Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0ETH4gQPA5UbOu2uqGSYPXHbzFY.roa
File: 0ETH4gQPA5UbOu2uqGSYPXHbzFY.roa (raw, json)
Hash identifier: j71/8nu/4RXtISsZ3OCvvtiC37MmwvmeVeR9PETU+Mo=
Subject key identifier: D0:44:C7:E2:04:0F:03:95:1B:3A:ED:AE:A8:64:98:3D:71:DB:CC:56
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E228B5DDCF4F924BEE241D83EA9111D8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0ETH4gQPA5UbOu2uqGSYPXHbzFY.roa
Signing time: Mon 05 Dec 2022 12:00:29 +0000
ROA not before: Mon 05 Dec 2022 12:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.200.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:28:b5:dd:cf:4f:92:4b:ee:24:1d:83:ea:91:11:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 12:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d044c7e2040f03951b3aedaea864983d71dbcc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:07:2c:fc:e5:42:92:13:cf:03:97:cd:21:de:
36:9b:18:61:ac:72:4f:e5:67:ad:31:72:66:f7:cd:
7e:46:dc:0e:65:fa:00:fd:3b:88:6a:92:0a:22:e7:
ec:d1:cb:2e:13:ba:fa:32:e5:a2:89:4f:57:5a:38:
e5:86:37:92:a4:9f:21:8b:14:22:5a:74:45:95:e6:
37:80:8c:f9:d6:ac:25:1a:01:f8:e2:b9:53:26:f8:
93:e5:35:a9:f5:d3:22:d2:42:f6:25:37:79:cf:b3:
67:0c:cf:6a:8a:fa:fb:e6:38:d6:d0:b5:a4:4f:e1:
42:89:3a:fd:a7:ae:68:ae:ca:ac:95:7d:27:c1:fd:
d5:cd:ae:8c:37:65:0f:17:cb:3c:ec:ed:30:ce:e0:
bc:1e:d8:64:ed:73:f0:35:02:e2:5d:97:9d:87:b9:
7e:f7:af:4b:b5:38:42:6a:b4:73:b6:ef:3a:15:fe:
c5:ee:eb:69:d0:7d:94:98:c6:b4:4f:02:54:5d:aa:
71:ca:bb:82:39:ae:ba:8c:02:75:59:79:69:0f:51:
cf:02:cd:01:43:ad:90:1b:0b:e3:73:f0:e6:a6:c0:
5b:a6:7f:61:94:d8:d0:03:ea:a6:a2:cc:7a:2f:cf:
64:54:4e:05:c3:18:ba:4c:19:b7:d0:0a:8e:2a:3c:
a5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:44:C7:E2:04:0F:03:95:1B:3A:ED:AE:A8:64:98:3D:71:DB:CC:56
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0ETH4gQPA5UbOu2uqGSYPXHbzFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.18.0/24
193.124.90.0/24
193.124.133.0/24
193.124.200.0/24
194.58.40.0/24
194.58.46.0/24
194.58.59.0/24
194.87.122.0/24
194.87.124.0/23
194.87.200.0/24
194.87.223.0/24
194.87.226.0/24
194.87.233.0/24
194.87.252.0/24
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
48:93:36:ba:64:f6:60:8c:13:55:73:e6:9d:f0:19:25:cc:f9:
a3:3f:6d:a4:6d:d0:ed:71:d7:8d:64:a9:0f:9b:0e:20:77:a7:
cb:49:20:d5:c4:04:79:7b:4a:7c:cf:77:f5:79:84:31:7a:a6:
43:6b:56:95:45:71:1a:7a:d1:d3:8f:66:85:af:45:17:71:bc:
ca:cf:ac:50:8a:0b:55:7d:8f:71:4b:32:10:e9:6b:9e:e3:33:
13:d3:8f:88:26:19:c4:57:7b:b3:19:87:11:35:8a:4c:fb:8e:
ac:10:ab:8a:ce:4e:32:3d:2f:2d:73:90:cd:be:3b:6a:01:3a:
4e:d7:a4:9a:db:17:57:f5:6c:76:07:e4:7d:9d:92:b4:63:6b:
46:03:f7:e5:fb:ec:34:98:26:c4:e0:90:de:73:05:c9:12:b6:
09:c6:3d:7a:4e:2f:72:13:a2:0d:cb:52:f0:40:10:3d:f0:6f:
8b:f8:03:72:02:dc:f7:6e:a4:a8:a4:0e:7f:b1:02:3f:f3:61:
3d:43:33:7e:ab:74:1c:c4:36:f2:96:53:f5:57:d5:fb:19:46:
4e:5b:a2:30:ed:40:ef:6d:8e:e9:2d:0e:9a:c1:f3:8d:10:bc:
05:f5:3b:48:68:d5:7f:75:ee:c9:e8:e8:fc:a1:91:9e:22:54:
c1:bc:62:df
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYTiKLXdz0+SS+4kHYPqkRHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MTIwMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDQ0YzdlMjA0MGYwMzk1MWIzYWVkYWVhODY0OTgzZDcxZGJjYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAcs/OVCkhPPA5fNId42mxhhrHJP
5WetMXJm981+RtwOZfoA/TuIapIKIufs0csuE7r6MuWiiU9XWjjlhjeSpJ8hixQi
WnRFleY3gIz51qwlGgH44rlTJviT5TWp9dMi0kL2JTd5z7NnDM9qivr75jjW0LWk
T+FCiTr9p65orsqslX0nwf3Vza6MN2UPF8s87O0wzuC8Hthk7XPwNQLiXZedh7l+
969LtThCarRztu86Ff7F7utp0H2UmMa0TwJUXapxyruCOa66jAJ1WXlpD1HPAs0B
Q62QGwvjc/DmpsBbpn9hlNjQA+qmosx6L89kVE4Fwxi6TBm30AqOKjyl/wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFNBEx+IEDwOVGzrtrqhkmD1x28xWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMEVUSDRnUVBBNVViT3UydXFHU1lQWEhiekZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EgMEAMF8WgMEAMF8hQMEAMF8yAME
AMI6KAMEAMI6LgMEAMI6OwMEAMJXegMEAcJXfAMEAMJXyAMEAMJX3wMEAMJX4gME
AMJX6QMEAMJX/AMEAMOFTAMEAMOFwQMEANTABQMEANTACTANBgkqhkiG9w0BAQsF
AAOCAQEASJM2umT2YIwTVXPmnfAZJcz5oz9tpG3Q7XHXjWSpD5sOIHeny0kg1cQE
eXtKfM939XmEMXqmQ2tWlUVxGnrR049mha9FF3G8ys+sUIoLVX2PcUsyEOlrnuMz
E9OPiCYZxFd7sxmHETWKTPuOrBCris5OMj0vLXOQzb47agE6TtekmtsXV/Vsdgfk
fZ2StGNrRgP35fvsNJgmxOCQ3nMFyRK2CcY9ek4vchOiDctS8EAQPfBvi/gDcgLc
926kqKQOf7ECP/NhPUMzfqt0HMQ28pZT9VfV+xlGTluiMO1A722O6S0OmsHzjRC8
BfU7SGjVf3Xuyejo/KGRniJUwbxi3w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:53 2023 by rpki-client on console-fra.rpki-client.org