Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/5WeqpJqeDkfh0r6UGW9_NOeiDFA.roa
File: 5WeqpJqeDkfh0r6UGW9_NOeiDFA.roa (raw, json)
Hash identifier: kuB+SwojmaJjXHUXlKHVxwhx6tlHO7GGKBFhOXejN9k=
Subject key identifier: E5:67:AA:A4:9A:9E:0E:47:E1:D2:BE:94:19:6F:7F:34:E7:A2:0C:50
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 0182D0B4572648E3B4A2A8B5354D177366D3
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/5WeqpJqeDkfh0r6UGW9_NOeiDFA.roa
Signing time: Wed 24 Aug 2022 16:34:15 +0000
ROA not before: Wed 24 Aug 2022 16:34:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 194.147.150.0/24 maxlen: 24
185.190.25.0/24 maxlen: 24
194.147.170.0/24 maxlen: 24
194.36.172.0/23 maxlen: 23
194.36.172.0/24 maxlen: 24
194.36.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d0:b4:57:26:48:e3:b4:a2:a8:b5:35:4d:17:73:66:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Aug 24 16:34:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e567aaa49a9e0e47e1d2be94196f7f34e7a20c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a5:86:c4:d4:99:9e:76:00:3d:fa:1d:02:26:
1f:36:f5:fe:69:e8:3d:93:62:eb:d9:4a:31:80:e3:
5e:32:54:c5:d5:ee:91:bd:2f:c1:53:e7:38:79:12:
10:0e:27:ee:18:77:e1:fc:90:db:c9:b0:90:c5:a7:
43:09:60:62:1c:30:92:52:fa:e3:d1:02:96:de:4d:
41:11:96:3f:96:d2:d0:38:0e:47:f1:84:74:54:be:
41:a8:7b:4f:98:2e:ed:e6:d9:86:41:35:21:a2:ad:
b9:45:ab:d9:4b:7a:45:d8:1d:69:f5:25:26:d2:fb:
6c:5c:b6:92:8b:3b:b3:99:17:79:ed:51:b5:c0:06:
85:73:19:bf:a6:f4:e1:8a:ac:b3:50:86:8d:2a:5e:
94:68:4a:4d:2f:e2:3f:04:f3:69:cc:58:7d:84:95:
29:c4:47:f2:b9:80:03:d0:89:60:2e:ca:bc:52:61:
9c:1c:b2:05:00:c7:b3:62:bf:88:77:7f:73:57:b3:
65:d7:3d:f2:11:f0:c4:e3:a4:b2:b7:40:ed:52:ff:
e6:81:4c:19:f0:70:c5:fc:f7:02:71:31:bb:09:aa:
da:b5:01:13:eb:39:4b:79:a5:e7:36:22:55:3b:43:
b8:e9:71:47:ed:9e:9f:cb:57:9d:59:be:da:44:b6:
2d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:67:AA:A4:9A:9E:0E:47:E1:D2:BE:94:19:6F:7F:34:E7:A2:0C:50
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/5WeqpJqeDkfh0r6UGW9_NOeiDFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.25.0/24
194.36.172.0/23
194.147.150.0/24
194.147.170.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d0:4b:8a:db:2f:68:99:7e:ad:63:d1:ad:7c:d8:06:15:d2:
4c:07:a5:66:8d:43:1c:ee:bb:50:a0:ae:9a:4f:68:a0:f0:e6:
09:cd:76:06:2b:62:fb:d4:07:c5:5b:ce:fc:66:98:83:9e:33:
ab:aa:01:06:8d:70:73:db:b0:ff:79:46:0b:95:a5:06:7f:e7:
b1:08:c8:f9:8a:27:cb:11:c8:7f:7a:65:e8:1d:10:06:f5:d1:
7b:2d:95:74:e7:bb:a9:6c:3e:d1:d5:f7:90:9b:e9:60:0a:a5:
b0:5a:9c:e3:bb:5d:00:59:2e:38:c4:f0:d4:3f:06:88:bb:cd:
bd:bf:94:ca:4c:f8:13:97:ae:5d:99:42:02:18:d5:f8:3b:b4:
5e:32:92:d4:37:da:d0:ec:6f:c3:99:91:d9:12:fe:28:26:3e:
de:40:af:66:62:c9:a5:98:ef:a4:ad:11:44:35:c3:2f:88:8b:
bb:3f:54:ec:dd:dd:21:05:bc:42:b9:75:1d:ce:1f:dd:71:7f:
50:87:47:27:43:30:3f:2c:32:b3:5d:cd:70:63:be:99:7e:03:
bf:57:bc:96:d9:52:f4:2c:d2:d4:2c:48:75:26:00:36:4f:fe:
97:3b:aa:a8:e0:33:ec:17:70:42:67:f4:68:40:ae:7d:01:38:
c4:03:1f:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYLQtFcmSOO0oqi1NU0Xc2bTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIwODI0MTYzNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTY3YWFhNDlhOWUwZTQ3ZTFkMmJlOTQxOTZmN2YzNGU3YTIwYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqWGxNSZnnYAPfodAiYfNvX+aeg9
k2Lr2UoxgONeMlTF1e6RvS/BU+c4eRIQDifuGHfh/JDbybCQxadDCWBiHDCSUvrj
0QKW3k1BEZY/ltLQOA5H8YR0VL5BqHtPmC7t5tmGQTUhoq25RavZS3pF2B1p9SUm
0vtsXLaSizuzmRd57VG1wAaFcxm/pvThiqyzUIaNKl6UaEpNL+I/BPNpzFh9hJUp
xEfyuYAD0IlgLsq8UmGcHLIFAMezYr+Id39zV7Nl1z3yEfDE46Syt0DtUv/mgUwZ
8HDF/PcCcTG7CaratQET6zlLeaXnNiJVO0O46XFH7Z6fy1edWb7aRLYtTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOVnqqSang5H4dK+lBlvfzTnogxQMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvNVdlcXBKcWVEa2ZoMHI2VUdXOV9OT2VpREZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAub4ZAwQB
wiSsAwQAwpOWAwQAwpOqMA0GCSqGSIb3DQEBCwUAA4IBAQCN0EuK2y9omX6tY9Gt
fNgGFdJMB6VmjUMc7rtQoK6aT2ig8OYJzXYGK2L71AfFW878ZpiDnjOrqgEGjXBz
27D/eUYLlaUGf+exCMj5iifLEch/emXoHRAG9dF7LZV057upbD7R1feQm+lgCqWw
Wpzju10AWS44xPDUPwaIu829v5TKTPgTl65dmUICGNX4O7ReMpLUN9rQ7G/DmZHZ
Ev4oJj7eQK9mYsmlmO+krRFENcMviIu7P1Ts3d0hBbxCuXUdzh/dcX9Qh0cnQzA/
LDKzXc1wY76ZfgO/V7yW2VL0LNLULEh1JgA2T/6XO6qo4DPsF3BCZ/RoQK59ATjE
Ax81
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:20 2023 by rpki-client on console-fra.rpki-client.org