Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6yfsWF2ElsaNHF0jWT__ziMYo2g.roa
File: 6yfsWF2ElsaNHF0jWT__ziMYo2g.roa (raw, json)
Hash identifier: w/WhwTJLjn6dGja53+fCUDRCjNGqapyvBKesRE+2CG0=
Subject key identifier: EB:27:EC:58:5D:84:96:C6:8D:1C:5D:23:59:3F:FF:CE:23:18:A3:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840FE53D25F5F842165475568D97D5784C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6yfsWF2ElsaNHF0jWT__ziMYo2g.roa
Signing time: Tue 25 Oct 2022 16:06:32 +0000
ROA not before: Tue 25 Oct 2022 16:06:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399471
IP address blocks: 212.193.29.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
212.192.216.0/22 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.244.0/22 maxlen: 24
212.193.8.0/23 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:e5:3d:25:f5:f8:42:16:54:75:56:8d:97:d5:78:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 16:06:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb27ec585d8496c68d1c5d23593fffce2318a368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c7:40:ae:6f:34:04:cc:5a:d5:44:27:89:6a:
7f:5d:65:5b:41:1b:74:5f:ea:2f:c9:26:b2:c6:50:
d7:bb:ca:6c:92:82:5d:e9:c0:5b:9a:fe:29:09:90:
cf:0e:0c:e1:7f:d4:57:6a:ff:6f:eb:f4:fe:20:b9:
3e:f8:e1:fd:a0:61:c9:e2:15:36:ff:ca:0d:5a:17:
6b:8e:92:6e:67:2d:fa:10:b1:e3:05:e1:ec:7d:b5:
e1:46:70:e3:d7:b3:72:b5:42:3d:10:b9:d8:a0:37:
9b:d5:61:62:0a:eb:59:07:96:a5:21:8a:d0:99:fb:
a2:a5:a4:8f:a9:a4:0e:aa:08:a3:ef:c3:bc:00:44:
cb:ea:40:12:f2:f1:6f:61:d8:06:11:de:c7:03:b4:
51:f8:60:4d:38:14:fd:c0:42:66:d1:31:61:e0:1d:
dc:bc:0e:5c:f1:bc:70:5a:54:b7:37:aa:70:fb:c9:
b5:83:9c:ba:e8:30:8c:51:d4:17:47:b7:8a:74:9d:
38:02:ac:0c:ab:c3:f6:c0:a6:60:3d:61:37:20:ad:
eb:a4:54:23:0f:0f:d3:f8:b6:58:e7:05:58:3c:03:
f2:6c:db:72:c0:e1:ea:d6:1f:6b:95:36:4d:7c:98:
36:50:9b:b5:f1:e7:a2:2b:aa:17:7c:82:c2:15:10:
1d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:27:EC:58:5D:84:96:C6:8D:1C:5D:23:59:3F:FF:CE:23:18:A3:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6yfsWF2ElsaNHF0jWT__ziMYo2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.248.0/24
194.85.250.0/24
194.87.32.0/24
194.87.35.0/24
194.87.82.0/23
194.87.149.0/24
194.87.161.0/24
194.87.163.0/24
194.87.227.0/24
195.133.39.0/24
212.192.11.0/24
212.192.216.0/22
212.192.244.0/22
212.193.8.0/23
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:23:62:cb:70:6a:3d:41:aa:32:0a:66:4e:51:45:91:62:be:
d0:1a:d9:ae:37:68:bb:d9:d3:e2:d1:1a:23:66:f3:db:9a:32:
ba:6c:e4:f7:df:a1:3b:26:17:ba:18:12:ac:bb:1b:9e:c2:c4:
08:e4:1b:52:5c:b1:2d:34:68:ee:ea:75:37:b2:3d:59:7a:0e:
19:13:99:e7:d4:95:20:f8:47:e9:c4:a3:5a:f3:56:e6:48:4a:
45:c8:d7:7e:6c:08:19:ab:82:0f:84:c2:21:9a:c3:2d:8a:7d:
1f:b9:25:1d:42:fe:11:ed:8c:93:c1:ba:6f:0d:b4:6e:9b:1c:
65:9f:3d:21:b5:eb:46:ef:45:07:7d:56:cc:fd:9b:6d:b0:ba:
51:7c:71:8f:a0:4f:db:08:32:c4:50:cb:e1:99:f3:2d:b5:a4:
77:86:d5:a3:ad:b1:b0:95:a8:aa:20:82:d9:17:08:6b:d7:93:
fe:8b:04:ee:96:50:94:23:14:75:0f:91:b5:ea:df:0e:04:ab:
e8:80:30:e8:44:33:43:cb:44:df:9b:dc:07:56:be:72:ae:c8:
1e:23:a2:81:06:b3:bd:4c:cf:a0:e7:43:23:15:28:cc:75:a3:
a9:c3:89:e2:f4:f9:53:d6:14:24:41:45:b0:cf:b7:6f:84:50:
c3:00:38:ce
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYQP5T0l9fhCFlR1Vo2X1XhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MTYwNjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjI3ZWM1ODVkODQ5NmM2OGQxYzVkMjM1OTNmZmZjZTIzMThhMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8dArm80BMxa1UQniWp/XWVbQRt0
X+ovySayxlDXu8pskoJd6cBbmv4pCZDPDgzhf9RXav9v6/T+ILk++OH9oGHJ4hU2
/8oNWhdrjpJuZy36ELHjBeHsfbXhRnDj17NytUI9ELnYoDeb1WFiCutZB5alIYrQ
mfuipaSPqaQOqgij78O8AETL6kAS8vFvYdgGEd7HA7RR+GBNOBT9wEJm0TFh4B3c
vA5c8bxwWlS3N6pw+8m1g5y66DCMUdQXR7eKdJ04AqwMq8P2wKZgPWE3IK3rpFQj
Dw/T+LZY5wVYPAPybNtywOHq1h9rlTZNfJg2UJu18eeiK6oXfILCFRAdaQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOsn7FhdhJbGjRxdI1k//84jGKNoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNnlmc1dGMkVsc2FOSEYwaldUX196aU1ZbzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwlX4AwQA
wlX6AwQAwlcgAwQAwlcjAwQBwldSAwQAwleVAwQAwlehAwQAwlejAwQAwlfjAwQA
w4UnAwQA1MALAwQC1MDYAwQC1MD0AwQB1MEIAwQA1MEdMA0GCSqGSIb3DQEBCwUA
A4IBAQBdI2LLcGo9QaoyCmZOUUWRYr7QGtmuN2i72dPi0RojZvPbmjK6bOT336E7
Jhe6GBKsuxuewsQI5BtSXLEtNGju6nU3sj1Zeg4ZE5nn1JUg+EfpxKNa81bmSEpF
yNd+bAgZq4IPhMIhmsMtin0fuSUdQv4R7YyTwbpvDbRumxxlnz0htetG70UHfVbM
/ZttsLpRfHGPoE/bCDLEUMvhmfMttaR3htWjrbGwlaiqIILZFwhr15P+iwTullCU
IxR1D5G16t8OBKvogDDoRDNDy0Tfm9wHVr5yrsgeI6KBBrO9TM+g50MjFSjMdaOp
w4ni9PlT1hQkQUWwz7dvhFDDADjO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:56 2023 by rpki-client on console-fra.rpki-client.org