Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/NaEbto6AaZknlQBJDbmw3vmHXZE.roa
File: NaEbto6AaZknlQBJDbmw3vmHXZE.roa (raw, json)
Hash identifier: 0A4AXL3a57q9ZdzQgT2tIQXocUzQa7+rPMLzZagpvLo=
Subject key identifier: 35:A1:1B:B6:8E:80:69:99:27:95:00:49:0D:B9:B0:DE:F9:87:5D:91
Certificate issuer: /CN=b9e273c8ba0b0afb205d00b3170e69b816743397
Certificate serial: 03981CCD
Authority key identifier: B9:E2:73:C8:BA:0B:0A:FB:20:5D:00:B3:17:0E:69:B8:16:74:33:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueJzyLoLCvsgXQCzFw5puBZ0M5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/NaEbto6AaZknlQBJDbmw3vmHXZE.roa
Signing time: Sat 01 Jan 2022 13:05:34 +0000
ROA not before: Sat 01 Jan 2022 13:05:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24776
IP address blocks: 194.29.206.0/24 maxlen: 24
194.187.192.0/22 maxlen: 22
217.25.176.0/20 maxlen: 20
213.161.192.0/19 maxlen: 19
194.3.136.0/24 maxlen: 24
194.2.74.0/24 maxlen: 24
2001:1650::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60300493 (0x3981ccd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e273c8ba0b0afb205d00b3170e69b816743397
Validity
Not Before: Jan 1 13:05:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35a11bb68e806999279500490db9b0def9875d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a8:35:9e:f9:5b:c4:c4:11:49:89:b8:6a:0a:
4a:b8:a1:80:88:de:17:f5:49:28:ed:9b:05:2e:bd:
ff:ce:78:09:5f:fa:6a:ea:95:dc:30:85:c4:40:37:
a2:a4:1d:ea:c9:6b:8b:2e:78:8b:a8:3c:69:9d:4c:
db:6c:9a:25:cf:19:f4:09:06:10:27:02:3e:09:59:
1c:16:57:30:27:24:79:9d:c6:85:d9:11:75:7b:03:
6f:70:95:13:13:99:91:c6:b4:1e:2d:b9:16:b4:c4:
b8:b7:2b:01:c5:a4:44:6f:df:e4:b4:4d:41:35:68:
4a:0a:f6:c5:78:03:f2:a6:92:41:8b:11:b6:6d:fb:
37:cf:57:fd:00:a2:82:ee:a6:01:3c:6a:ac:d6:3d:
98:60:19:54:9b:fe:cb:d1:56:57:c1:11:a9:3c:fd:
09:50:79:23:08:ee:c9:97:19:86:6d:19:ae:15:40:
f5:2c:9a:08:af:6e:ad:85:25:d4:d2:ea:28:b4:d1:
af:bd:cb:cf:b8:7c:94:93:e6:3f:47:ef:1c:3a:d7:
d0:e7:58:48:53:20:00:88:fd:d0:7a:f5:ac:aa:ae:
06:67:a7:2a:35:73:ab:a3:cc:1d:f4:8a:31:6e:6a:
a4:5c:b8:a2:81:80:2d:db:0c:00:38:70:44:df:10:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A1:1B:B6:8E:80:69:99:27:95:00:49:0D:B9:B0:DE:F9:87:5D:91
X509v3 Authority Key Identifier:
keyid:B9:E2:73:C8:BA:0B:0A:FB:20:5D:00:B3:17:0E:69:B8:16:74:33:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueJzyLoLCvsgXQCzFw5puBZ0M5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/NaEbto6AaZknlQBJDbmw3vmHXZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/ueJzyLoLCvsgXQCzFw5puBZ0M5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.2.74.0/24
194.3.136.0/24
194.29.206.0/24
194.187.192.0/22
213.161.192.0/19
