Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/cRjmYIVwqI7l8v3b6IMw3dijnZc.roa
File: cRjmYIVwqI7l8v3b6IMw3dijnZc.roa (raw, json)
Hash identifier: 3GnqTXiAVqqD6ytPOJ7QWKNiNS2UOsXL08/Xvg1z6EU=
Subject key identifier: 71:18:E6:60:85:70:A8:8E:E5:F2:FD:DB:E8:83:30:DD:D8:A3:9D:97
Certificate issuer: /CN=659a6b975eafd2ce51468723814355f56c55bafb
Certificate serial: 080BF3C0
Authority key identifier: 65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/cRjmYIVwqI7l8v3b6IMw3dijnZc.roa
Signing time: Sat 01 Jan 2022 15:04:38 +0000
ROA not before: Sat 01 Jan 2022 15:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 194.125.233.0/24 maxlen: 24
194.125.232.0/24 maxlen: 24
194.125.232.0/22 maxlen: 24
194.242.32.0/24 maxlen: 24
194.125.234.0/24 maxlen: 24
194.125.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135001024 (0x80bf3c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659a6b975eafd2ce51468723814355f56c55bafb
Validity
Not Before: Jan 1 15:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7118e6608570a88ee5f2fddbe88330ddd8a39d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:83:49:e8:63:6e:54:bb:50:0f:b7:51:30:
7a:cb:be:ca:df:4f:a3:c7:e0:75:e5:9a:34:3f:52:
77:41:67:62:f7:75:a4:15:8d:08:8b:a0:dd:c3:89:
fd:82:6d:90:ee:44:28:b1:71:85:cf:9c:b9:9f:2d:
54:73:53:ac:f8:6f:79:69:18:63:92:60:74:ff:00:
60:8b:0e:70:0b:f9:60:63:06:48:2a:a9:46:9b:e5:
f2:b1:e6:b1:f0:b3:c6:4d:2b:f8:c7:ee:25:0d:e1:
d0:29:1c:c9:c7:04:de:b3:9f:61:c4:d8:c0:d2:1e:
cc:ac:f2:6b:99:4a:e8:0d:5c:ab:49:dc:58:b0:35:
40:df:9e:09:7e:fe:8c:f1:9f:4f:7c:66:e2:d7:f1:
6b:8d:b4:86:42:f2:23:46:49:d2:20:d2:22:4f:90:
0d:6e:86:79:b6:c2:be:9e:35:dc:d8:c5:91:c2:d1:
f3:e7:96:3f:2e:87:99:15:ec:9e:ed:b1:c5:f7:e6:
ad:0d:72:bf:8b:e6:6b:ae:13:ec:35:a2:cc:f6:ea:
8b:e4:9b:4a:a7:f2:4b:d8:71:c0:d0:40:12:2d:6f:
f6:09:7c:06:b8:c5:cb:dd:bd:de:b0:41:36:3b:cd:
f4:2d:55:3e:ba:47:31:95:b4:3c:01:80:9c:bb:e9:
d6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:18:E6:60:85:70:A8:8E:E5:F2:FD:DB:E8:83:30:DD:D8:A3:9D:97
X509v3 Authority Key Identifier:
keyid:65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/cRjmYIVwqI7l8v3b6IMw3dijnZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.125.232.0/22
194.242.32.0/24
Signature Algorithm: sha256WithRSAEncryption
63:75:d8:9e:55:3d:67:93:ad:ab:42:18:f1:75:0f:39:89:1d:
df:65:10:bf:df:3e:59:20:cd:3a:78:03:13:88:5a:e5:95:96:
