Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/12Gc8boMzucw5k05al-DCEr0U5A.roa
File: 12Gc8boMzucw5k05al-DCEr0U5A.roa (raw, json)
Hash identifier: 6EioEqcI52hKGmYD/iCsNz7kirG/CUb2rmv/M7ntojY=
Subject key identifier: D7:61:9C:F1:BA:0C:CE:E7:30:E6:4D:39:6A:5F:83:08:4A:F4:53:90
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183E4CD39010E2B0DD5CAC287D636986D74
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/12Gc8boMzucw5k05al-DCEr0U5A.roa
Signing time: Mon 17 Oct 2022 07:16:37 +0000
ROA not before: Mon 17 Oct 2022 07:16:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:cd:39:01:0e:2b:0d:d5:ca:c2:87:d6:36:98:6d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 17 07:16:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7619cf1ba0ccee730e64d396a5f83084af45390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:14:be:ff:1a:82:93:4b:94:c1:ca:b7:ad:ee:
67:ab:71:2c:14:22:a2:f7:d9:2b:ce:23:b6:f6:4b:
47:b0:11:a8:0f:cc:58:90:4e:21:15:1d:79:bf:c6:
d4:b5:a1:06:09:eb:94:ea:24:e3:d7:75:3c:e2:10:
66:34:b2:fc:6f:b8:68:3b:c4:7a:43:72:05:c7:f9:
d6:3c:7b:9a:33:c6:9d:12:02:8c:2b:ed:6a:e3:1d:
e7:3b:8f:13:71:c0:2c:17:d1:19:a9:aa:ab:c2:0d:
31:a0:d8:ad:5b:b3:d6:2f:b2:74:b5:3f:b7:20:15:
6e:71:c0:7d:89:b5:aa:6c:0f:10:c1:49:dd:84:dd:
c8:ad:20:53:fe:f4:51:f3:74:8b:fb:d6:c4:a2:25:
73:59:93:88:16:b2:3d:d5:1f:7b:33:df:ce:15:36:
c1:4e:7d:35:43:fe:a5:9a:51:9c:f5:1e:a4:25:32:
0b:75:64:37:02:77:13:f7:7c:bc:02:7e:96:b8:ed:
9f:4e:d3:cf:b3:7d:15:62:e1:54:1d:29:ed:12:90:
5a:1a:85:ec:f1:25:79:79:2c:69:60:a8:f5:61:ff:
8e:42:1b:2a:48:05:e7:39:a5:c8:f3:75:cf:c9:b9:
d4:45:b2:5f:e1:b4:61:81:10:97:cb:43:b3:79:02:
32:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:61:9C:F1:BA:0C:CE:E7:30:E6:4D:39:6A:5F:83:08:4A:F4:53:90
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/12Gc8boMzucw5k05al-DCEr0U5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.90.0/24
193.124.133.0/24
194.87.199.0/24
194.87.252.0/24
194.135.23.0/24
195.133.193.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:07:d1:00:d9:ca:23:b2:2a:7c:0d:4b:49:c9:c0:7d:c4:5e:
ea:08:03:ee:f9:68:23:13:24:41:40:90:f7:ba:04:41:45:f1:
0f:58:7b:2f:89:39:ec:1f:37:06:27:0a:95:3c:5e:cc:95:67:
89:15:c5:1d:6a:4c:6c:24:14:10:32:87:db:15:6e:ff:86:0d:
f5:a8:b1:27:64:bc:62:56:0c:05:ea:05:ae:2d:2f:b4:be:0d:
2c:79:ad:7c:c9:f4:1f:44:06:11:a9:34:5e:cf:d6:fa:79:3b:
34:55:26:8b:ed:82:74:75:d7:8d:41:b5:f6:fd:b9:13:eb:3c:
1c:72:bc:10:d0:64:d9:cd:d4:96:0b:b7:90:e9:c1:22:81:d9:
e8:6d:49:a0:d4:83:8f:7e:30:4e:fd:bf:69:38:68:65:52:fb:
a6:41:7a:27:d5:b6:10:63:8b:51:f7:dd:81:33:07:2d:36:16:
bf:27:88:2c:dc:e9:64:24:63:56:95:e2:4b:57:f4:26:e5:33:
2a:4e:05:0e:7c:91:31:a7:40:d1:3d:5d:2d:27:61:0d:26:e4:
a1:bc:c2:85:38:7f:ec:6c:64:36:34:76:14:30:a5:b1:48:f1:
fa:14:1a:58:65:26:73:6e:e6:cd:ed:c9:16:f9:63:59:52:39:
ac:8f:d7:9d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYPkzTkBDisN1crCh9Y2mG10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE3MDcxNjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzYxOWNmMWJhMGNjZWU3MzBlNjRkMzk2YTVmODMwODRhZjQ1MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhS+/xqCk0uUwcq3re5nq3EsFCKi
99krziO29ktHsBGoD8xYkE4hFR15v8bUtaEGCeuU6iTj13U84hBmNLL8b7hoO8R6
Q3IFx/nWPHuaM8adEgKMK+1q4x3nO48TccAsF9EZqaqrwg0xoNitW7PWL7J0tT+3
IBVuccB9ibWqbA8QwUndhN3IrSBT/vRR83SL+9bEoiVzWZOIFrI91R97M9/OFTbB
Tn01Q/6lmlGc9R6kJTILdWQ3AncT93y8An6WuO2fTtPPs30VYuFUHSntEpBaGoXs
8SV5eSxpYKj1Yf+OQhsqSAXnOaXI83XPybnURbJf4bRhgRCXy0OzeQIyyQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNdhnPG6DM7nMOZNOWpfgwhK9FOQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMTJHYzhib016dWN3NWswNWFsLURDRXIwVTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXxaAwQA
wXyFAwQAwlfHAwQAwlf8AwQAwocXAwQAw4XBAwQA1MECMA0GCSqGSIb3DQEBCwUA
A4IBAQBrB9EA2cojsip8DUtJycB9xF7qCAPu+WgjEyRBQJD3ugRBRfEPWHsviTns
HzcGJwqVPF7MlWeJFcUdakxsJBQQMofbFW7/hg31qLEnZLxiVgwF6gWuLS+0vg0s
ea18yfQfRAYRqTRez9b6eTs0VSaL7YJ0ddeNQbX2/bkT6zwccrwQ0GTZzdSWC7eQ
6cEigdnobUmg1IOPfjBO/b9pOGhlUvumQXon1bYQY4tR992BMwctNha/J4gs3Olk
JGNWleJLV/Qm5TMqTgUOfJExp0DRPV0tJ2ENJuShvMKFOH/sbGQ2NHYUMKWxSPH6
FBpYZSZzbubN7ckW+WNZUjmsj9ed
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org