Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AglIGmCbukpgzjwL-M53_QIhWvQ.roa
File: AglIGmCbukpgzjwL-M53_QIhWvQ.roa (raw, json)
Hash identifier: e+CjlpSV/jisCPV4upYfFNxJwtqkPpHMa0t5oQi8f+M=
Subject key identifier: 02:09:48:1A:60:9B:BA:4A:60:CE:3C:0B:F8:CE:77:FD:02:21:5A:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184C3E208985F211A5827590BCEAF870A81
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AglIGmCbukpgzjwL-M53_QIhWvQ.roa
Signing time: Tue 29 Nov 2022 14:54:41 +0000
ROA not before: Tue 29 Nov 2022 14:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.75.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:e2:08:98:5f:21:1a:58:27:59:0b:ce:af:87:0a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 29 14:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0209481a609bba4a60ce3c0bf8ce77fd02215af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:78:cd:9e:74:b1:c3:c2:1c:7b:2f:11:e0:63:
09:f2:05:a4:86:be:dc:ff:27:5e:68:8b:7b:79:46:
1b:11:47:bb:8f:f1:f0:ec:82:b8:4b:0c:6c:95:ce:
24:74:57:17:a1:f9:73:09:d6:ca:c5:6b:d7:8f:ba:
ad:8e:28:7b:41:95:70:ed:c5:97:53:53:d5:82:11:
4c:7b:c4:0b:17:e8:c8:50:8e:30:06:f0:5d:58:18:
e6:63:0c:32:cd:30:fe:f2:ff:6d:ec:a0:f6:3f:90:
f8:4e:21:f2:7a:8e:1e:54:af:22:af:f0:01:d9:01:
25:58:2b:ea:cc:e7:7a:7b:a0:72:56:d8:46:4f:a5:
3b:22:ee:c8:cf:a7:c0:0e:36:d4:b8:c0:c3:08:d5:
80:1e:eb:9c:c1:5e:49:3f:17:83:b7:cd:06:a0:72:
57:ae:07:f5:d9:82:7f:37:f5:cd:26:27:f7:b8:11:
dc:4b:98:66:51:e7:4f:67:49:a9:e8:11:b8:fe:4e:
78:70:98:b4:08:9e:e5:41:82:2c:8e:bb:81:8b:71:
c0:82:87:3a:65:57:0e:7e:7e:96:95:e6:b1:b0:5a:
5f:18:f0:90:0d:ba:8f:7f:5a:d9:8e:0a:3c:18:47:
fa:64:4f:de:de:de:d3:f6:69:f9:42:ee:e3:e7:93:
93:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:09:48:1A:60:9B:BA:4A:60:CE:3C:0B:F8:CE:77:FD:02:21:5A:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AglIGmCbukpgzjwL-M53_QIhWvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
192.124.188.0/24
193.124.41.0/24
193.124.91.0/24
193.124.93.0/24
193.124.95.0/24
193.124.227.0/24
194.58.58.0/24
194.58.60.0/24
194.85.249.0/24
194.85.251.0/24
194.87.187.0/24
195.58.59.0/24
195.133.13.0-195.133.14.255
195.133.29.0/24
195.133.31.0/24
195.133.37.0/24
195.133.39.0-195.133.43.255
195.133.75.0/24
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:60:b8:31:a7:93:dc:2a:a0:92:87:06:33:55:34:27:02:a6:
f5:53:6d:e9:6f:02:92:cc:a3:aa:d2:63:e4:ed:5d:a1:ee:1c:
38:f3:83:20:d1:e8:bb:d3:d6:90:61:36:3e:5a:ae:f0:03:4d:
19:8c:19:27:15:c3:fe:14:80:f5:f3:06:4d:15:b2:fa:b2:3d:
0e:38:98:a2:23:39:d1:a9:8a:de:b6:c1:8e:19:f0:4d:eb:a4:
17:fd:4a:80:2b:5b:e3:aa:c4:37:40:67:d9:53:fb:7f:1e:f3:
05:3b:a0:77:29:82:61:6f:f1:09:17:56:a4:50:e3:2e:2d:0d:
7f:86:96:a0:2e:9b:23:36:60:91:b7:05:20:ea:78:d8:59:5b:
77:4b:21:6a:74:fe:c3:85:bf:52:84:fe:6b:3e:b8:80:6b:c0:
8d:07:e1:cb:b1:47:66:02:f4:95:46:62:92:34:21:e4:47:c8:
32:ed:ae:d4:b0:0f:fe:b2:9c:5b:cf:7f:fe:9c:f8:a9:d8:92:
a2:a1:3f:0c:3b:9d:cf:45:39:1f:3d:54:11:10:1a:01:fd:68:
65:35:eb:93:1c:bd:b1:04:2e:35:f8:b4:af:2c:ba:b1:45:85:
48:a0:00:76:98:62:04:b5:d8:4f:8d:c9:17:4c:60:83:38:fa:
34:aa:80:aa
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYTD4giYXyEaWCdZC86vhwqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTI5MTQ1NDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjA5NDgxYTYwOWJiYTRhNjBjZTNjMGJmOGNlNzdmZDAyMjE1YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnjNnnSxw8Icey8R4GMJ8gWkhr7c
/ydeaIt7eUYbEUe7j/Hw7IK4Swxslc4kdFcXoflzCdbKxWvXj7qtjih7QZVw7cWX
U1PVghFMe8QLF+jIUI4wBvBdWBjmYwwyzTD+8v9t7KD2P5D4TiHyeo4eVK8ir/AB
2QElWCvqzOd6e6ByVthGT6U7Iu7Iz6fADjbUuMDDCNWAHuucwV5JPxeDt80GoHJX
rgf12YJ/N/XNJif3uBHcS5hmUedPZ0mp6BG4/k54cJi0CJ7lQYIsjruBi3HAgoc6
ZVcOfn6WleaxsFpfGPCQDbqPf1rZjgo8GEf6ZE/e3t7T9mn5Qu7j55OT6wIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFAIJSBpgm7pKYM48C/jOd/0CIVr0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWdsSUdtQ2J1a3Bnemp3TC1NNTNfUUloV3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBADA
fLYDBADAfLwDBADBfCkDBADBfFsDBADBfF0DBADBfF8DBADBfOMDBADCOjoDBADC
OjwDBADCVfkDBADCVfsDBADCV7sDBADDOjswDAMEAMOFDQMEAMOFDgMEAMOFHQME
AMOFHwMEAMOFJTAMAwQAw4UnAwQCw4UoAwQAw4VLAwQA1MAEAwQA1MDwAwQA1MEc
AwQA1MEfMA0GCSqGSIb3DQEBCwUAA4IBAQAdYLgxp5PcKqCShwYzVTQnAqb1U23p
bwKSzKOq0mPk7V2h7hw484Mg0ei709aQYTY+Wq7wA00ZjBknFcP+FID18wZNFbL6
sj0OOJiiIznRqYretsGOGfBN66QX/UqAK1vjqsQ3QGfZU/t/HvMFO6B3KYJhb/EJ
F1akUOMuLQ1/hpagLpsjNmCRtwUg6njYWVt3SyFqdP7Dhb9ShP5rPriAa8CNB+HL
sUdmAvSVRmKSNCHkR8gy7a7UsA/+spxbz3/+nPip2JKioT8MO53PRTkfPVQREBoB
/WhlNeuTHL2xBC41+LSvLLqxRYVIoAB2mGIEtdhPjckXTGCDOPo0qoCq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org