Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/P4Oo_v4suojFV-li5MQLJWT1bI8.roa
File: P4Oo_v4suojFV-li5MQLJWT1bI8.roa (raw, json)
Hash identifier: 0k/nbTntVnZrve5P7ZNFicZ90EP+wWD8DNhmTgPkhnE=
Subject key identifier: 3F:83:A8:FE:FE:2C:BA:88:C5:57:E9:62:E4:C4:0B:25:64:F5:6C:8F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01838307C817CB0A729AF0C2A38DA1B90A1B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/P4Oo_v4suojFV-li5MQLJWT1bI8.roa
Signing time: Wed 28 Sep 2022 07:37:48 +0000
ROA not before: Wed 28 Sep 2022 07:37:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3399
IP address blocks: 194.71.217.0/24 maxlen: 24
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
192.165.178.0/23 maxlen: 23
194.132.9.0/24 maxlen: 24
194.68.220.0/23 maxlen: 23
193.180.23.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.180.164.0/23 maxlen: 23
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
193.182.111.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:83:07:c8:17:cb:0a:72:9a:f0:c2:a3:8d:a1:b9:0a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 28 07:37:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f83a8fefe2cba88c557e962e4c40b2564f56c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:43:e6:ac:b8:75:c5:b1:2a:c0:78:b6:35:07:
db:ea:8f:4b:b6:a2:6b:0d:e1:48:d6:ca:78:24:07:
55:bd:30:a4:6b:a7:c8:67:92:79:38:19:ac:da:8f:
83:b9:3a:11:82:7a:f5:09:a7:c1:1d:73:d1:f0:8e:
9d:11:50:f6:46:86:a1:5c:bc:11:44:01:fe:cb:07:
8f:a2:a2:cb:b7:a8:8c:6a:19:f0:56:32:92:b5:9b:
60:d6:84:91:3a:6f:44:01:c4:e8:46:7f:4b:62:ac:
5d:44:49:11:cf:92:e7:7d:0e:e1:84:db:e6:d2:a5:
2f:96:ff:7b:7a:ca:fe:3b:c0:00:5d:32:06:d1:8e:
cd:06:1c:f4:b3:97:b0:17:72:b9:3b:b6:bb:a9:23:
59:ef:31:9f:43:4d:01:f3:b8:30:50:7a:09:c3:fb:
bd:c7:6a:90:7b:e3:af:c2:76:a8:de:b5:21:1f:15:
98:fa:83:3e:b1:53:cf:85:8e:e9:c5:39:2f:84:a2:
a9:40:8e:a1:b0:92:5e:0d:ca:8a:f9:b5:6d:7d:41:
c4:b1:f7:05:30:70:d7:cc:4f:38:7c:a0:33:65:25:
ae:64:97:2c:f7:93:46:b3:3c:45:da:17:93:58:b7:
88:1f:c9:13:ca:c9:4d:17:ed:76:ff:6d:d2:b1:f4:
d3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:83:A8:FE:FE:2C:BA:88:C5:57:E9:62:E4:C4:0B:25:64:F5:6C:8F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/P4Oo_v4suojFV-li5MQLJWT1bI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.164.0/23
193.182.111.0/24
193.183.116.0/24
194.68.170.0/23
194.68.220.0/23
194.71.216.0/23
194.132.9.0/24
Signature Algorithm: sha256WithRSAEncryption
33:d2:e1:59:0a:2a:f1:30:f0:3e:cf:e5:22:ef:0d:7c:84:31:
85:aa:23:3d:77:ce:8c:93:0d:0a:8d:06:d5:f2:be:58:85:a1:
6d:ad:61:01:87:77:34:77:24:61:2c:40:76:10:c4:d7:84:d1:
09:3e:1a:31:48:a7:10:14:29:01:d4:08:95:b1:53:21:0c:68:
19:89:ba:da:71:96:6a:b3:eb:62:2c:ab:89:e6:01:03:78:de:
1e:2a:4c:8d:32:b8:81:00:42:07:24:23:be:8f:b8:aa:6b:3d:
f8:d8:d1:74:87:f8:71:9e:3a:84:da:1f:b7:1b:86:63:7c:9d:
5e:11:a8:79:4a:ed:3c:b1:df:eb:a5:31:dd:1e:a9:f1:04:17:
37:9b:51:ba:24:85:db:04:d4:29:4a:0d:40:9f:93:7b:b1:5c:
ba:20:54:43:73:ba:63:5c:78:f3:cd:e0:f6:0c:c9:a9:ac:ea:
35:49:66:f9:aa:41:03:9b:d0:91:92:65:f0:92:6c:c8:47:e4:
0b:be:7f:41:2f:32:06:c9:10:c3:7c:c5:ef:56:d1:5e:2a:23:
66:23:d5:91:1e:ae:99:a7:e3:fd:91:bd:ef:e9:6a:0e:c7:97:
be:50:47:c1:f9:f0:5f:ec:f1:cc:f6:b0:85:0e:f1:c5:bf:a9:
f4:f3:9b:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYODB8gXywpymvDCo42huQobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIwOTI4MDczNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjgzYThmZWZlMmNiYTg4YzU1N2U5NjJlNGM0MGIyNTY0ZjU2YzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0PmrLh1xbEqwHi2NQfb6o9LtqJr
DeFI1sp4JAdVvTCka6fIZ5J5OBms2o+DuToRgnr1CafBHXPR8I6dEVD2RoahXLwR
RAH+ywePoqLLt6iMahnwVjKStZtg1oSROm9EAcToRn9LYqxdREkRz5LnfQ7hhNvm
0qUvlv97esr+O8AAXTIG0Y7NBhz0s5ewF3K5O7a7qSNZ7zGfQ00B87gwUHoJw/u9
x2qQe+Ovwnao3rUhHxWY+oM+sVPPhY7pxTkvhKKpQI6hsJJeDcqK+bVtfUHEsfcF
MHDXzE84fKAzZSWuZJcs95NGszxF2heTWLeIH8kTyslNF+12/23SsfTTdQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFD+DqP7+LLqIxVfpYuTECyVk9WyPMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUDRPb192NHN1b2pGVi1saTVNUUxKV1QxYkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwCTQAwQB
wKWyAwQAwbQXAwQBwbSkAwQAwbZvAwQAwbd0AwQBwkSqAwQBwkTcAwQBwkfYAwQA
woQJMA0GCSqGSIb3DQEBCwUAA4IBAQAz0uFZCirxMPA+z+Ui7w18hDGFqiM9d86M
kw0KjQbV8r5YhaFtrWEBh3c0dyRhLEB2EMTXhNEJPhoxSKcQFCkB1AiVsVMhDGgZ
ibracZZqs+tiLKuJ5gEDeN4eKkyNMriBAEIHJCO+j7iqaz342NF0h/hxnjqE2h+3
G4ZjfJ1eEah5Su08sd/rpTHdHqnxBBc3m1G6JIXbBNQpSg1An5N7sVy6IFRDc7pj
XHjzzeD2DMmprOo1SWb5qkEDm9CRkmXwkmzIR+QLvn9BLzIGyRDDfMXvVtFeKiNm
I9WRHq6Zp+P9kb3v6WoOx5e+UEfB+fBf7PHM9rCFDvHFv6n085uA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org