Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1SwugVGsYMFnIRy8Z15rDzZ2GPY.roa
File: 1SwugVGsYMFnIRy8Z15rDzZ2GPY.roa (raw, json)
Hash identifier: 0SmOrxi4LIWaauYC0p/Bkn2+IfzMLzZvD2WKa0W4Wuk=
Subject key identifier: D5:2C:2E:81:51:AC:60:C1:67:21:1C:BC:67:5E:6B:0F:36:76:18:F6
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 428A9F9C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1SwugVGsYMFnIRy8Z15rDzZ2GPY.roa
Signing time: Sat 01 Jan 2022 14:03:27 +0000
ROA not before: Sat 01 Jan 2022 14:03:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204896
IP address blocks: 194.14.30.0/24 maxlen: 24
192.121.244.0/24 maxlen: 24
193.234.25.0/24 maxlen: 24
194.103.40.0/24 maxlen: 24
194.103.158.0/24 maxlen: 24
193.234.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1116381084 (0x428a9f9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d52c2e8151ac60c167211cbc675e6b0f367618f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:46:9d:73:45:a3:cf:20:f5:49:13:30:81:60:
20:aa:78:ee:77:03:23:aa:0e:f4:ed:07:fe:c8:4b:
c1:cc:8a:eb:cf:6e:1a:f2:8f:a6:0a:0d:1e:fb:f7:
34:5c:ce:9a:c6:5e:c4:af:ee:1c:cd:35:52:bd:43:
63:a4:a2:f8:42:89:43:d7:a2:9a:23:eb:5b:87:80:
5b:cc:0f:b9:8b:1d:ce:83:0d:50:f1:d5:0f:46:9d:
27:dd:99:d4:71:27:3b:f3:65:e4:1e:5a:f4:97:1d:
48:09:f2:4c:14:84:96:85:1c:2b:99:ba:27:8d:66:
08:c6:5e:24:4d:63:9e:24:91:94:d5:4d:b2:d7:8c:
fa:2c:01:cf:01:7d:3f:99:dd:a0:fe:d3:0e:dc:2d:
a8:29:bc:09:58:7f:82:f8:84:99:b1:9b:9c:99:fb:
e7:59:32:0b:37:85:fe:02:9f:30:57:90:c6:96:4e:
17:db:83:b2:4b:71:6c:9c:40:6f:a2:45:2e:a4:f3:
fc:a4:3f:9e:4c:e6:b2:38:63:2a:ef:4d:c2:9f:2e:
9d:19:8e:6e:b0:93:dd:92:46:e4:67:8e:47:96:b8:
e5:5a:66:72:15:f7:20:da:cd:80:70:60:d0:ff:07:
58:a1:5d:35:6a:76:af:ff:7a:17:a2:c2:ef:cf:6a:
e0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2C:2E:81:51:AC:60:C1:67:21:1C:BC:67:5E:6B:0F:36:76:18:F6
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1SwugVGsYMFnIRy8Z15rDzZ2GPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.244.0/24
193.234.25.0/24
193.234.61.0/24
194.14.30.0/24
194.103.40.0/24
194.103.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:41:26:cb:ea:46:31:5e:82:30:27:eb:99:1f:2f:05:36:24:
49:1f:64:33:27:99:fb:ea:3c:2f:cd:19:6d:44:c9:ea:5a:04:
83:d2:d1:ca:22:72:f4:d3:47:d0:88:7f:a0:fd:1c:7e:01:82:
63:d3:64:0c:0d:2d:6a:32:ac:73:d7:cb:da:4b:c5:2b:61:7b:
79:27:10:95:a1:73:70:40:00:5c:a4:97:9d:9b:05:a4:6e:24:
32:3d:56:91:19:6d:8b:76:a5:c3:53:a3:18:93:78:d0:ed:f8:
ca:64:e2:89:2d:5d:41:aa:5f:d2:b3:08:a7:62:12:fc:99:41:
cd:40:15:12:58:f9:7e:da:49:04:90:9a:a8:3b:19:8e:6e:77:
f5:53:1c:38:dd:fb:8b:97:4b:39:3a:36:86:59:2c:00:de:f8:
51:f2:be:c2:74:30:78:e5:88:e5:a3:f0:25:c7:dd:e1:77:f4:
c9:5a:8b:89:5a:46:ff:9a:ea:20:16:cd:06:01:f5:47:d6:85:
e0:73:c8:da:2e:69:ba:4c:7c:c1:33:f8:ea:ec:0b:a1:b0:49:
56:11:11:b4:3e:1d:d8:b5:81:10:72:31:20:e3:9d:01:43:33:
be:81:9c:ad:66:93:41:d4:f0:21:98:a6:7a:26:e5:74:7c:6d:
45:65:ef:a1
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEQoqfnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUyYzJlODE1MWFj
NjBjMTY3MjExY2JjNjc1ZTZiMGYzNjc2MThmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBGnXNFo88g9UkTMIFgIKp47ncDI6oO9O0H/shLwcyK689u
GvKPpgoNHvv3NFzOmsZexK/uHM01Ur1DY6Si+EKJQ9eimiPrW4eAW8wPuYsdzoMN
UPHVD0adJ92Z1HEnO/Nl5B5a9JcdSAnyTBSEloUcK5m6J41mCMZeJE1jniSRlNVN
steM+iwBzwF9P5ndoP7TDtwtqCm8CVh/gviEmbGbnJn751kyCzeF/gKfMFeQxpZO
F9uDsktxbJxAb6JFLqTz/KQ/nkzmsjhjKu9Nwp8unRmObrCT3ZJG5GeOR5a45Vpm
chX3INrNgHBg0P8HWKFdNWp2r/96F6LC789q4CECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTVLC6BUaxgwWchHLxnXmsPNnYY9jAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
LzFTd3VnVkdzWU1GbklSeThaMTVyRHpaMkdQWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAMB59AMEAMHqGQMEAMHqPQMEAMIO
HgMEAMJnKAMEAMJnnjANBgkqhkiG9w0BAQsFAAOCAQEAo0Emy+pGMV6CMCfrmR8v
BTYkSR9kMyeZ++o8L80ZbUTJ6loEg9LRyiJy9NNH0Ih/oP0cfgGCY9NkDA0tajKs
c9fL2kvFK2F7eScQlaFzcEAAXKSXnZsFpG4kMj1WkRlti3alw1OjGJN40O34ymTi
iS1dQapf0rMIp2IS/JlBzUAVElj5ftpJBJCaqDsZjm539VMcON37i5dLOTo2hlks
AN74UfK+wnQweOWI5aPwJcfd4Xf0yVqLiVpG/5rqIBbNBgH1R9aF4HPI2i5pukx8
wTP46uwLobBJVhERtD4d2LWBEHIxIOOdAUMzvoGcrWaTQdTwIZimeibldHxtRWXv
oQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org