Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3zUB0qKpBbur6ViRE_Vnnq6QIsU.roa
File: 3zUB0qKpBbur6ViRE_Vnnq6QIsU.roa (raw, json)
Hash identifier: bbMSQVvmSdQJvcjM7Wgq+WSzLzkk2IINXpSDRQRoquM=
Subject key identifier: DF:35:01:D2:A2:A9:05:BB:AB:E9:58:91:13:F5:67:9E:AE:90:22:C5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183D609E78218A58EC4606B2FC0F8CE4768
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3zUB0qKpBbur6ViRE_Vnnq6QIsU.roa
Signing time: Fri 14 Oct 2022 10:28:36 +0000
ROA not before: Fri 14 Oct 2022 10:28:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:09:e7:82:18:a5:8e:c4:60:6b:2f:c0:f8:ce:47:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 10:28:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df3501d2a2a905bbabe9589113f5679eae9022c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7f:9b:01:46:3c:7a:e9:cf:f1:d9:8c:e6:21:
68:6c:69:b2:e5:60:7b:11:23:3c:47:7a:7d:a5:75:
5e:5d:5b:7a:ae:2c:65:56:4b:f2:75:a3:d1:45:7a:
ee:d4:d8:47:4f:d7:2d:af:61:26:2a:3b:67:79:fd:
7c:4a:1b:b8:f4:a4:2f:f5:b0:40:bc:5f:e4:f6:c2:
3c:e6:06:f3:84:ec:94:5a:46:61:44:90:64:eb:5c:
98:48:65:bf:86:dd:83:53:0b:ca:65:c9:aa:5c:68:
a4:38:ab:1f:17:79:13:45:10:0e:a2:83:5f:aa:10:
69:a9:d9:99:b5:21:25:1b:c6:0c:6c:24:23:db:51:
fd:59:e2:04:08:9e:e3:52:90:c4:ac:d3:cf:01:b4:
30:40:23:da:af:56:5e:27:aa:72:58:01:bd:6d:a8:
48:7d:9a:14:09:65:ad:1f:c5:46:38:9e:c9:67:b5:
86:6d:f0:8d:93:64:94:07:99:16:0c:99:13:d7:bd:
76:06:16:16:76:ce:38:f0:aa:3e:25:14:21:70:f1:
3f:32:c4:c8:3c:21:b9:ce:13:b6:fa:94:84:ff:e2:
dc:83:71:28:5e:9e:e9:1a:47:0f:2a:c8:23:31:37:
c3:10:e5:4e:96:05:ec:90:6f:26:1b:b7:df:b1:b6:
26:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:35:01:D2:A2:A9:05:BB:AB:E9:58:91:13:F5:67:9E:AE:90:22:C5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3zUB0qKpBbur6ViRE_Vnnq6QIsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.45.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.24.0/22
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.191.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.135.23.0/24
194.135.30.0/24
195.58.54.0/24
195.133.76.0/24
195.133.82.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b0:78:68:4b:92:fe:52:57:7c:c0:3f:b4:03:74:53:2a:fe:
97:23:2d:2d:3a:60:55:54:4d:da:a9:c7:98:a1:4d:78:db:a8:
9a:88:a8:7c:17:33:bf:f6:eb:8b:0c:47:af:a4:07:96:a7:53:
12:6e:ef:6b:de:63:bd:3d:20:45:8a:58:3a:6f:51:9e:ee:da:
90:50:3a:1c:5d:b2:89:a9:13:74:b5:b6:1d:09:39:cf:3d:83:
f4:00:ec:39:83:3b:c2:50:d9:de:63:57:42:54:71:9b:32:4c:
8a:f1:5e:0b:7d:96:47:c3:b5:6f:09:32:19:85:f0:77:d2:64:
54:5c:e7:ec:93:33:f9:ec:0d:41:e2:76:72:65:a0:d0:91:3d:
ce:31:54:62:a8:fc:1a:87:67:2f:38:eb:fb:c7:10:05:74:1a:
38:a3:44:05:be:52:01:0d:06:01:47:ae:ea:3a:8f:aa:53:55:
ba:7c:ba:9f:7f:60:a5:06:cf:93:06:1f:ff:3f:41:e5:56:79:
0a:87:de:a4:4f:f9:58:9e:61:97:ab:bb:dc:cc:b4:67:a3:7d:
ad:c5:cc:99:4f:dd:f5:df:2e:c3:0e:02:3b:0d:17:cf:90:ae:
14:a6:ca:23:58:5e:d7:20:33:36:0b:eb:45:2e:e4:3c:17:89:
35:1b:c3:e6
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYPWCeeCGKWOxGBrL8D4zkdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE0MTAyODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM1MDFkMmEyYTkwNWJiYWJlOTU4OTExM2Y1Njc5ZWFlOTAyMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX+bAUY8eunP8dmM5iFobGmy5WB7
ESM8R3p9pXVeXVt6rixlVkvydaPRRXru1NhHT9ctr2EmKjtnef18Shu49KQv9bBA
vF/k9sI85gbzhOyUWkZhRJBk61yYSGW/ht2DUwvKZcmqXGikOKsfF3kTRRAOooNf
qhBpqdmZtSElG8YMbCQj21H9WeIECJ7jUpDErNPPAbQwQCPar1ZeJ6pyWAG9bahI
fZoUCWWtH8VGOJ7JZ7WGbfCNk2SUB5kWDJkT1712BhYWds448Ko+JRQhcPE/MsTI
PCG5zhO2+pSE/+Lcg3EoXp7pGkcPKsgjMTfDEOVOlgXskG8mG7ffsbYmQwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFN81AdKiqQW7q+lYkRP1Z56ukCLFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM3pVQjBxS3BCYnVyNlZpUkVfVm5ucTZRSXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBfAMDBADB
fC0DBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBALCVxgDBADCV6UDBADC
V6oDBADCV7MDBADCV78DBADCV8YwDAMEAMJXzwMEAcJX0AMEAcJX3gMEAMJX4gME
AMKHFwMEAMKHHgMEAMM6NgMEAMOFTAMEAMOFUgMEANTBDAMEANTBDzANBgkqhkiG
9w0BAQsFAAOCAQEADbB4aEuS/lJXfMA/tAN0Uyr+lyMtLTpgVVRN2qnHmKFNeNuo
moiofBczv/briwxHr6QHlqdTEm7va95jvT0gRYpYOm9Rnu7akFA6HF2yiakTdLW2
HQk5zz2D9ADsOYM7wlDZ3mNXQlRxmzJMivFeC32WR8O1bwkyGYXwd9JkVFzn7JMz
+ewNQeJ2cmWg0JE9zjFUYqj8GodnLzjr+8cQBXQaOKNEBb5SAQ0GAUeu6jqPqlNV
uny6n39gpQbPkwYf/z9B5VZ5CofepE/5WJ5hl6u73My0Z6N9rcXMmU/d9d8uww4C
Ow0Xz5CuFKbKI1he1yAzNgvrRS7kPBeJNRvD5g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:55 2023 by rpki-client on console-fra.rpki-client.org