Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AahLAo4KLnKYuO7kykDuCe--Gv4.roa
File: AahLAo4KLnKYuO7kykDuCe--Gv4.roa (raw, json)
Hash identifier: NHxtZsUNXGLLTF5lJo3/+HSV9DdXSXTvOfW/z48uiU0=
Subject key identifier: 01:A8:4B:02:8E:0A:2E:72:98:B8:EE:E4:CA:40:EE:09:EF:BE:1A:FE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018538A760D7497E7C1D1C92E1C22D71DB9E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AahLAo4KLnKYuO7kykDuCe--Gv4.roa
Signing time: Thu 22 Dec 2022 07:06:11 +0000
ROA not before: Thu 22 Dec 2022 07:06:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:38:a7:60:d7:49:7e:7c:1d:1c:92:e1:c2:2d:71:db:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 22 07:06:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01a84b028e0a2e7298b8eee4ca40ee09efbe1afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ae:6a:2b:4d:7a:05:bd:20:90:97:4f:cb:ca:
ae:47:0c:3f:91:3c:c4:90:0d:54:5e:66:7c:d7:37:
81:20:9e:10:6b:4b:6a:94:99:b1:49:1e:e1:37:9d:
52:c1:bd:6d:5e:ab:68:ae:15:47:6d:4e:09:5e:29:
b8:ce:8e:c5:fe:cb:f3:e2:ba:eb:98:d9:fc:bb:b3:
de:7c:5a:4c:6b:f2:6b:3e:dd:e5:36:0e:af:9b:bc:
21:06:ff:b9:eb:f1:1a:ca:35:45:f1:e2:09:6d:5d:
c1:00:b5:8d:d5:e0:45:55:fe:46:4b:8c:4a:84:48:
cb:64:46:d9:30:15:2f:9f:dc:b7:52:3d:f4:e8:c5:
2d:bc:12:d7:e2:71:71:e1:42:1a:03:3d:63:c2:a2:
df:8e:30:b6:10:7a:d4:9f:f7:dd:fa:fb:14:f0:08:
44:55:e6:dc:12:b1:54:1c:0b:fa:8f:6d:b0:84:43:
da:59:a2:ec:7e:98:52:d9:c1:20:25:7e:5c:5d:eb:
34:47:5c:0d:56:33:1b:ed:cd:24:7f:87:a7:fe:dc:
6d:59:70:83:d2:99:a9:02:c9:1c:49:17:de:be:34:
5b:e2:87:ba:c4:aa:88:21:86:32:33:33:d2:56:cf:
94:ff:23:f0:34:05:5b:84:b7:e9:83:ed:20:b5:e4:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A8:4B:02:8E:0A:2E:72:98:B8:EE:E4:CA:40:EE:09:EF:BE:1A:FE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AahLAo4KLnKYuO7kykDuCe--Gv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.149.0/24
194.87.160.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.50.0/24
195.58.52.0/24
195.58.56.0/21
195.133.12.0/24
195.133.15.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.5.0/24
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:88:f7:ee:eb:bd:0c:6b:4d:46:b3:c5:df:14:66:d4:af:2f:
11:40:ba:01:79:82:08:63:e6:a4:ea:ab:97:6a:cf:3d:43:36:
4f:bf:da:0f:44:e6:b4:8f:4a:5d:e1:bb:98:d6:45:62:79:5d:
06:38:9e:64:56:e5:71:81:94:16:30:24:13:4d:04:10:48:d6:
8e:65:fe:d0:8e:dd:90:e4:d7:c6:9f:1d:79:48:30:d9:17:27:
4a:59:3d:86:c8:50:75:1f:90:d3:86:01:1a:ae:9d:15:1c:66:
12:d3:4f:01:53:0b:19:55:ba:1c:8e:c5:68:ba:60:0d:09:7f:
fb:63:62:d3:da:7b:05:72:2f:10:9e:55:15:47:99:ed:bb:a5:
13:f7:01:a1:e5:79:9b:fd:62:20:3a:48:f7:87:44:81:9d:86:
4a:aa:a5:3d:0b:82:b0:36:8d:63:5f:6f:10:ba:18:3b:36:a8:
bf:b2:91:b5:f9:57:cf:46:0d:bb:06:51:08:07:6c:f8:6b:23:
b6:a3:cd:0c:6c:33:62:79:24:b2:65:79:ac:94:a8:1a:f2:ee:
a2:c3:89:5d:1c:9c:6e:a3:e2:24:92:f7:d6:84:df:0d:72:65:
58:a7:e1:50:05:22:9b:92:22:bb:10:4d:fb:f8:b8:7f:44:a9:
54:6e:3f:97
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgISAYU4p2DXSX58HRyS4cItcdueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIyMDcwNjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE4NGIwMjhlMGEyZTcyOThiOGVlZTRjYTQwZWUwOWVmYmUxYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq5qK016Bb0gkJdPy8quRww/kTzE
kA1UXmZ81zeBIJ4Qa0tqlJmxSR7hN51Swb1tXqtorhVHbU4JXim4zo7F/svz4rrr
mNn8u7PefFpMa/JrPt3lNg6vm7whBv+56/EayjVF8eIJbV3BALWN1eBFVf5GS4xK
hEjLZEbZMBUvn9y3Uj306MUtvBLX4nFx4UIaAz1jwqLfjjC2EHrUn/fd+vsU8AhE
VebcErFUHAv6j22whEPaWaLsfphS2cEgJX5cXes0R1wNVjMb7c0kf4en/txtWXCD
0pmpAskcSRfevjRb4oe6xKqIIYYyMzPSVs+U/yPwNAVbhLfpg+0gteQq2QIDAQAB
o4IDYTCCA10wHQYDVR0OBBYEFAGoSwKOCi5ymLju5MpA7gnvvhr+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWFoTEFvNEtMbktZdU83a3lrRHVDZS0tR3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdQYIKwYBBQUHAQcBAf8EggFkMIIBYDCCAVwEAgABMIIB
VAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8CAMEAMF8
EgMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wldsAwQAwld0AwQAwld2AwQAwld7AwQAwleIAwQAwleVAwQAwlegAwQAwlejAwQA
wlelMAwDBADCV6sDBADCV6wDBADCV7ADBADCV7YDBAHCV8YDBADCV8oDBAHCV9AD
BAHCV94DBADCV+kDBADChx4DBADDOjIDBADDOjQDBAPDOjgDBADDhQwDBADDhQ8D
BADDhTcDBADDhV4DBADDhcMDBAHUwAADBADUwAUDBADUwAoDBADUwN4DBADUwQAD
BADUwQwwDQYJKoZIhvcNAQELBQADggEBAEuI9+7rvQxrTUazxd8UZtSvLxFAugF5
gghj5qTqq5dqzz1DNk+/2g9E5rSPSl3hu5jWRWJ5XQY4nmRW5XGBlBYwJBNNBBBI
1o5l/tCO3ZDk18afHXlIMNkXJ0pZPYbIUHUfkNOGARqunRUcZhLTTwFTCxlVuhyO
xWi6YA0Jf/tjYtPaewVyLxCeVRVHme27pRP3AaHleZv9YiA6SPeHRIGdhkqqpT0L
grA2jWNfbxC6GDs2qL+ykbX5V89GDbsGUQgHbPhrI7ajzQxsM2J5JLJleayUqBry
7qLDiV0cnG6j4iSS99aE3w1yZVin4VAFIpuSIrsQTfv4uH9EqVRuP5c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org