Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4z-d-hzxivpWmJXdJkg-gZ4dZN0.roa
File: 4z-d-hzxivpWmJXdJkg-gZ4dZN0.roa (raw, json)
Hash identifier: Rk/RiT2kSkFVEy3SrvzldTVPGJ9xZDU5nDu8APO27Ns=
Subject key identifier: E3:3F:9D:FA:1C:F1:8A:FA:56:98:95:DD:26:48:3E:81:9E:1D:64:DD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184769C9741C1A07427D5A8C496507B029E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4z-d-hzxivpWmJXdJkg-gZ4dZN0.roa
Signing time: Mon 14 Nov 2022 14:48:04 +0000
ROA not before: Mon 14 Nov 2022 14:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.127.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:9c:97:41:c1:a0:74:27:d5:a8:c4:96:50:7b:02:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 14:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e33f9dfa1cf18afa569895dd26483e819e1d64dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f3:37:ad:18:59:35:31:08:1f:db:b0:ed:02:
de:fe:a5:4e:66:dc:ad:e3:85:2e:bc:b1:b7:54:6f:
0b:97:b6:16:be:c9:b7:c4:a5:fc:d7:cd:01:86:4b:
45:7f:ee:f0:a8:c7:b6:0d:47:9c:a2:c8:1f:97:4b:
ee:c8:59:7f:9d:7f:0b:ff:a9:ac:a0:38:20:2e:26:
6f:c6:0a:95:0d:f0:02:a1:59:a6:79:2f:18:aa:21:
07:96:59:e3:a6:69:bf:76:aa:62:d0:58:a4:6a:ea:
c3:4d:7f:8f:0c:91:af:79:92:93:7c:ea:d3:b9:34:
1f:ac:94:2e:e5:31:75:c3:22:d3:51:a6:c0:9b:57:
f6:f6:e9:32:cb:c4:ed:f2:8c:be:d2:ec:1a:54:ea:
b6:84:9a:69:30:88:c1:f4:c2:31:15:2c:0d:0c:23:
4d:9d:cb:27:fd:dd:d0:ad:42:e7:fa:88:56:b2:b9:
75:98:15:c0:91:d3:73:d5:12:72:12:13:06:f9:99:
14:0d:f8:b7:9b:30:a4:8c:7c:a2:83:a0:a3:a3:87:
04:27:e1:36:e2:1d:71:d0:df:4d:1b:83:7e:8e:4a:
e1:e7:18:94:cf:16:36:cb:48:03:c0:7c:b8:d9:ac:
fc:b8:10:9f:3c:67:4e:b5:2e:3c:65:66:f7:64:62:
ef:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3F:9D:FA:1C:F1:8A:FA:56:98:95:DD:26:48:3E:81:9E:1D:64:DD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4z-d-hzxivpWmJXdJkg-gZ4dZN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.9.0/24
193.124.16.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.1.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.118.0/24
194.87.127.0/24
194.87.160.0/24
194.87.163.0/24
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.56.0/21
195.133.30.0/24
195.133.55.0/24
212.192.10.0/24
212.192.209.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
49:09:38:dd:76:64:80:91:d5:bc:32:97:9b:9f:5a:d7:6b:58:
aa:41:25:dd:e9:63:cb:50:d7:c8:95:82:19:e6:62:4e:5a:26:
63:55:26:76:2f:aa:16:c7:95:16:01:00:3b:0a:41:13:0d:8f:
4d:15:58:d8:b9:fd:b4:37:f1:0d:98:b3:0f:f9:3f:0d:d6:b3:
7a:f7:83:bd:f4:ba:85:7e:d9:b6:cc:46:86:e9:ce:f3:b8:07:
1b:b4:ac:c3:96:5c:f0:9a:1a:20:bf:17:78:f3:f0:61:22:5d:
76:9a:e5:47:90:ef:95:ca:e3:62:15:ed:55:21:67:ae:89:e0:
1f:f1:ff:0b:38:69:04:5d:ed:20:0c:01:29:c8:05:70:be:d3:
9f:7d:ff:7b:bf:a5:98:71:ae:f4:19:52:e1:39:16:15:9f:a1:
bb:d1:4a:5a:aa:2a:fb:87:92:cb:c3:37:22:0e:60:7e:8a:49:
88:aa:25:97:6e:83:c7:a7:d3:e6:37:b7:10:7c:ac:9a:36:69:
12:cd:63:0d:f4:49:57:55:65:5a:ec:27:66:30:68:14:7e:0a:
70:02:73:11:df:1e:1d:d9:46:6c:0f:95:3a:e3:ac:d9:23:e9:
97:41:53:f7:5a:5d:1b:42:f6:8e:f4:7b:68:66:45:0c:b2:50:
ed:83:51:79
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYR2nJdBwaB0J9WoxJZQewKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE0MTQ0ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzNmOWRmYTFjZjE4YWZhNTY5ODk1ZGQyNjQ4M2U4MTllMWQ2NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/M3rRhZNTEIH9uw7QLe/qVOZtyt
44UuvLG3VG8Ll7YWvsm3xKX8180BhktFf+7wqMe2DUecosgfl0vuyFl/nX8L/6ms
oDggLiZvxgqVDfACoVmmeS8YqiEHllnjpmm/dqpi0FikaurDTX+PDJGveZKTfOrT
uTQfrJQu5TF1wyLTUabAm1f29ukyy8Tt8oy+0uwaVOq2hJppMIjB9MIxFSwNDCNN
ncsn/d3QrULn+ohWsrl1mBXAkdNz1RJyEhMG+ZkUDfi3mzCkjHyig6Cjo4cEJ+E2
4h1x0N9NG4N+jkrh5xiUzxY2y0gDwHy42az8uBCfPGdOtS48ZWb3ZGLviwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFOM/nfoc8Yr6VpiV3SZIPoGeHWTdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNHotZC1oenhpdnBXbUpYZEprZy1nWjRkWk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAD5M5wMEAMB8rQMEAsB8tAMEAMB80QMEAMF8AwMEAMF8CQMEAMF8EAMEAMF8
EgMEAMF8yQMEAMF8ywMEAMI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQA
wlcBAwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwld2AwQA
wld/AwQAwlegAwQAwlejAwQAwlelAwQAwleqAwQAwlezAwQAwlfGMAwDBADCV88D
BAHCV9ADBAHCV94DBADCV+kDBADChx4DBAPDOjgDBADDhR4DBADDhTcDBADUwAoD
BADUwNEDBADUwN4DBADUwQADBADUwQwwDQYJKoZIhvcNAQELBQADggEBAEkJON12
ZICR1bwyl5ufWtdrWKpBJd3pY8tQ18iVghnmYk5aJmNVJnYvqhbHlRYBADsKQRMN
j00VWNi5/bQ38Q2Ysw/5Pw3Ws3r3g730uoV+2bbMRobpzvO4Bxu0rMOWXPCaGiC/
F3jz8GEiXXaa5UeQ75XK42IV7VUhZ66J4B/x/ws4aQRd7SAMASnIBXC+0599/3u/
pZhxrvQZUuE5FhWfobvRSlqqKvuHksvDNyIOYH6KSYiqJZdug8en0+Y3txB8rJo2
aRLNYw30SVdVZVrsJ2YwaBR+CnACcxHfHh3ZRmwPlTrjrNkj6ZdBU/daXRtC9o70
e2hmRQyyUO2DUXk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:55 2023 by rpki-client on console-fra.rpki-client.org