Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xfGG9uh8vXHuEpP9Ir8tt1rdrkE.roa
File: xfGG9uh8vXHuEpP9Ir8tt1rdrkE.roa (raw, json)
Hash identifier: 3fEBUNlE0miXFXegzBH5l3mu7J3f0x3cd0Jyrtoi+4o=
Subject key identifier: C5:F1:86:F6:E8:7C:BD:71:EE:12:93:FD:22:BF:2D:B7:5A:DD:AE:41
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0F5A7413
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xfGG9uh8vXHuEpP9Ir8tt1rdrkE.roa
Signing time: Mon 04 Apr 2022 14:08:38 +0000
ROA not before: Mon 04 Apr 2022 14:08:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 193.124.8.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 257586195 (0xf5a7413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 4 14:08:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5f186f6e87cbd71ee1293fd22bf2db75addae41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:80:32:1a:b8:30:80:f8:e4:6f:f2:4e:e6:f9:
6b:13:46:7f:e1:fb:91:60:a7:dd:39:7f:1a:76:d4:
8c:5e:b7:17:b4:d9:a2:dc:e9:e2:a5:0c:41:56:39:
d1:57:b3:62:d5:74:5e:e1:76:2d:ba:87:c8:c3:cb:
41:e8:f7:18:27:0d:06:03:29:82:ee:bb:5b:bd:c4:
df:b2:02:2a:55:b4:bc:b5:1b:23:b3:0a:a8:fa:1c:
06:04:74:ab:fe:d4:59:51:de:38:6c:85:bc:fc:44:
02:4a:89:f0:de:75:47:62:d6:1e:f9:c1:c0:94:9e:
d9:b8:9c:fd:03:b1:4c:87:c1:d0:1b:7d:95:7f:b0:
9e:34:9d:df:05:99:7d:05:ce:8e:0f:c9:0d:e2:ad:
e6:b5:ce:49:a9:68:d1:ff:51:be:78:54:5f:c1:0c:
17:e5:85:81:b9:a6:3c:7c:26:b8:f0:8c:35:55:c3:
71:eb:03:91:77:b8:9a:d8:6e:ad:e2:36:66:38:27:
61:0e:37:ca:38:89:cc:8b:b6:0e:df:9c:84:73:e0:
33:6e:74:65:a1:0f:33:cd:44:69:2a:6e:d1:0d:11:
e0:06:ad:ae:53:09:df:5a:b3:6e:67:7e:19:47:75:
f5:9e:27:af:65:66:6b:ae:53:4d:e1:28:84:79:62:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F1:86:F6:E8:7C:BD:71:EE:12:93:FD:22:BF:2D:B7:5A:DD:AE:41
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xfGG9uh8vXHuEpP9Ir8tt1rdrkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.8.0/24
194.87.182.0/24
194.87.252.0/24
194.135.23.0/24
195.133.193.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bc:5d:87:ef:83:7b:6c:de:0e:2e:f5:fa:11:e1:78:1b:69:
e3:14:5a:58:eb:a1:9b:5f:c8:c6:e1:40:29:bc:a6:dd:f7:75:
db:52:ea:cd:bf:b9:32:82:6c:fa:74:72:6a:54:30:2a:3a:19:
ec:36:0d:07:a6:96:66:92:6d:af:03:60:b4:f7:31:93:de:0a:
bd:57:57:0d:ba:bb:60:5c:a7:e0:5e:bc:6d:09:7e:9e:14:4f:
4b:76:a2:42:a9:84:ca:8d:46:6d:42:3c:d4:6d:01:a4:be:82:
ad:bd:f8:a7:3c:2a:8e:26:88:29:01:b0:31:a0:1a:f8:8b:fb:
8b:ec:25:e0:3f:4d:7b:5d:00:8c:37:9f:62:7c:c5:77:11:38:
ea:56:91:6c:dc:e6:6a:1e:ca:9f:cf:f7:39:4f:bc:66:a8:ff:
ba:ca:d7:35:29:ea:4d:46:d2:16:14:d5:9c:54:fc:6c:ce:59:
bb:4f:37:cf:b4:1a:fd:3b:3e:84:3b:fe:46:c9:b8:6b:c7:1e:
3e:5b:de:e7:2f:82:ed:86:82:6e:0b:de:6f:ec:41:55:b2:00:
22:fd:c4:28:ac:d4:8b:fc:f7:e8:3b:a0:62:45:04:49:41:52:
bf:08:a3:0f:21:4c:da:59:c4:47:a1:5a:26:15:89:cb:af:e4:
52:47:b0:54
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIED1p0EzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDQw
NDE0MDgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVmMTg2ZjZlODdj
YmQ3MWVlMTI5M2ZkMjJiZjJkYjc1YWRkYWU0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeAMhq4MID45G/yTub5axNGf+H7kWCn3Tl/GnbUjF63F7TZ
otzp4qUMQVY50VezYtV0XuF2LbqHyMPLQej3GCcNBgMpgu67W73E37ICKlW0vLUb
I7MKqPocBgR0q/7UWVHeOGyFvPxEAkqJ8N51R2LWHvnBwJSe2bic/QOxTIfB0Bt9
lX+wnjSd3wWZfQXOjg/JDeKt5rXOSalo0f9RvnhUX8EMF+WFgbmmPHwmuPCMNVXD
cesDkXe4mthureI2ZjgnYQ43yjiJzIu2Dt+chHPgM250ZaEPM81EaSpu0Q0R4Aat
rlMJ31qzbmd+GUd19Z4nr2Vma65TTeEohHliTFUCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTF8Yb26Hy9ce4Sk/0ivy23Wt2uQTAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L3hmR0c5dWg4dlhIdUVwUDlJcjh0dDFyZHJrRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAMF8CAMEAMJXtgMEAMJX/AMEAMKH
FwMEAMOFwTANBgkqhkiG9w0BAQsFAAOCAQEADrxdh++De2zeDi71+hHheBtp4xRa
WOuhm1/IxuFAKbym3fd121Lqzb+5MoJs+nRyalQwKjoZ7DYNB6aWZpJtrwNgtPcx
k94KvVdXDbq7YFyn4F68bQl+nhRPS3aiQqmEyo1GbUI81G0BpL6Crb34pzwqjiaI
KQGwMaAa+Iv7i+wl4D9Ne10AjDefYnzFdxE46laRbNzmah7Kn8/3OU+8Zqj/usrX
NSnqTUbSFhTVnFT8bM5Zu083z7Qa/Ts+hDv+Rsm4a8cePlve5y+C7YaCbgveb+xB
VbIAIv3EKKzUi/z36DugYkUESUFSvwijDyFM2lnER6FaJhWJy6/kUkewVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org