Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1AUCSzdqfU8iU_AR8LtZq4gbWLU.roa
File: 1AUCSzdqfU8iU_AR8LtZq4gbWLU.roa (raw, json)
Hash identifier: aMAc1GjaXNytns7AxOyZmfxXqktX8pl+C7ZKH7KHtV4=
Subject key identifier: D4:05:02:4B:37:6A:7D:4F:22:53:F0:11:F0:BB:59:AB:88:1B:58:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018465C385976F8087ADA8662878E1F13DBF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1AUCSzdqfU8iU_AR8LtZq4gbWLU.roa
Signing time: Fri 11 Nov 2022 08:17:03 +0000
ROA not before: Fri 11 Nov 2022 08:17:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:c3:85:97:6f:80:87:ad:a8:66:28:78:e1:f1:3d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 11 08:17:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d405024b376a7d4f2253f011f0bb59ab881b58b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:05:c6:29:7a:95:25:5b:eb:dd:08:85:6d:1f:
ba:f4:db:9e:25:46:36:3c:47:6b:39:10:20:82:85:
eb:88:5a:94:d7:2b:d1:f9:c2:46:58:48:99:57:ca:
27:3e:8b:31:56:37:e5:dd:03:22:9d:70:bb:34:8c:
f2:ff:fa:5c:6e:2c:29:e6:34:0a:96:54:73:e7:98:
68:b7:8f:e2:b7:ff:d3:35:e2:f9:1b:d6:ca:b9:62:
c6:48:41:ab:78:5c:10:2c:92:de:12:a0:05:01:f6:
4d:ec:74:8c:e3:07:44:6b:33:3d:01:49:97:1f:96:
79:5c:d8:3f:23:5a:07:fa:fb:59:97:3a:48:6f:08:
82:a6:3b:6f:4f:51:30:d1:3d:9d:f2:01:ec:5f:70:
a4:6a:a0:5c:b6:7e:53:a7:ce:d2:19:88:ee:5f:0e:
1c:7b:d2:92:58:ba:1e:a8:5d:4b:99:8e:4d:d4:13:
37:36:3b:56:76:fd:b8:27:2e:c3:32:7a:2d:ad:2a:
fb:d2:ae:a2:1c:d9:86:e5:93:12:53:f0:3e:4d:2c:
c6:b9:aa:b1:29:3c:ad:64:93:90:ac:74:7b:17:02:
bd:14:74:70:9e:6e:91:12:7f:4f:4a:c4:57:2b:a4:
a3:c2:2b:54:8c:e2:20:7f:8a:e9:c9:6a:15:58:11:
c8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:05:02:4B:37:6A:7D:4F:22:53:F0:11:F0:BB:59:AB:88:1B:58:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1AUCSzdqfU8iU_AR8LtZq4gbWLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.200.0/23
193.124.203.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.1.0/24
194.87.3.0/24
194.87.7.0/24
194.87.16.0/24
194.87.24.0/22
194.87.56.0/24
194.87.72.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.118.0/24
194.87.160.0/24
194.87.163.0/24
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.56.0/21
195.133.30.0/24
195.133.55.0/24
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
19:b5:b0:d9:c6:12:74:55:a4:0d:a6:30:13:33:77:dc:45:d0:
17:dc:e3:5f:56:07:02:30:d0:8c:ce:e7:ed:50:dd:50:1c:25:
e4:b4:49:e8:11:1f:27:c4:a1:6f:23:98:bb:ae:f0:8e:99:5a:
1e:4a:90:9d:7b:f9:bc:9f:7f:c9:ac:b6:63:9c:7d:30:fc:27:
61:04:07:ff:5d:d5:8b:6f:37:0f:e5:98:ec:83:2a:d4:95:b8:
62:29:b0:f0:92:37:5c:b0:e5:82:40:10:1a:ed:b1:f0:1e:b8:
7b:25:3e:a3:46:62:77:b4:5a:ca:93:6f:cf:36:c9:af:20:ea:
71:95:05:65:e9:5a:e4:4f:22:98:4f:35:cf:1e:09:66:fd:8d:
1d:18:ad:b9:1c:2d:6f:f6:2b:7a:99:7a:d1:b4:12:d4:0a:c7:
00:51:d4:86:b2:a0:70:e5:da:e6:61:d4:a4:07:d9:c0:a0:00:
d2:a8:4f:e5:23:e0:3a:6a:1c:92:69:aa:47:b8:ef:00:e4:bc:
88:d2:3b:b9:dd:ac:66:82:87:10:8e:68:77:27:1b:96:ca:a4:
fa:97:14:b7:b5:f3:06:26:90:54:35:2f:23:08:22:49:21:1c:
5a:b8:36:e0:57:ce:69:d4:f8:96:32:79:cd:42:5f:0e:93:6c:
bb:64:41:b9
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYRlw4WXb4CHrahmKHjh8T2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTExMDgxNzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA1MDI0YjM3NmE3ZDRmMjI1M2YwMTFmMGJiNTlhYjg4MWI1OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAXGKXqVJVvr3QiFbR+69NueJUY2
PEdrORAggoXriFqU1yvR+cJGWEiZV8onPosxVjfl3QMinXC7NIzy//pcbiwp5jQK
llRz55hot4/it//TNeL5G9bKuWLGSEGreFwQLJLeEqAFAfZN7HSM4wdEazM9AUmX
H5Z5XNg/I1oH+vtZlzpIbwiCpjtvT1Ew0T2d8gHsX3CkaqBctn5Tp87SGYjuXw4c
e9KSWLoeqF1LmY5N1BM3NjtWdv24Jy7DMnotrSr70q6iHNmG5ZMSU/A+TSzGuaqx
KTytZJOQrHR7FwK9FHRwnm6REn9PSsRXK6SjwitUjOIgf4rpyWoVWBHI4wIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFNQFAks3an1PIlPwEfC7WauIG1i1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMUFVQ1N6ZHFmVThpVV9BUjhMdFpxNGdiV0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAD5M5wMEAMB8rQMEAsB8tAMEAMB80QMEAMFscAMEAMF8AwMEAMF8CQMEAMF8
EgMEAcF8yAMEAMF8ywMEAMI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQA
wlcBAwQAwlcDAwQAwlcHAwQAwlcQAwQCwlcYAwQAwlc4AwQAwldIAwQAwldMAwQB
wldSAwQAwldoAwQAwld2AwQAwlegAwQAwlejAwQAwlelAwQAwleqAwQAwlezAwQA
wlfGMAwDBADCV88DBAHCV9ADBAHCV94DBADCV+kDBADChx4DBAPDOjgDBADDhR4D
BADDhTcDBADUwAoDBADUwN4DBADUwQADBADUwQwwDQYJKoZIhvcNAQELBQADggEB
ABm1sNnGEnRVpA2mMBMzd9xF0Bfc419WBwIw0IzO5+1Q3VAcJeS0SegRHyfEoW8j
mLuu8I6ZWh5KkJ17+byff8mstmOcfTD8J2EEB/9d1YtvNw/lmOyDKtSVuGIpsPCS
N1yw5YJAEBrtsfAeuHslPqNGYne0WsqTb882ya8g6nGVBWXpWuRPIphPNc8eCWb9
jR0YrbkcLW/2K3qZetG0EtQKxwBR1IayoHDl2uZh1KQH2cCgANKoT+Uj4DpqHJJp
qke47wDkvIjSO7ndrGaChxCOaHcnG5bKpPqXFLe18wYmkFQ1LyMIIkkhHFq4NuBX
zmnU+JYyec1CXw6TbLtkQbk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org