Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yLoHuN3w8W78ongCcr0hDhToEdk.roa
File: yLoHuN3w8W78ongCcr0hDhToEdk.roa (raw, json)
Hash identifier: OvEn4OWsea5ob2kKrVLP5gfg6WY3natHLQVwyW0HqPQ=
Subject key identifier: C8:BA:07:B8:DD:F0:F1:6E:FC:A2:78:02:72:BD:21:0E:14:E8:11:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182EA169AC8B786228329171874185479A0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yLoHuN3w8W78ongCcr0hDhToEdk.roa
Signing time: Mon 29 Aug 2022 14:52:06 +0000
ROA not before: Mon 29 Aug 2022 14:52:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:16:9a:c8:b7:86:22:83:29:17:18:74:18:54:79:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 29 14:52:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8ba07b8ddf0f16efca2780272bd210e14e811d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:59:3f:78:1b:b3:cf:ba:12:a0:3c:79:ff:6b:
81:38:81:2e:6b:f7:73:7f:b6:27:f9:06:c7:cf:5b:
99:b6:78:06:13:0a:05:2a:c5:4a:b2:56:b7:1e:ee:
b4:c0:41:2d:9d:c9:39:33:d9:d4:c3:cf:d3:b9:49:
3d:f1:75:f7:eb:8e:f3:84:67:9a:b9:91:0b:c2:f9:
2b:8e:c0:c5:cf:90:f1:3c:a1:d9:76:db:c0:93:a0:
b7:4e:3a:50:6f:dc:01:69:1b:fb:b9:db:f8:82:01:
21:99:0e:2e:25:c7:9f:84:20:b6:89:01:d2:ed:48:
12:59:ca:38:0f:00:e5:e6:74:b0:83:e3:14:08:bd:
ac:d0:e0:64:0e:3a:47:e0:35:3a:a0:02:5c:ca:af:
ef:7b:a6:ce:34:52:c9:da:98:b9:a4:28:bc:8c:ae:
e8:26:19:46:57:e8:5b:2c:1a:f2:16:80:e8:88:c5:
8c:9a:f9:38:a7:aa:e9:0b:76:ef:7b:e7:ba:ff:09:
1c:00:77:8e:77:a9:0d:bc:63:59:eb:63:86:4a:f0:
de:cc:be:cd:13:7f:8f:f5:b7:1e:e5:d1:9c:17:c5:
44:21:c4:a6:4a:4a:d1:ef:c0:a7:06:12:9e:1c:1d:
be:99:ea:f7:d3:d7:1e:f3:c8:0f:44:e9:f8:27:79:
17:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BA:07:B8:DD:F0:F1:6E:FC:A2:78:02:72:BD:21:0E:14:E8:11:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yLoHuN3w8W78ongCcr0hDhToEdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.41.0/24
193.124.93.0/24
193.124.125.0/24
194.87.37.0/24
194.87.56.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
28:43:43:b9:46:7a:8c:c0:96:33:0d:15:e1:8a:10:47:96:1e:
53:61:1c:df:80:57:f8:a9:de:0b:4c:33:eb:4c:88:25:52:b3:
ad:84:64:b2:b5:c5:f2:45:02:a0:8f:42:a4:af:b5:72:62:68:
66:79:a7:e6:85:b0:fa:e5:f4:d3:62:dc:4e:54:55:48:d1:11:
33:ba:82:9b:ad:c5:56:1d:21:32:ef:85:95:0f:0c:d3:d7:e9:
22:e7:41:f6:4d:a5:3c:3b:77:44:99:85:16:e4:71:7f:03:dc:
f3:e9:94:25:e5:eb:a3:e4:77:6d:dd:02:6b:4f:55:5e:da:64:
63:2b:0e:b2:65:df:eb:af:de:18:6b:4b:b5:f3:c5:2e:e1:42:
48:ae:88:94:be:db:e4:26:ad:3f:0f:ad:73:2b:04:4b:d2:12:
7c:67:9d:ab:e2:83:1a:cf:fd:94:81:01:0d:d7:c8:94:25:31:
24:c4:1b:37:30:3b:b9:41:75:39:54:db:f0:a3:84:f1:ff:74:
d8:65:46:ea:83:f6:3c:d7:37:d2:c7:14:8b:0d:4d:3c:1b:4b:
0a:68:de:2d:b1:09:bf:ad:6b:9c:14:ca:1b:ab:56:32:a5:cf:
41:c2:3c:12:bc:ac:22:48:9a:58:7e:3f:5a:7f:de:82:2c:59:
a1:6c:83:4a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYLqFprIt4YigykXGHQYVHmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODI5MTQ1MjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJhMDdiOGRkZjBmMTZlZmNhMjc4MDI3MmJkMjEwZTE0ZTgxMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1k/eBuzz7oSoDx5/2uBOIEua/dz
f7Yn+QbHz1uZtngGEwoFKsVKsla3Hu60wEEtnck5M9nUw8/TuUk98XX3647zhGea
uZELwvkrjsDFz5DxPKHZdtvAk6C3TjpQb9wBaRv7udv4ggEhmQ4uJcefhCC2iQHS
7UgSWco4DwDl5nSwg+MUCL2s0OBkDjpH4DU6oAJcyq/ve6bONFLJ2pi5pCi8jK7o
JhlGV+hbLBryFoDoiMWMmvk4p6rpC3bve+e6/wkcAHeOd6kNvGNZ62OGSvDezL7N
E3+P9bce5dGcF8VEIcSmSkrR78CnBhKeHB2+mer309ce88gPROn4J3kXMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMi6B7jd8PFu/KJ4AnK9IQ4U6BHZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveUxvSHVOM3c4Vzc4b25nQ2NyMGhEaFRvRWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwEAwQA
wXwpAwQAwXxdAwQAwXx9AwQAwlclAwQAwlc4AwQAw4VJMA0GCSqGSIb3DQEBCwUA
A4IBAQAoQ0O5RnqMwJYzDRXhihBHlh5TYRzfgFf4qd4LTDPrTIglUrOthGSytcXy
RQKgj0Kkr7VyYmhmeafmhbD65fTTYtxOVFVI0REzuoKbrcVWHSEy74WVDwzT1+ki
50H2TaU8O3dEmYUW5HF/A9zz6ZQl5euj5Hdt3QJrT1Ve2mRjKw6yZd/rr94Ya0u1
88Uu4UJIroiUvtvkJq0/D61zKwRL0hJ8Z52r4oMaz/2UgQEN18iUJTEkxBs3MDu5
QXU5VNvwo4Tx/3TYZUbqg/Y81zfSxxSLDU08G0sKaN4tsQm/rWucFMobq1Yypc9B
wjwSvKwiSJpYfj9af96CLFmhbINK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org