Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zkPOpXygGcBDvgqRjVOuL5LJJQE.roa
File: zkPOpXygGcBDvgqRjVOuL5LJJQE.roa (raw, json)
Hash identifier: vyYv0A1Ysee73iC8EeTelzmT4xQvTmKe4t+TbQ6p4nc=
Subject key identifier: CE:43:CE:A5:7C:A0:19:C0:43:BE:0A:91:8D:53:AE:2F:92:C9:25:01
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01829384B0E837E2C4473D9484AD6185A1AA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zkPOpXygGcBDvgqRjVOuL5LJJQE.roa
Signing time: Fri 12 Aug 2022 19:25:22 +0000
ROA not before: Fri 12 Aug 2022 19:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 194.87.116.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:93:84:b0:e8:37:e2:c4:47:3d:94:84:ad:61:85:a1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 12 19:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce43cea57ca019c043be0a918d53ae2f92c92501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:83:33:db:a8:50:7e:fe:19:fe:4b:c1:4c:
40:26:64:5e:fe:5e:1a:5c:e4:72:d4:d7:ca:df:0b:
78:cd:28:42:1f:62:e5:5f:28:81:d6:2d:cb:38:fd:
65:0e:95:05:3a:b2:40:6f:f1:44:2f:2d:19:e3:a5:
ef:de:5b:53:b7:a4:fa:06:cd:69:62:42:ea:d8:d6:
85:67:41:a6:c9:29:5a:aa:59:16:6a:53:52:36:27:
8d:73:eb:7c:f9:c8:23:9a:14:e9:58:ff:9f:46:d8:
8e:1e:0d:1a:9a:cb:ed:72:b1:d3:9c:ee:00:00:32:
68:6b:1d:93:b3:00:7a:f4:31:84:4b:18:2e:a5:6d:
bb:91:0f:92:99:81:41:e3:2a:6a:df:14:43:11:ee:
51:e1:c1:43:e6:cb:d6:6a:36:bb:41:63:04:c5:cc:
6f:21:03:31:7f:82:b8:56:d0:fc:b4:61:e7:21:32:
ac:e3:73:f2:aa:d4:67:bc:3f:76:71:9e:cd:f6:ae:
4c:c2:e1:45:b1:82:fa:37:2f:6a:f1:bc:b4:03:8f:
6e:52:10:31:68:4a:26:fe:72:33:a2:69:e1:a7:2f:
70:1d:9c:ac:d0:ce:4b:92:c7:9a:15:ce:53:bb:a4:
19:8b:ba:8c:cb:5d:24:80:04:11:ed:6a:30:58:dc:
77:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:43:CE:A5:7C:A0:19:C0:43:BE:0A:91:8D:53:AE:2F:92:C9:25:01
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zkPOpXygGcBDvgqRjVOuL5LJJQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.34.0/24
194.87.116.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:94:95:db:7b:58:ac:23:97:0d:10:4b:35:5c:3d:be:d2:d2:
47:55:d0:11:22:d0:96:3e:eb:5b:6e:e2:c4:ba:7b:12:87:e6:
8c:eb:9e:a6:9f:31:7e:4e:72:40:bb:cd:3d:69:e2:69:10:a7:
7d:9a:47:41:ba:8e:05:a0:66:ca:6b:3d:2b:9e:d9:b6:2a:46:
f7:59:7b:92:87:16:88:03:88:fb:18:a0:bd:a4:c9:3f:d1:0b:
4e:c8:9a:c9:30:c8:f0:16:d9:c9:24:3a:6a:a8:03:e9:d6:0e:
ba:6d:7e:76:61:d5:ce:18:ca:b6:0a:9e:66:f9:17:71:a5:46:
0b:57:78:fa:f6:a0:b8:3d:9f:24:d6:ea:69:9d:61:73:fd:60:
77:7a:38:39:a7:23:a9:28:5c:2d:49:a9:aa:c5:f2:d9:ab:22:
f9:24:70:fd:36:90:9c:0f:e0:46:8c:cf:11:36:7c:67:e2:85:
86:d9:dc:3d:23:a4:84:9b:51:56:e8:47:eb:51:1d:09:bb:13:
ee:74:99:fa:b7:64:a8:8e:ae:5d:8b:04:95:35:a4:e7:5d:bc:
ba:32:3b:e5:fc:6d:26:3f:8b:e1:0a:ec:e1:2b:ec:67:b6:33:
27:fe:66:98:fa:6f:ce:78:3b:ed:0a:68:f4:01:58:6e:3e:11:
6b:df:00:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKThLDoN+LERz2UhK1hhaGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODEyMTkyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQzY2VhNTdjYTAxOWMwNDNiZTBhOTE4ZDUzYWUyZjkyYzkyNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMODM9uoUH7+Gf5LwUxAJmRe/l4a
XORy1NfK3wt4zShCH2LlXyiB1i3LOP1lDpUFOrJAb/FELy0Z46Xv3ltTt6T6Bs1p
YkLq2NaFZ0GmySlaqlkWalNSNieNc+t8+cgjmhTpWP+fRtiOHg0amsvtcrHTnO4A
ADJoax2TswB69DGESxgupW27kQ+SmYFB4ypq3xRDEe5R4cFD5svWaja7QWMExcxv
IQMxf4K4VtD8tGHnITKs43PyqtRnvD92cZ7N9q5MwuFFsYL6Ny9q8by0A49uUhAx
aEom/nIzomnhpy9wHZys0M5LkseaFc5Tu6QZi7qMy10kgAQR7WowWNx3kQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5DzqV8oBnAQ74KkY1Tri+SySUBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvemtQT3BYeWdHY0JEdmdxUmpWT3VMNUxKSlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlciAwQA
wld0MA0GCSqGSIb3DQEBCwUAA4IBAQArlJXbe1isI5cNEEs1XD2+0tJHVdARItCW
PutbbuLEunsSh+aM656mnzF+TnJAu809aeJpEKd9mkdBuo4FoGbKaz0rntm2Kkb3
WXuShxaIA4j7GKC9pMk/0QtOyJrJMMjwFtnJJDpqqAPp1g66bX52YdXOGMq2Cp5m
+RdxpUYLV3j69qC4PZ8k1uppnWFz/WB3ejg5pyOpKFwtSamqxfLZqyL5JHD9NpCc
D+BGjM8RNnxn4oWG2dw9I6SEm1FW6EfrUR0JuxPudJn6t2Sojq5diwSVNaTnXby6
Mjvl/G0mP4vhCuzhK+xntjMn/maY+m/OeDvtCmj0AVhuPhFr3wDQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org