Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ahwz85v4JUg9YLPz8bHGSO-_2PI.roa
File: Ahwz85v4JUg9YLPz8bHGSO-_2PI.roa (raw, json)
Hash identifier: wE+TdrLWqqZLPx5NWgyDidEgWTNkCoPWiiPRBt6vWpY=
Subject key identifier: 02:1C:33:F3:9B:F8:25:48:3D:60:B3:F3:F1:B1:C6:48:EF:BF:D8:F2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01841409708CBD260441AF11D56A863AFE72
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ahwz85v4JUg9YLPz8bHGSO-_2PI.roa
Signing time: Wed 26 Oct 2022 11:24:33 +0000
ROA not before: Wed 26 Oct 2022 11:24:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.200.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:09:70:8c:bd:26:04:41:af:11:d5:6a:86:3a:fe:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 26 11:24:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=021c33f39bf825483d60b3f3f1b1c648efbfd8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7d:17:8c:85:66:1b:3b:ad:89:72:0f:2c:f2:
67:d3:7f:6e:46:e3:ae:51:64:4d:e5:15:47:8f:96:
d5:4e:49:b2:40:ed:1a:74:fc:6f:95:f9:2d:7d:89:
e6:43:be:3b:43:55:95:7f:80:63:25:62:88:f2:7b:
e4:06:27:05:09:21:18:fe:be:3c:9b:ed:33:8c:32:
a8:ee:d3:44:91:5e:66:33:f9:c5:29:10:eb:89:a4:
ac:bb:23:22:31:08:7d:91:93:cb:90:03:89:eb:ce:
a9:ab:d9:92:60:85:0b:07:94:96:d9:1d:5a:f5:44:
b8:b6:27:1b:bc:6b:ed:c7:4f:d5:60:3a:aa:d2:c7:
39:11:af:fc:9a:2e:f3:c9:cc:8f:27:be:bc:c7:0a:
f4:65:92:c5:44:7f:25:fd:b8:96:fe:24:f7:36:82:
d6:b9:93:3d:d3:04:68:47:9c:87:74:aa:93:af:12:
64:b8:88:15:fa:39:a9:55:14:0c:7c:77:8f:d6:60:
95:f9:03:77:ca:75:fe:6b:ee:ba:82:ec:12:de:b0:
52:14:8d:e5:3e:b6:47:f0:cc:86:de:60:9c:a4:81:
0a:d1:01:87:56:11:1c:80:d7:f9:c6:a1:85:00:4b:
ec:d6:fe:22:39:72:68:a6:af:38:3c:c0:47:92:0e:
1f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:1C:33:F3:9B:F8:25:48:3D:60:B3:F3:F1:B1:C6:48:EF:BF:D8:F2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ahwz85v4JUg9YLPz8bHGSO-_2PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.90.0/24
193.124.133.0/24
194.87.199.0-194.87.200.255
194.87.223.0/24
194.87.226.0/24
194.87.252.0/24
195.58.54.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:a8:2d:7c:1f:ea:1b:69:72:e6:3d:e3:95:ff:cd:05:e8:86:
36:ce:d5:30:65:44:68:4c:76:37:8f:c8:0e:b5:7f:db:27:d3:
10:60:da:7d:68:64:49:8c:b9:cb:59:47:9b:41:ff:ec:bd:80:
7d:35:ed:0b:a2:0a:ac:65:c3:b3:a6:1a:08:c6:fd:e6:45:e1:
f7:70:47:05:71:e0:02:cb:64:da:c5:6d:93:9b:8f:8c:58:72:
15:69:08:39:6f:c2:a1:cb:ea:9c:78:5f:a6:96:48:48:e3:a9:
0c:35:66:64:21:3f:79:98:f0:8d:70:60:cb:80:a6:b8:59:7d:
29:e7:68:d2:b4:25:39:20:be:32:30:cf:bc:7a:65:2d:ce:d6:
a1:8b:55:0a:3f:bb:1a:2a:72:43:97:69:4e:3b:d6:26:1d:e8:
5f:54:aa:3a:04:ec:3e:33:02:99:9d:76:82:a6:3c:6d:5d:84:
23:fd:73:6e:d7:84:65:7d:b5:23:d3:dd:c5:6e:8c:43:fa:a3:
e0:85:cd:06:f8:9e:95:15:57:e5:3c:e3:5e:37:57:1f:71:0f:
a2:39:c4:46:18:8d:87:84:4e:13:ed:fd:e7:41:ba:b6:88:cf:
54:06:48:64:72:53:a3:94:05:56:58:19:9f:09:e1:62:c4:15:
6b:43:e2:87
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYQUCXCMvSYEQa8R1WqGOv5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI2MTEyNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjFjMzNmMzliZjgyNTQ4M2Q2MGIzZjNmMWIxYzY0OGVmYmZkOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX0XjIVmGzutiXIPLPJn039uRuOu
UWRN5RVHj5bVTkmyQO0adPxvlfktfYnmQ747Q1WVf4BjJWKI8nvkBicFCSEY/r48
m+0zjDKo7tNEkV5mM/nFKRDriaSsuyMiMQh9kZPLkAOJ686pq9mSYIULB5SW2R1a
9US4ticbvGvtx0/VYDqq0sc5Ea/8mi7zycyPJ768xwr0ZZLFRH8l/biW/iT3NoLW
uZM90wRoR5yHdKqTrxJkuIgV+jmpVRQMfHeP1mCV+QN3ynX+a+66guwS3rBSFI3l
PrZH8MyG3mCcpIEK0QGHVhEcgNf5xqGFAEvs1v4iOXJopq84PMBHkg4f0wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAIcM/Ob+CVIPWCz8/Gxxkjvv9jyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWh3ejg1djRKVWc5WUxQejhiSEdTTy1fMlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeMAwDBAA+TOED
BAA+TOIDBADAfLQDBADAfLcDBADBfFoDBADBfIUwDAMEAMJXxwMEAMJXyAMEAMJX
3wMEAMJX4gMEAMJX/AMEAMM6NgMEAMOFwQMEANTABQMEANTACTANBgkqhkiG9w0B
AQsFAAOCAQEAbagtfB/qG2ly5j3jlf/NBeiGNs7VMGVEaEx2N4/IDrV/2yfTEGDa
fWhkSYy5y1lHm0H/7L2AfTXtC6IKrGXDs6YaCMb95kXh93BHBXHgAstk2sVtk5uP
jFhyFWkIOW/CocvqnHhfppZISOOpDDVmZCE/eZjwjXBgy4CmuFl9Kedo0rQlOSC+
MjDPvHplLc7WoYtVCj+7GipyQ5dpTjvWJh3oX1SqOgTsPjMCmZ12gqY8bV2EI/1z
bteEZX21I9PdxW6MQ/qj4IXNBvielRVX5TzjXjdXH3EPojnERhiNh4ROE+3950G6
tojPVAZIZHJTo5QFVlgZnwnhYsQVa0Pihw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org