Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yMnbwD9HoGbeLSYgnpk7J2QJPIo.roa
File: yMnbwD9HoGbeLSYgnpk7J2QJPIo.roa (raw, json)
Hash identifier: ras7qDOmnJ2kP9x/xWb/eL5Fk9Bk2FXH8Msg0QWYxvQ=
Subject key identifier: C8:C9:DB:C0:3F:47:A0:66:DE:2D:26:20:9E:99:3B:27:64:09:3C:8A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E2CC946EF0BD79B19B2408EC2B0A3843
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yMnbwD9HoGbeLSYgnpk7J2QJPIo.roa
Signing time: Mon 05 Dec 2022 14:59:28 +0000
ROA not before: Mon 05 Dec 2022 14:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 193.124.44.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:cc:94:6e:f0:bd:79:b1:9b:24:08:ec:2b:0a:38:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 14:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8c9dbc03f47a066de2d26209e993b2764093c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:02:55:c2:c9:0e:5e:3c:d5:b9:a3:bc:ea:fe:
9e:e3:8d:b7:e9:8c:d6:97:00:5f:33:ce:45:bd:c1:
67:c2:6f:c3:41:00:2c:fe:7c:b0:dc:49:b0:eb:15:
0a:be:b2:f8:a5:64:4d:2c:c5:1f:46:fe:13:f4:f2:
79:a3:44:21:9d:06:45:da:f1:58:b9:76:95:77:c3:
8f:c6:98:38:0f:82:96:30:b4:1b:64:17:9a:22:37:
71:71:17:27:6b:10:c4:6a:dc:95:50:92:69:8c:a6:
77:14:ec:36:b1:66:99:45:42:20:56:25:6b:ac:71:
19:e4:ec:84:82:bb:08:13:10:d1:5e:44:99:c4:d2:
2f:1f:0a:ea:b2:d1:e7:fb:5f:52:38:07:76:92:15:
69:3e:fc:9e:de:0b:57:66:ee:11:44:fd:51:d0:2f:
8b:7d:28:c0:0d:12:d3:14:bb:56:9e:88:3d:db:c8:
8a:4a:63:64:d8:6d:44:78:0d:6e:2b:e3:4e:77:c7:
55:8d:b3:2c:fb:9b:73:de:63:73:46:02:bf:c1:c3:
88:70:0c:5b:3c:ad:49:ae:88:cc:90:5b:c6:a1:31:
84:1a:89:54:ad:17:af:cd:a4:c6:3b:bd:55:83:14:
42:ee:3f:7f:c8:ed:4b:c8:25:97:f7:16:e2:84:8e:
63:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C9:DB:C0:3F:47:A0:66:DE:2D:26:20:9E:99:3B:27:64:09:3C:8A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yMnbwD9HoGbeLSYgnpk7J2QJPIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.87.84.0/22
194.87.151.0/24
195.133.18.0/24
195.133.38.0/24
195.133.40.0/24
212.192.8.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
47:60:24:26:27:e6:e9:18:af:d6:ab:eb:20:d4:a7:0c:35:5d:
66:40:ee:79:d6:f9:35:e6:aa:5a:85:5b:b2:6d:36:c0:9c:0d:
49:88:70:3e:b1:85:c4:f7:08:d6:e0:e6:96:aa:4e:af:9b:bb:
5c:9c:c2:a7:48:03:ac:e2:3a:74:a5:55:7e:f7:50:40:cd:f4:
dc:32:46:73:8a:0f:62:6a:50:c5:b7:21:bd:f1:c8:46:34:eb:
7b:ed:e4:7b:2b:2a:49:a1:9a:de:f2:17:6b:d2:fa:8a:e9:fd:
26:41:da:e9:7b:74:d1:c8:78:f7:c7:33:c1:63:b9:46:85:44:
35:13:d9:bd:1f:f1:5c:23:47:98:1b:3f:dd:54:97:88:67:36:
20:49:27:64:71:84:4b:25:e2:6c:4d:fb:a2:d1:dd:72:88:d1:
52:42:21:59:83:a3:b5:32:c3:44:69:a9:fd:3d:c5:a3:a1:dc:
84:78:3a:ab:ad:d4:52:15:e8:a9:8f:28:52:e1:f7:37:b8:b1:
6e:ef:7d:19:bf:9a:da:79:e1:9e:08:1b:3b:3d:2e:c4:67:9b:
ef:23:9f:ff:8b:c3:7c:67:81:52:7f:a6:4b:86:6d:e5:5b:00:
1a:d0:27:81:e2:d3:e1:7e:06:6b:aa:6c:fc:87:36:24:d7:ad:
61:48:d6:64
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYTizJRu8L15sZskCOwrCjhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MTQ1OTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGM5ZGJjMDNmNDdhMDY2ZGUyZDI2MjA5ZTk5M2IyNzY0MDkzYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwJVwskOXjzVuaO86v6e44236YzW
lwBfM85FvcFnwm/DQQAs/nyw3Emw6xUKvrL4pWRNLMUfRv4T9PJ5o0QhnQZF2vFY
uXaVd8OPxpg4D4KWMLQbZBeaIjdxcRcnaxDEatyVUJJpjKZ3FOw2sWaZRUIgViVr
rHEZ5OyEgrsIExDRXkSZxNIvHwrqstHn+19SOAd2khVpPvye3gtXZu4RRP1R0C+L
fSjADRLTFLtWnog928iKSmNk2G1EeA1uK+NOd8dVjbMs+5tz3mNzRgK/wcOIcAxb
PK1JrojMkFvGoTGEGolUrRevzaTGO71VgxRC7j9/yO1LyCWX9xbihI5jNwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMjJ28A/R6Bm3i0mIJ6ZOydkCTyKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveU1uYndEOUhvR2JlTFNZZ25wazdKMlFKUElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXwsAwQC
wldUAwQAwleXAwQAw4USAwQAw4UmAwQAw4UoAwQA1MAIAwQA1MAeMA0GCSqGSIb3
DQEBCwUAA4IBAQBHYCQmJ+bpGK/Wq+sg1KcMNV1mQO551vk15qpahVuybTbAnA1J
iHA+sYXE9wjW4OaWqk6vm7tcnMKnSAOs4jp0pVV+91BAzfTcMkZzig9ialDFtyG9
8chGNOt77eR7KypJoZre8hdr0vqK6f0mQdrpe3TRyHj3xzPBY7lGhUQ1E9m9H/Fc
I0eYGz/dVJeIZzYgSSdkcYRLJeJsTfui0d1yiNFSQiFZg6O1MsNEaan9PcWjodyE
eDqrrdRSFeipjyhS4fc3uLFu730Zv5raeeGeCBs7PS7EZ5vvI5//i8N8Z4FSf6ZL
hm3lWwAa0CeB4tPhfgZrqmz8hzYk161hSNZk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org