Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7V0UEyTo0qdxJm8oPjAXJvsXl8k.roa
File: 7V0UEyTo0qdxJm8oPjAXJvsXl8k.roa (raw, json)
Hash identifier: ijj8TST4WUkqGPkIkM6KVEYN6wpc1zaPrSxYjw29u2E=
Subject key identifier: ED:5D:14:13:24:E8:D2:A7:71:26:6F:28:3E:30:17:26:FB:17:97:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183EB753B09AC1C7C431ACC002ABDB782E4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7V0UEyTo0qdxJm8oPjAXJvsXl8k.roa
Signing time: Tue 18 Oct 2022 14:17:52 +0000
ROA not before: Tue 18 Oct 2022 14:17:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:75:3b:09:ac:1c:7c:43:1a:cc:00:2a:bd:b7:82:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 18 14:17:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed5d141324e8d2a771266f283e301726fb1797c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fc:2c:f4:02:5c:e5:2e:23:65:1f:c7:85:10:
0d:d9:cc:0b:31:91:55:c6:6f:1c:80:09:76:82:ea:
22:f5:fa:16:c6:a1:63:c1:3f:6c:93:9f:74:ae:46:
a5:6d:8b:78:13:f5:09:dd:cf:b7:f9:22:e5:40:95:
29:ba:93:17:64:b3:40:6c:1a:d5:2b:ce:59:bf:91:
6d:60:1e:4d:e8:e4:e5:3a:bf:14:29:e8:c9:4f:38:
d2:ac:23:e1:1a:dc:af:a5:f8:eb:64:9d:92:0b:28:
bf:7a:70:46:04:53:96:54:e1:3e:a4:a8:11:b7:f3:
48:5f:15:e1:cb:d8:2b:4a:0d:50:ff:cc:dd:8a:77:
e4:67:28:18:7d:8a:43:2b:2a:ba:c3:a4:46:2d:ac:
6c:ad:fc:e0:48:01:83:72:28:4d:0f:ac:13:cf:38:
09:10:40:fc:0a:73:63:b8:73:b9:36:46:07:2c:b7:
6c:2e:0b:e9:e3:aa:f0:e8:f2:a4:64:d6:4c:7b:b1:
ad:4d:1c:b9:05:a7:07:77:dd:73:7c:63:c0:25:29:
79:ae:a2:80:44:dd:9c:c1:62:8b:2c:0a:48:d8:3d:
3f:a8:5d:cf:c5:33:01:2c:58:1c:ea:93:e2:21:8c:
57:02:f0:55:2d:2c:db:8f:c6:40:52:80:af:13:f0:
91:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5D:14:13:24:E8:D2:A7:71:26:6F:28:3E:30:17:26:FB:17:97:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7V0UEyTo0qdxJm8oPjAXJvsXl8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.16.0/24
194.87.24.0/22
194.87.118.0/24
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.135.23.0/24
194.135.30.0/24
195.58.54.0/24
195.133.76.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7a:09:b1:db:e8:26:76:c6:87:5a:f4:9c:26:67:65:95:94:
3c:99:b1:2e:04:e6:92:c0:db:85:08:84:43:1e:1e:ac:a7:b1:
5e:95:fe:ba:b1:12:36:43:d0:02:2f:72:ab:9b:98:c2:20:c6:
3b:d0:10:cc:a6:a1:b5:c0:8f:58:b2:9d:06:c9:df:73:1a:cd:
2a:6b:ce:a8:6b:29:92:6d:4a:d1:80:4f:39:97:64:36:7d:ec:
a7:7d:19:6c:01:00:f0:56:4b:f3:73:3e:ec:c9:48:83:81:33:
a5:39:10:40:4d:39:bb:cf:20:1c:3d:d7:b9:43:28:99:6e:08:
e2:43:d2:c1:65:bc:49:bb:fe:bf:cb:7f:47:40:bf:4c:38:34:
42:51:0d:b3:b5:0b:79:ff:38:71:01:48:4a:d0:0c:60:00:9d:
13:dc:85:f7:0a:2f:bb:c2:df:1a:1e:e8:eb:51:b9:6f:36:33:
51:de:4d:78:b6:d5:e9:91:6f:37:07:f9:47:6f:3b:9d:35:1f:
f5:a0:00:f2:05:49:f5:e0:ae:a1:53:4d:b3:7b:e5:33:81:68:
c7:98:e3:0e:65:d2:b5:2f:14:c7:95:be:d5:cc:fd:d1:6d:93:
4c:36:9b:0a:9e:08:c5:14:53:32:81:f2:66:a3:e3:9c:bc:dc:
49:d3:e3:e7
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYPrdTsJrBx8QxrMACq9t4LkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE4MTQxNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDVkMTQxMzI0ZThkMmE3NzEyNjZmMjgzZTMwMTcyNmZiMTc5N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/ws9AJc5S4jZR/HhRAN2cwLMZFV
xm8cgAl2guoi9foWxqFjwT9sk590rkalbYt4E/UJ3c+3+SLlQJUpupMXZLNAbBrV
K85Zv5FtYB5N6OTlOr8UKejJTzjSrCPhGtyvpfjrZJ2SCyi/enBGBFOWVOE+pKgR
t/NIXxXhy9grSg1Q/8zdinfkZygYfYpDKyq6w6RGLaxsrfzgSAGDcihND6wTzzgJ
EED8CnNjuHO5NkYHLLdsLgvp46rw6PKkZNZMe7GtTRy5BacHd91zfGPAJSl5rqKA
RN2cwWKLLApI2D0/qF3PxTMBLFgc6pPiIYxXAvBVLSzbj8ZAUoCvE/CRRQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFO1dFBMk6NKncSZvKD4wFyb7F5fJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN1YwVUV5VG8wcWR4Sm04b1BqQVhKdnNYbDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBfAMDBADB
fF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBADCVxADBALCVxgDBADCV3YDBADC
V6UDBADCV6oDBADCV7MDBADCV8YDBADCV8owDAMEAMJXzwMEAcJX0AMEAcJX3gME
AMJX4gMEAMKHFwMEAMKHHgMEAMM6NgMEAMOFTAMEANTBDAMEANTBDzANBgkqhkiG
9w0BAQsFAAOCAQEAE3oJsdvoJnbGh1r0nCZnZZWUPJmxLgTmksDbhQiEQx4erKex
XpX+urESNkPQAi9yq5uYwiDGO9AQzKahtcCPWLKdBsnfcxrNKmvOqGspkm1K0YBP
OZdkNn3sp30ZbAEA8FZL83M+7MlIg4EzpTkQQE05u88gHD3XuUMomW4I4kPSwWW8
Sbv+v8t/R0C/TDg0QlENs7ULef84cQFIStAMYACdE9yF9wovu8LfGh7o61G5bzYz
Ud5NeLbV6ZFvNwf5R287nTUf9aAA8gVJ9eCuoVNNs3vlM4Fox5jjDmXStS8Ux5W+
1cz90W2TTDabCp4IxRRTMoHyZqPjnLzcSdPj5w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org