Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x1XNXxvwbrDclWeWNlhrTta4T8c.roa
File: x1XNXxvwbrDclWeWNlhrTta4T8c.roa (raw, json)
Hash identifier: NBFM3SzwxSDrDOmgGg+u2aMDNC/oRX+WH2BbfGpw2gw=
Subject key identifier: C7:55:CD:5F:1B:F0:6E:B0:DC:95:67:96:36:58:6B:4E:D6:B8:4F:C7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184ECB516599AAD64C299627EAD19DEE9D5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x1XNXxvwbrDclWeWNlhrTta4T8c.roa
Signing time: Wed 07 Dec 2022 13:10:01 +0000
ROA not before: Wed 07 Dec 2022 13:10:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212609
IP address blocks: 195.58.33.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:b5:16:59:9a:ad:64:c2:99:62:7e:ad:19:de:e9:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 13:10:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c755cd5f1bf06eb0dc95679636586b4ed6b84fc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0c:42:46:24:e1:84:97:c1:4b:27:f7:31:51:
ec:38:ed:3d:03:13:df:3f:b3:62:a7:86:1e:df:87:
56:2c:fb:cf:92:13:1c:43:64:b8:64:24:5e:18:a6:
07:c1:fa:df:a4:e6:69:11:8a:7c:96:7e:ec:fc:f6:
39:5c:d0:40:3f:dc:7f:5f:5c:97:b2:14:5a:d1:ac:
c3:a5:ca:58:1f:8b:78:73:1d:4b:63:2e:d2:8c:ad:
ee:b8:a3:86:8d:ad:ca:80:03:c5:e3:f0:87:e2:f5:
db:67:2b:e0:a7:e9:d0:e9:a8:64:e8:cb:fa:d8:03:
e8:24:d1:37:59:69:bd:35:9b:f7:9f:18:55:86:a7:
f7:7e:c5:dc:73:d8:d1:14:1d:0b:6b:39:c2:77:1b:
c9:80:3b:26:e0:bb:77:0f:8e:b6:10:fd:b2:ca:a3:
63:c9:a1:94:31:7d:53:88:77:a1:de:e7:aa:d4:f1:
50:5e:a2:d4:10:46:67:8d:cd:24:9a:3c:06:5b:2b:
6e:ad:85:ae:4f:3f:a9:37:2a:27:01:4a:8e:bb:19:
e9:9b:3b:9a:4a:f7:96:af:71:63:07:56:04:d0:7b:
13:fc:9f:22:6b:c3:58:f2:c6:c4:3f:df:d0:da:00:
51:0b:a9:10:1f:05:8b:2f:47:fd:2b:4b:67:d9:ae:
93:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:55:CD:5F:1B:F0:6E:B0:DC:95:67:96:36:58:6B:4E:D6:B8:4F:C7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x1XNXxvwbrDclWeWNlhrTta4T8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.206.0/24
195.58.33.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ce:4e:b4:57:99:e7:08:d7:92:77:1f:bd:9d:dc:f2:50:fa:
89:04:6b:76:fc:b4:40:0f:62:18:d5:d8:2a:7b:83:5d:2a:be:
60:6d:81:4a:3b:b9:1a:3a:09:86:d5:46:c2:ed:24:42:94:74:
69:5b:c3:7d:73:40:d3:c1:60:44:98:12:5c:8c:91:ef:5b:5f:
7f:b0:b7:6a:0a:e9:9e:7e:6f:2b:2c:0c:1b:52:42:77:de:da:
c0:2e:70:b7:ed:d0:e2:f5:4d:57:bf:f4:33:18:fc:9a:f2:69:
b8:9b:ef:b6:3a:7c:62:64:c9:46:be:85:72:e4:ac:0c:26:28:
86:3f:53:59:cf:06:52:3d:50:51:14:b2:19:df:ca:96:a4:e8:
31:b0:48:b8:ec:d9:01:c2:45:4b:5a:1c:cf:c3:41:89:21:f5:
b9:18:08:96:a1:81:7c:21:f7:d1:fe:e6:b0:b9:e9:74:95:c1:
03:c6:18:6a:01:c8:25:76:a1:55:bc:7e:c1:b8:fe:61:96:23:
4a:21:0e:d1:be:67:17:84:53:4e:2e:7e:47:78:a5:c8:36:56:
80:69:1f:e6:be:e1:98:06:23:99:cb:7e:53:ee:9f:4f:a4:7c:
8a:2d:98:51:d4:38:90:c4:7d:20:e1:16:d6:82:c0:6c:81:d5:
fa:29:95:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTstRZZmq1kwplifq0Z3unVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA3MTMxMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzU1Y2Q1ZjFiZjA2ZWIwZGM5NTY3OTYzNjU4NmI0ZWQ2Yjg0ZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwxCRiThhJfBSyf3MVHsOO09AxPf
P7Nip4Ye34dWLPvPkhMcQ2S4ZCReGKYHwfrfpOZpEYp8ln7s/PY5XNBAP9x/X1yX
shRa0azDpcpYH4t4cx1LYy7SjK3uuKOGja3KgAPF4/CH4vXbZyvgp+nQ6ahk6Mv6
2APoJNE3WWm9NZv3nxhVhqf3fsXcc9jRFB0LaznCdxvJgDsm4Lt3D462EP2yyqNj
yaGUMX1TiHeh3ueq1PFQXqLUEEZnjc0kmjwGWyturYWuTz+pNyonAUqOuxnpmzua
SveWr3FjB1YE0HsT/J8ia8NY8sbEP9/Q2gBRC6kQHwWLL0f9K0tn2a6TeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMdVzV8b8G6w3JVnljZYa07WuE/HMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveDFYTlh4dndickRjbFdlV05saHJUdGE0VDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXzOAwQA
wzohMA0GCSqGSIb3DQEBCwUAA4IBAQAKzk60V5nnCNeSdx+9ndzyUPqJBGt2/LRA
D2IY1dgqe4NdKr5gbYFKO7kaOgmG1UbC7SRClHRpW8N9c0DTwWBEmBJcjJHvW19/
sLdqCumefm8rLAwbUkJ33trALnC37dDi9U1Xv/QzGPya8mm4m++2OnxiZMlGvoVy
5KwMJiiGP1NZzwZSPVBRFLIZ38qWpOgxsEi47NkBwkVLWhzPw0GJIfW5GAiWoYF8
IffR/uawuel0lcEDxhhqAcgldqFVvH7BuP5hliNKIQ7RvmcXhFNOLn5HeKXINlaA
aR/mvuGYBiOZy35T7p9PpHyKLZhR1DiQxH0g4RbWgsBsgdX6KZVn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org