Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wUZ3qxB0iDp8CLzGwZtOCwH2alY.roa
File: wUZ3qxB0iDp8CLzGwZtOCwH2alY.roa (raw, json)
Hash identifier: NIu/l5dVc/X4LP/UyQ8qZ/9I+yu9/Pc0LdSZ5NCw0ps=
Subject key identifier: C1:46:77:AB:10:74:88:3A:7C:08:BC:C6:C1:9B:4E:0B:01:F6:6A:56
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184A8E42AB4E6BD83872DC8B7BE05AEF6BD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wUZ3qxB0iDp8CLzGwZtOCwH2alY.roa
Signing time: Thu 24 Nov 2022 09:07:16 +0000
ROA not before: Thu 24 Nov 2022 09:07:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 194.87.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a8:e4:2a:b4:e6:bd:83:87:2d:c8:b7:be:05:ae:f6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 24 09:07:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c14677ab1074883a7c08bcc6c19b4e0b01f66a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e8:b9:cd:78:a7:b7:5e:e4:53:6f:99:4d:1d:
41:07:ae:12:99:80:d4:07:f6:e9:1f:c2:42:9a:fa:
27:46:50:25:df:83:d7:9a:53:10:c2:a1:f3:b7:77:
52:d6:fa:0d:6a:86:38:20:25:41:26:30:15:8d:ce:
d2:d9:f5:90:dd:b8:d8:cd:f8:0b:7c:83:f6:a0:7c:
0b:0f:79:77:83:61:55:96:b3:61:b6:a7:ee:d9:4f:
58:14:13:2a:89:30:e1:8c:b7:39:ab:e8:a3:b4:9c:
71:32:e1:45:7a:d9:f7:09:5e:57:ed:a6:80:3d:02:
0f:c6:f1:e2:ea:97:cb:bb:e0:f5:59:af:95:ba:fe:
6c:1d:83:8f:60:d7:67:4b:fb:84:04:b1:6f:3a:58:
d0:73:fa:dc:7f:d5:2c:e7:b9:59:0b:1e:54:f1:c2:
c2:0e:1b:7d:be:31:f7:e5:0d:a0:ef:de:1b:00:ea:
66:43:c0:b3:cb:53:02:27:86:d9:dc:73:11:a1:35:
df:0f:c7:2d:8a:d0:f5:40:79:ec:71:e7:44:52:d2:
60:d3:6c:5c:30:bf:fc:aa:f9:6d:10:a0:67:57:2d:
04:1b:b4:77:56:7b:9e:1a:09:fa:6c:9c:82:91:f5:
db:ab:8e:eb:b7:fd:f5:2b:69:b8:fc:60:d8:6e:7c:
a0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:46:77:AB:10:74:88:3A:7C:08:BC:C6:C1:9B:4E:0B:01:F6:6A:56
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wUZ3qxB0iDp8CLzGwZtOCwH2alY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.121.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:00:60:d3:89:b5:e3:71:4b:46:72:6e:df:b6:72:6b:03:d0:
4a:cd:50:1a:21:99:e2:cd:5b:49:80:bd:0d:09:56:7b:b8:e9:
5e:7d:8e:a9:b9:82:13:1c:0c:04:02:73:3c:48:ac:79:ce:6d:
36:8d:d9:62:f5:a1:1a:29:b6:5b:a2:7a:e9:81:b8:b0:26:cd:
06:7c:ea:23:ad:b9:f5:39:2a:32:21:1b:24:57:19:ef:d3:90:
6e:43:68:20:51:42:d1:36:77:96:77:6a:ea:62:64:a2:54:4f:
d8:df:b2:7a:0b:e8:89:7b:eb:71:65:e1:1a:68:4a:71:bc:0d:
b9:b3:be:52:54:6e:c3:66:23:ba:2d:25:52:90:c0:18:35:40:
52:f3:7f:43:82:a9:da:54:87:c0:b1:ee:40:98:65:c5:e8:c7:
a0:01:e8:8d:14:2b:50:6f:7a:2d:7a:11:58:b7:df:14:c9:d9:
3f:3c:35:ab:fc:a2:92:88:6e:5c:ba:31:9b:b4:ea:58:d2:fa:
33:2c:a3:86:51:6a:f6:1d:14:98:21:08:5a:48:77:e0:77:1d:
e1:1a:de:55:07:46:16:1e:b2:91:23:3a:87:03:bc:1f:e4:9a:
d3:79:d0:a4:8a:0a:9b:b4:8e:63:6b:1a:59:cc:a2:c7:4c:d0:
eb:0f:72:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSo5Cq05r2Dhy3It74Frva9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTI0MDkwNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQ2NzdhYjEwNzQ4ODNhN2MwOGJjYzZjMTliNGUwYjAxZjY2YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOi5zXint17kU2+ZTR1BB64SmYDU
B/bpH8JCmvonRlAl34PXmlMQwqHzt3dS1voNaoY4ICVBJjAVjc7S2fWQ3bjYzfgL
fIP2oHwLD3l3g2FVlrNhtqfu2U9YFBMqiTDhjLc5q+ijtJxxMuFFetn3CV5X7aaA
PQIPxvHi6pfLu+D1Wa+Vuv5sHYOPYNdnS/uEBLFvOljQc/rcf9Us57lZCx5U8cLC
Dht9vjH35Q2g794bAOpmQ8Czy1MCJ4bZ3HMRoTXfD8ctitD1QHnscedEUtJg02xc
ML/8qvltEKBnVy0EG7R3VnueGgn6bJyCkfXbq47rt/31K2m4/GDYbnygCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFGd6sQdIg6fAi8xsGbTgsB9mpWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd1VaM3F4QjBpRHA4Q0x6R3dadE9Dd0gyYWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwld5MA0G
CSqGSIb3DQEBCwUAA4IBAQAfAGDTibXjcUtGcm7ftnJrA9BKzVAaIZnizVtJgL0N
CVZ7uOlefY6puYITHAwEAnM8SKx5zm02jdli9aEaKbZbonrpgbiwJs0GfOojrbn1
OSoyIRskVxnv05BuQ2ggUULRNneWd2rqYmSiVE/Y37J6C+iJe+txZeEaaEpxvA25
s75SVG7DZiO6LSVSkMAYNUBS839DgqnaVIfAse5AmGXF6MegAeiNFCtQb3otehFY
t98Uydk/PDWr/KKSiG5cujGbtOpY0vozLKOGUWr2HRSYIQhaSHfgdx3hGt5VB0YW
HrKRIzqHA7wf5JrTedCkigqbtI5jaxpZzKLHTNDrD3K7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org