Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v_qJO6YZuGJFR7fnjD30IDmWnGI.roa
File: v_qJO6YZuGJFR7fnjD30IDmWnGI.roa (raw, json)
Hash identifier: gQOTwkF5DuQcibddmewI7oWCg1YEPX0VT0ZKjtFnAt8=
Subject key identifier: BF:FA:89:3B:A6:19:B8:62:45:47:B7:E7:8C:3D:F4:20:39:96:9C:62
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018519BB2D52A1EF8179ADF18C55EEC506F2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v_qJO6YZuGJFR7fnjD30IDmWnGI.roa
Signing time: Fri 16 Dec 2022 06:59:35 +0000
ROA not before: Fri 16 Dec 2022 06:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:19:bb:2d:52:a1:ef:81:79:ad:f1:8c:55:ee:c5:06:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 16 06:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bffa893ba619b8624547b7e78c3df42039969c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f9:d1:6d:92:d9:a2:8d:ce:1a:f2:84:9a:39:
f3:89:ea:0f:b9:6a:0c:df:06:31:fd:fc:31:50:89:
01:99:3b:16:72:aa:ae:84:f4:b5:4f:87:d8:89:ff:
6b:0d:4b:d8:4f:8c:95:90:6d:f8:12:72:5b:50:b6:
06:a7:16:a7:54:a4:cf:b4:1c:ed:72:1f:9f:86:ec:
7c:5c:31:9e:2c:a0:8b:e0:80:53:10:15:b1:a2:1f:
7e:77:ef:b4:97:12:3b:40:ab:70:c3:a0:f6:82:55:
38:37:5a:02:64:8b:ca:c1:20:cc:0f:5d:6d:0c:af:
31:87:9d:a9:2d:04:55:3c:dd:3f:96:61:58:fb:e5:
c5:7e:25:bd:48:90:24:c4:86:07:bb:e4:04:de:c6:
4b:92:36:e1:8c:da:f0:52:61:92:e4:87:f8:7a:42:
1c:47:32:fb:c6:d3:ff:68:f7:98:88:d4:c6:3a:23:
33:6d:93:14:92:69:60:6f:30:cc:11:48:ee:ba:b5:
1f:83:10:0e:3e:1e:e6:8e:ed:15:3e:91:a3:33:a2:
a5:30:7b:ae:88:07:d4:18:a4:8b:35:f7:69:ec:7d:
b5:52:54:6b:71:a9:1b:fe:e0:6c:a8:93:4a:d7:c2:
ec:43:df:8b:3b:aa:ba:3d:c0:7f:db:70:92:da:46:
54:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FA:89:3B:A6:19:B8:62:45:47:B7:E7:8C:3D:F4:20:39:96:9C:62
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v_qJO6YZuGJFR7fnjD30IDmWnGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.47.0/24
193.124.125.0/24
194.87.37.0/24
194.87.162.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
35:f2:4a:74:03:1a:60:08:c5:c2:8d:ad:66:d7:74:30:e9:d7:
75:87:8a:65:16:e5:95:f4:8e:ef:ca:50:65:cd:6d:84:9f:d3:
be:25:d4:a1:e4:49:e6:b6:69:2c:47:fc:a6:9f:9c:1a:e6:c2:
0d:99:a9:28:30:a1:c9:25:52:90:bf:e0:f9:97:22:f0:01:79:
02:bb:b1:30:2b:6d:7c:63:73:02:41:d0:64:29:18:9c:6d:20:
a5:70:41:ae:e7:8d:28:08:39:5f:cf:17:be:21:a9:49:0a:54:
4c:ee:9a:e9:7f:6f:e8:61:e0:cb:f8:95:d5:90:31:2d:40:4b:
cf:c9:d2:a9:49:18:82:66:fa:2b:e7:f5:3d:f2:1c:25:ce:12:
d4:fe:fd:07:e9:ed:3e:03:0f:50:d2:fd:e7:46:01:46:44:e3:
eb:0c:63:18:06:ac:46:a3:60:80:cc:35:12:f2:87:44:5f:54:
41:19:eb:fa:8e:19:1c:7b:bc:10:dc:c8:60:2f:5c:8c:23:35:
9b:d9:1b:7b:5b:0e:4d:c0:ea:1e:1e:07:46:5f:88:b4:18:58:
6f:32:56:aa:b9:c3:08:02:6e:35:d2:3d:6d:a5:94:8d:77:19:
cc:a5:36:f7:2e:f4:68:15:d4:30:08:69:f3:17:c9:10:93:d7:
b1:1d:04:9a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYUZuy1Soe+Bea3xjFXuxQbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE2MDY1OTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmZhODkzYmE2MTliODYyNDU0N2I3ZTc4YzNkZjQyMDM5OTY5YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPnRbZLZoo3OGvKEmjnzieoPuWoM
3wYx/fwxUIkBmTsWcqquhPS1T4fYif9rDUvYT4yVkG34EnJbULYGpxanVKTPtBzt
ch+fhux8XDGeLKCL4IBTEBWxoh9+d++0lxI7QKtww6D2glU4N1oCZIvKwSDMD11t
DK8xh52pLQRVPN0/lmFY++XFfiW9SJAkxIYHu+QE3sZLkjbhjNrwUmGS5If4ekIc
RzL7xtP/aPeYiNTGOiMzbZMUkmlgbzDMEUjuurUfgxAOPh7mju0VPpGjM6KlMHuu
iAfUGKSLNfdp7H21UlRrcakb/uBsqJNK18LsQ9+LO6q6PcB/23CS2kZUKQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL/6iTumGbhiRUe354w99CA5lpxiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdl9xSk82WVp1R0pGUjdmbmpEMzBJRG1XbkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwEAwQA
wXwvAwQAwXx9AwQAwlclAwQAwleiAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUA
A4IBAQA18kp0AxpgCMXCja1m13Qw6dd1h4plFuWV9I7vylBlzW2En9O+JdSh5Enm
tmksR/ymn5wa5sINmakoMKHJJVKQv+D5lyLwAXkCu7EwK218Y3MCQdBkKRicbSCl
cEGu540oCDlfzxe+IalJClRM7prpf2/oYeDL+JXVkDEtQEvPydKpSRiCZvor5/U9
8hwlzhLU/v0H6e0+Aw9Q0v3nRgFGROPrDGMYBqxGo2CAzDUS8odEX1RBGev6jhkc
e7wQ3MhgL1yMIzWb2Rt7Ww5NwOoeHgdGX4i0GFhvMlaqucMIAm410j1tpZSNdxnM
pTb3LvRoFdQwCGnzF8kQk9exHQSa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org