25:98:f2:8a:00:9c:
f2:5a:71:77:97:d8:4f:56:a2:22:47:39:ff:3d:7c:
be:64:1c:19:bb:a1:54:9c:75:ab:9c:7a:2e:2f:84:
93:1c:ec:87:88:02:2b:89:14:46:21:2d:ee:43:0f:
fe:1e:51:d8:91:85:c5:f0:92:f6:03:8a:ea:26:df:
8e:43:a5:e6:65:e4:98:37:38:3f:ba:1c:aa:49:54:
b3:42:bb:c4:73:be:76:bc:ca:ea:3d:55:96:74:c3:
49:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:18:DE:3E:36:84:40:A8:4A:52:3F:C0:E2:C0:1B:BD:4D:14:64:F8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uxjePjaEQKhKUj_A4sAbvU0UZPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.33.0/24
194.87.119.0/24
194.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
28:be:6a:8d:59:98:90:10:9a:f7:72:4f:d0:96:a8:ac:20:f3:
97:47:43:28:50:2f:35:45:d5:1b:6a:ea:62:df:7f:3b:2e:6c:
4c:57:51:1a:3f:e9:f4:7d:f8:43:e0:60:e5:19:61:ed:97:00:
ba:82:10:72:cd:55:4c:6b:24:d4:ef:05:7d:99:16:c7:dd:b7:
26:2a:49:f3:12:7c:13:b8:a4:4d:ad:ba:74:ac:eb:0c:33:62:
99:7a:c4:bd:82:91:af:f5:79:ed:98:ec:57:15:42:e0:6a:64:
43:52:dc:74:1d:02:2c:1c:09:3e:83:2d:4c:23:09:7f:e5:fd:
2f:7c:8f:76:9d:fe:62:75:bb:bd:04:25:e0:96:3d:a1:7f:20:
e1:f1:33:69:f1:d7:91:1f:8c:2d:5d:be:ab:2a:11:7f:ec:03:
a1:1c:17:03:ac:e6:6e:37:9c:93:56:c8:3f:b0:d1:51:86:46:
bc:4e:09:a8:a3:23:20:04:11:a8:36:94:da:de:0c:ac:9d:2e:
4c:9e:3f:44:c2:c8:bd:bc:96:f3:35:91:9a:97:7b:6f:73:26:
47:f7:79:ff:52:a5:85:e4:ca:4b:e3:bb:ae:fd:9b:bd:c1:97:
8f:72:50:45:ad:b8:b6:1e:82:c5:61:6a:70:82:d2:57:90:76:
b5:5d:13:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKRxUmb1oyUW99rl9rluwJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODEyMTExNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjE4ZGUzZTM2ODQ0MGE4NGE1MjNmYzBlMmMwMWJiZDRkMTQ2NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszbRMHT5hx43PkwhwwcND7FrO3mb
9SCquNuuxArzK/Bs7Wcu3aq9f8F0WxgmQ1Pl3fTLZhNM+Q3EkjxUiSr0bXRAnEcj
/IbM3ED6zA62nVvWbteVLMrORR20xj2hYxp5PcYhI1I15XNZGrH/d2RiiHLefO1C
VavwdeJLSKGqx2KBKU52sl4aqFBXT7Anv7VuXIHO8o29zns0SPmeTzklmPKKAJzy
WnF3l9hPVqIiRzn/PXy+ZBwZu6FUnHWrnHouL4STHOyHiAIriRRGIS3uQw/+HlHY
kYXF8JL2A4rqJt+OQ6XmZeSYNzg/uhyqSVSzQrvEc752vMrqPVWWdMNJKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLsY3j42hECoSlI/wOLAG71NFGT4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdXhqZVBqYUVRS2hLVWpfQTRzQWJ2VTBVWlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlchAwQA
wld3AwQAwlfeMA0GCSqGSIb3DQEBCwUAA4IBAQAovmqNWZiQEJr3ck/QlqisIPOX
R0MoUC81RdUbaupi3387LmxMV1EaP+n0ffhD4GDlGWHtlwC6ghByzVVMayTU7wV9
mRbH3bcmKknzEnwTuKRNrbp0rOsMM2KZesS9gpGv9XntmOxXFULgamRDUtx0HQIs
HAk+gy1MIwl/5f0vfI92nf5idbu9BCXglj2hfyDh8TNp8deRH4wtXb6rKhF/7AOh
HBcDrOZuN5yTVsg/sNFRhka8TgmooyMgBBGoNpTa3gysnS5Mnj9Ewsi9vJbzNZGa
l3tvcyZH93n/UqWF5MpL47uu/Zu9wZePclBFrbi2HoLFYWpwgtJXkHa1XRMu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org