5a:6c:db:9a:89:53:61:1f:ad:02:33:75:2d:22:b0:59:40:10:
a2:69:6e:3b:37:93:04:8f:e6:84:80:97:1a:71:d7:ec:d6:75:
34:64:81:cd:8e:68:52:a0:35:99:d3:2c:6c:b7:1b:06:f7:04:
7a:1c:e6:50:92:c3:80:92:56:e8:4b:34:a6:a1:af:26:fa:7f:
03:85:12:6d:49:e5:48:c6:fe:31:2f:b3:06:c3:c8:ce:13:2f:
92:0f:69:02:aa:f6:a9:25:af:3f:4b:1c:c0:b2:c2:d5:1e:9a:
e1:56:6e:80:3d:b6:4d:09:69:23:75:cc:f6:b9:9e:95:80:2d:
d3:82:a6:8b:8c:d5:cf:68:ff:ab:57:f9:df:e8:4f:52:9b:7f:
99:06:d3:49:e5:e0:29:3a:66:94:e7:ff:f6:c6:46:ca:48:9b:
00:07:1d:eb:ee:1b:66:24:ad:c4:31:1f:88:2e:94:06:0d:12:
35:f7:93:79:83:3c:4d:93:1a:45:8a:5b:62:6f:94:56:d8:9e:
1a:2f:95:ee:30:dd:80:10:3a:39:51:68:0e:45:b0:ad:c2:76:
6d:d9:44:97
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECAvzwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTlhNmI5NzVlYWZkMmNlNTE0Njg3MjM4MTQzNTVmNTZjNTViYWZiMB4XDTIyMDEw
MTE1MDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzExOGU2NjA4NTcw
YTg4ZWU1ZjJmZGRiZTg4MzMwZGRkOGEzOWQ5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5Rg0noY25Uu1APt1Ewesu+yt9Po8fgdeWaND9Sd0FnYvd1
pBWNCIug3cOJ/YJtkO5EKLFxhc+cuZ8tVHNTrPhveWkYY5JgdP8AYIsOcAv5YGMG
SCqpRpvl8rHmsfCzxk0r+MfuJQ3h0CkcyccE3rOfYcTYwNIezKzya5lK6A1cq0nc
WLA1QN+eCX7+jPGfT3xm4tfxa420hkLyI0ZJ0iDSIk+QDW6GebbCvp413NjFkcLR
8+eWPy6HmRXsnu2xxffmrQ1yv4vma64T7DWizPbqi+SbSqfyS9hxwNBAEi1v9gl8
BrjFy9293rBBNjvN9C1VPrpHMZW0PAGAnLvp1vUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRxGOZghXCojuXy/dvogzDd2KOdlzAfBgNVHSMEGDAWgBRlmmuXXq/SzlFG
hyOBQ1X1bFW6+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pacHJsMTZ2MHM1UlJvY2pnVU5WOVd4VnV2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTcwNDIyLTM5YWQtNDk5Yy1iYmZkLWVmZjNjZGNiZDAwYS8x
L2NSam1ZSVZ3cUk3bDh2M2I2SU13M2Rpam5aYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTcwNDIyLTM5YWQtNDk5Yy1iYmZkLWVmZjNjZGNiZDAwYS8xL1pacHJsMTZ2MHM1
UlJvY2pnVU5WOVd4VnV2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsJ96AMEAMLyIDANBgkqhkiG9w0B
AQsFAAOCAQEAY3XYnlU9Z5Otq0IY8XUPOYkd32UQv98+WSDNOngDE4ha5ZWWWmzb
molTYR+tAjN1LSKwWUAQomluOzeTBI/mhICXGnHX7NZ1NGSBzY5oUqA1mdMsbLcb
BvcEehzmUJLDgJJW6Es0pqGvJvp/A4USbUnlSMb+MS+zBsPIzhMvkg9pAqr2qSWv
P0scwLLC1R6a4VZugD22TQlpI3XM9rmelYAt04Kmi4zVz2j/q1f53+hPUpt/mQbT
SeXgKTpmlOf/9sZGykibAAcd6+4bZiStxDEfiC6UBg0SNfeTeYM8TZMaRYpbYm+U
VtieGi+V7jDdgBA6OVFoDkWwrcJ2bdlElw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org