Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CBre-YElKrSaNiIMH_lHHUlwmlA.roa
File: CBre-YElKrSaNiIMH_lHHUlwmlA.roa (raw, json)
Hash identifier: 692OwNiJ1OOvnick79YAjhMrlUkGJqZlmoL6TiTJltI=
Subject key identifier: 08:1A:DE:F9:81:25:2A:B4:9A:36:22:0C:1F:F9:47:1D:49:70:9A:50
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183F5849B3FDC015EE892583D55BE2FE51F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CBre-YElKrSaNiIMH_lHHUlwmlA.roa
Signing time: Thu 20 Oct 2022 13:10:51 +0000
ROA not before: Thu 20 Oct 2022 13:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:84:9b:3f:dc:01:5e:e8:92:58:3d:55:be:2f:e5:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 20 13:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=081adef981252ab49a36220c1ff9471d49709a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:88:de:63:0a:59:a1:ea:57:b2:dc:e8:ce:54:
21:60:e8:db:10:a5:91:ff:ed:83:47:e2:90:e2:a5:
87:9e:82:df:d0:f3:74:20:7e:4c:31:23:4f:c0:f3:
76:5f:d4:5e:99:e6:f9:5e:2f:97:9a:3d:72:fe:93:
fb:c2:53:a0:3e:5f:81:29:da:9a:bd:89:13:52:93:
c8:2a:8d:cb:98:ab:4a:64:7c:ac:6e:3f:61:d3:f8:
77:e2:a1:11:78:7b:05:41:87:d4:9c:87:20:50:e3:
35:4d:fa:a0:10:15:fa:e0:99:bb:01:07:ba:aa:76:
18:04:37:62:a2:99:ef:8a:e6:90:cc:78:91:00:41:
2e:55:63:17:25:58:43:cd:31:6e:62:d2:ee:19:61:
08:f6:37:41:93:c8:3a:28:bc:ed:50:b7:24:97:7c:
86:d2:66:fc:fc:17:ed:b9:c1:6b:70:0f:7f:36:d0:
03:9f:1d:88:d9:91:39:d8:ce:4d:b5:76:40:64:f4:
bd:69:4d:5b:36:ae:fe:ef:f9:f3:f3:86:27:61:54:
69:e1:df:ea:f5:2e:7f:12:e4:a9:61:77:40:93:6c:
20:2c:d4:f6:fb:01:2d:bf:b5:8f:aa:49:86:fc:0a:
3f:ae:10:08:2c:ff:c3:c2:60:de:85:53:f0:b1:e1:
64:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1A:DE:F9:81:25:2A:B4:9A:36:22:0C:1F:F9:47:1D:49:70:9A:50
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CBre-YElKrSaNiIMH_lHHUlwmlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.16.0/24
194.87.24.0/22
194.87.117.0-194.87.118.255
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.135.23.0/24
194.135.30.0/24
195.58.54.0/24
195.133.76.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
29:31:a9:9d:48:b8:f2:c7:cc:65:6a:bd:b6:f7:59:16:4f:d3:
56:6e:1e:33:db:be:88:4b:eb:84:d3:fa:f6:3d:ef:7b:c1:1d:
dd:8a:7b:3e:75:64:87:35:c5:ff:40:e1:4c:85:b4:c1:84:de:
91:12:71:ed:bd:8a:9e:bf:c5:6f:8e:14:c4:3d:51:fb:1a:42:
43:36:30:b9:b4:b9:4e:98:98:52:8b:aa:03:81:28:05:f9:00:
f0:34:65:cb:23:ef:fb:61:4b:e8:bd:a4:7b:c2:77:8c:b3:69:
0f:61:48:08:fc:a8:22:50:66:ab:3b:c1:96:24:1a:0f:80:ee:
43:5d:70:c6:c9:01:f2:e9:58:9f:13:4f:08:c2:5e:f0:ae:be:
97:1f:e4:91:ae:bc:12:a3:63:6b:ba:38:d7:b6:c7:71:85:6b:
4e:ef:07:54:43:ea:ac:d0:55:e4:ec:e3:00:cb:62:69:c4:d0:
15:e6:78:f2:b9:91:b0:00:51:6e:03:b2:31:d2:e2:42:5c:10:
63:3a:f0:9b:12:21:e9:ee:c3:d7:ee:77:5c:0a:9a:d6:05:32:
16:fe:c6:05:61:38:a9:5d:c8:7e:8c:93:77:27:b2:5d:a0:69:
6c:bb:20:bd:c7:48:9d:f2:c4:b8:89:22:03:3c:c2:b0:a0:de:
d0:31:95:c2
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYP1hJs/3AFe6JJYPVW+L+UfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDIwMTMxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFhZGVmOTgxMjUyYWI0OWEzNjIyMGMxZmY5NDcxZDQ5NzA5YTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYjeYwpZoepXstzozlQhYOjbEKWR
/+2DR+KQ4qWHnoLf0PN0IH5MMSNPwPN2X9Remeb5Xi+Xmj1y/pP7wlOgPl+BKdqa
vYkTUpPIKo3LmKtKZHysbj9h0/h34qEReHsFQYfUnIcgUOM1TfqgEBX64Jm7AQe6
qnYYBDdiopnviuaQzHiRAEEuVWMXJVhDzTFuYtLuGWEI9jdBk8g6KLztULckl3yG
0mb8/BftucFrcA9/NtADnx2I2ZE52M5NtXZAZPS9aU1bNq7+7/nz84YnYVRp4d/q
9S5/EuSpYXdAk2wgLNT2+wEtv7WPqkmG/Ao/rhAILP/DwmDehVPwseFknwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFAga3vmBJSq0mjYiDB/5Rx1JcJpQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0JyZS1ZRWxLclNhTmlJTUhfbEhIVWx3bWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBfAMDBADB
fF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBADCVxADBALCVxgwDAMEAMJXdQME
AMJXdgMEAMJXpQMEAMJXqgMEAMJXswMEAMJXxjAMAwQAwlfPAwQBwlfQAwQBwlfe
AwQAwlfiAwQAwocXAwQAwoceAwQAwzo2AwQAw4VMAwQA1MEMAwQA1MEPMA0GCSqG
SIb3DQEBCwUAA4IBAQApMamdSLjyx8xlar2291kWT9NWbh4z276IS+uE0/r2Pe97
wR3dins+dWSHNcX/QOFMhbTBhN6REnHtvYqev8VvjhTEPVH7GkJDNjC5tLlOmJhS
i6oDgSgF+QDwNGXLI+/7YUvovaR7wneMs2kPYUgI/KgiUGarO8GWJBoPgO5DXXDG
yQHy6VifE08Iwl7wrr6XH+SRrrwSo2NrujjXtsdxhWtO7wdUQ+qs0FXk7OMAy2Jp
xNAV5njyuZGwAFFuA7Ix0uJCXBBjOvCbEiHp7sPX7ndcCprWBTIW/sYFYTipXch+
jJN3J7JdoGlsuyC9x0id8sS4iSIDPMKwoN7QMZXC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org