Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Mv2bgMzXWwRsDIHOearGe0er98.roa
File: 0Mv2bgMzXWwRsDIHOearGe0er98.roa (raw, json)
Hash identifier: O/4frD/2DwmcxWIJ0Q8RTXAUB+ubFV6CVZ0uyW5dIDI=
Subject key identifier: D0:CB:F6:6E:03:33:5D:6C:11:B0:32:07:39:E6:AB:19:ED:1E:AF:DF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183E4CF08F50F48BD6F707D549302D52314
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Mv2bgMzXWwRsDIHOearGe0er98.roa
Signing time: Mon 17 Oct 2022 07:18:36 +0000
ROA not before: Mon 17 Oct 2022 07:18:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:cf:08:f5:0f:48:bd:6f:70:7d:54:93:02:d5:23:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 17 07:18:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0cbf66e03335d6c11b0320739e6ab19ed1eafdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:36:d8:e2:08:a6:9a:2a:b7:9d:ee:10:21:1a:
a3:27:c1:1b:d3:e4:95:ae:00:8d:67:fb:2d:2c:78:
24:63:4a:a6:18:aa:4d:02:af:16:e1:62:3f:2e:ab:
f0:cf:e7:37:2d:45:48:14:c2:1c:e5:a7:3c:89:44:
15:ad:50:31:9e:bf:2c:67:d4:b9:bb:f9:9e:d6:12:
b1:a5:d9:dc:19:4b:84:1d:90:c4:13:6c:9a:e6:90:
3b:da:93:e5:15:e7:5d:d5:78:d1:6c:dd:bc:1e:d6:
95:c8:82:16:0a:f4:a6:e7:c0:d8:78:b4:49:16:99:
5c:10:30:a0:a6:98:92:ec:91:87:9f:b7:6e:0a:3f:
de:28:1b:29:bb:82:fa:91:39:a3:1d:84:aa:53:35:
67:2a:a0:df:69:4f:4f:dc:8f:ec:2c:41:74:24:5c:
38:bb:ed:5f:ce:d5:bf:cc:d2:ee:56:a1:72:75:df:
6b:f1:7a:bd:66:ed:d4:6d:ff:ae:7d:0e:fc:71:b8:
a3:b5:f8:96:fd:a3:a7:f5:0e:69:c5:52:79:43:75:
01:16:ab:dd:0f:61:3b:57:d3:4a:01:36:68:5a:c5:
71:0a:90:25:9a:36:3a:ad:a1:9f:fd:2e:08:af:08:
47:81:45:dc:ea:e0:a5:37:ab:cd:84:67:f3:ad:8e:
88:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CB:F6:6E:03:33:5D:6C:11:B0:32:07:39:E6:AB:19:ED:1E:AF:DF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Mv2bgMzXWwRsDIHOearGe0er98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.45.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.24.0/22
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.191.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.135.23.0/24
194.135.30.0/24
195.58.54.0/24
195.133.76.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
17:44:d2:49:c0:cd:da:9f:8b:09:f9:b8:3f:3e:f5:1b:c5:f5:
75:c5:d0:06:2b:4b:a8:12:fd:53:ee:67:22:ce:17:e5:73:82:
97:00:46:f3:a6:55:c2:af:d5:d2:f1:e4:21:1c:71:9c:e7:16:
4b:43:35:d1:54:c9:3d:52:0c:27:2f:96:8a:55:ba:17:85:3f:
9e:06:af:36:ab:b1:56:ec:fa:d1:2f:b2:e1:95:da:68:a1:32:
68:16:af:f0:60:83:77:02:dc:04:91:7a:eb:0c:52:93:fa:d6:
61:3b:2d:45:ec:8d:17:bc:a5:00:07:51:34:68:7e:1c:e4:d3:
39:a9:57:a1:5d:a3:e2:8b:16:57:e5:60:b9:d2:c1:58:3c:50:
be:70:c1:83:d8:f0:de:4d:b7:4c:d5:2c:05:f0:21:72:b7:52:
84:9f:ff:e4:d1:83:7b:d6:67:cb:bc:49:9c:5c:ca:7f:f9:3f:
38:16:56:1d:ad:8b:96:c0:f2:cd:e2:90:ee:e1:91:41:75:33:
78:32:85:1d:cb:bf:a9:a8:0e:03:1d:6e:20:8a:a2:ed:37:9a:
87:03:cf:cd:03:2e:71:8f:62:4d:8b:13:31:0d:e2:25:f1:c0:
30:92:fc:e8:cf:77:11:49:ce:8d:7d:86:f1:9e:96:09:14:4e:
03:3f:08:10
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYPkzwj1D0i9b3B9VJMC1SMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE3MDcxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGNiZjY2ZTAzMzM1ZDZjMTFiMDMyMDczOWU2YWIxOWVkMWVhZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjbY4gimmiq3ne4QIRqjJ8Eb0+SV
rgCNZ/stLHgkY0qmGKpNAq8W4WI/Lqvwz+c3LUVIFMIc5ac8iUQVrVAxnr8sZ9S5
u/me1hKxpdncGUuEHZDEE2ya5pA72pPlFedd1XjRbN28HtaVyIIWCvSm58DYeLRJ
FplcEDCgppiS7JGHn7duCj/eKBspu4L6kTmjHYSqUzVnKqDfaU9P3I/sLEF0JFw4
u+1fztW/zNLuVqFydd9r8Xq9Zu3Ubf+ufQ78cbijtfiW/aOn9Q5pxVJ5Q3UBFqvd
D2E7V9NKATZoWsVxCpAlmjY6raGf/S4IrwhHgUXc6uClN6vNhGfzrY6I5QIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFNDL9m4DM11sEbAyBznmqxntHq/fMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvME12MmJnTXpYV3dSc0RJSE9lYXJHZTBlcjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBfAMDBADB
fC0DBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBALCVxgDBADCV6UDBADC
V6oDBADCV7MDBADCV78DBADCV8YwDAMEAMJXzwMEAcJX0AMEAcJX3gMEAMJX4gME
AMKHFwMEAMKHHgMEAMM6NgMEAMOFTAMEANTBDAMEANTBDzANBgkqhkiG9w0BAQsF
AAOCAQEAF0TSScDN2p+LCfm4Pz71G8X1dcXQBitLqBL9U+5nIs4X5XOClwBG86ZV
wq/V0vHkIRxxnOcWS0M10VTJPVIMJy+WilW6F4U/ngavNquxVuz60S+y4ZXaaKEy
aBav8GCDdwLcBJF66wxSk/rWYTstReyNF7ylAAdRNGh+HOTTOalXoV2j4osWV+Vg
udLBWDxQvnDBg9jw3k23TNUsBfAhcrdShJ//5NGDe9Zny7xJnFzKf/k/OBZWHa2L
lsDyzeKQ7uGRQXUzeDKFHcu/qagOAx1uIIqi7TeahwPPzQMucY9iTYsTMQ3iJfHA
MJL86M93EUnOjX2G8Z6WCRROAz8IEA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:48 2023 by rpki-client on console-ams.rpki-client.org