217.25.176.0/20
IPv6:
2001:1650::/32
Signature Algorithm: sha256WithRSAEncryption
45:26:2d:2a:81:fa:bb:cf:8b:42:e3:be:0b:51:43:5d:04:be:
b9:08:d2:23:d2:aa:5a:bf:9e:6e:b9:a9:4e:5c:58:e9:29:ca:
84:90:c6:72:38:fb:51:cb:d7:ee:39:78:d3:b6:92:d7:c2:0c:
cb:c7:70:d2:f4:b5:e3:60:b6:eb:a5:7f:97:0d:c6:bc:b4:fb:
96:97:2b:6d:36:b6:83:85:94:69:de:72:5e:20:c3:29:fe:44:
3d:3a:c4:0e:b5:39:2a:ef:89:63:b8:49:f4:ed:fa:9d:b9:16:
54:4d:0f:ee:d0:8f:67:ee:f9:99:8c:1e:c3:08:3e:0f:44:b0:
33:9c:69:50:76:6c:38:09:16:f4:eb:1a:01:8b:b9:3c:2f:ad:
ad:85:02:95:6d:60:97:7d:5b:d9:c9:ec:d9:5b:29:a3:05:ed:
e5:71:4a:cf:4e:81:0a:05:60:f1:43:fe:a2:2b:c5:5a:b2:27:
1f:fe:44:5f:5b:67:a3:70:ad:9d:7e:f5:7d:6a:c4:8c:39:1f:
94:55:38:72:d5:78:0b:22:63:74:0e:cb:00:ad:00:5a:aa:8d:
cc:da:de:59:cd:e9:8b:88:2f:b9:bc:27:14:5b:53:dc:90:43:
9c:63:38:ec:40:38:f5:b4:41:dd:73:05:03:4c:f1:a2:21:64:
54:27:a0:c0
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEA5gczTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWUyNzNjOGJhMGIwYWZiMjA1ZDAwYjMxNzBlNjliODE2NzQzMzk3MB4XDTIyMDEw
MTEzMDUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVhMTFiYjY4ZTgw
Njk5OTI3OTUwMDQ5MGRiOWIwZGVmOTg3NWQ5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqoNZ75W8TEEUmJuGoKSrihgIjeF/VJKO2bBS69/854CV/6
auqV3DCFxEA3oqQd6slriy54i6g8aZ1M22yaJc8Z9AkGECcCPglZHBZXMCckeZ3G
hdkRdXsDb3CVExOZkca0Hi25FrTEuLcrAcWkRG/f5LRNQTVoSgr2xXgD8qaSQYsR
tm37N89X/QCigu6mATxqrNY9mGAZVJv+y9FWV8ERqTz9CVB5IwjuyZcZhm0ZrhVA
9SyaCK9urYUl1NLqKLTRr73Lz7h8lJPmP0fvHDrX0OdYSFMgAIj90Hr1rKquBmen
KjVzq6PMHfSKMW5qpFy4ooGALdsMADhwRN8QvQUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQ1oRu2joBpmSeVAEkNubDe+YddkTAfBgNVHSMEGDAWgBS54nPIugsK+yBd
ALMXDmm4FnQzlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VlSnp5TG9MQ3ZzZ1hRQ3pGdzVwdUJaME01Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNzc4MWZlLTEzMDQtNDNmOC1iNzdjLTNkOTZiZDNlNzg1My8x
L05hRWJ0bzZBYVprbmxRQkpEYm13M3ZtSFhaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
Nzc4MWZlLTEzMDQtNDNmOC1iNzdjLTNkOTZiZDNlNzg1My8xL3VlSnp5TG9MQ3Zz
Z1hRQ3pGdzVwdUJaME01Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAMICSgMEAMIDiAMEAMIdzgMEAsK7
wAMEBdWhwAMEBNkZsDANBAIAAjAHAwUAIAEWUDANBgkqhkiG9w0BAQsFAAOCAQEA
RSYtKoH6u8+LQuO+C1FDXQS+uQjSI9KqWr+ebrmpTlxY6SnKhJDGcjj7UcvX7jl4
07aS18IMy8dw0vS142C266V/lw3GvLT7lpcrbTa2g4WUad5yXiDDKf5EPTrEDrU5
Ku+JY7hJ9O36nbkWVE0P7tCPZ+75mYwewwg+D0SwM5xpUHZsOAkW9OsaAYu5PC+t
rYUClW1gl31b2cns2VspowXt5XFKz06BCgVg8UP+oivFWrInH/5EX1tno3CtnX71
fWrEjDkflFU4ctV4CyJjdA7LAK0AWqqNzNreWc3pi4gvubwnFFtT3JBDnGM47EA4
9bRB3XMFA0zxoiFkVCegwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:36 2024 by rpki-client on console-ams.rpki-client.org