Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CsHOOPBYizi0uXiYAynzSFP4p8k.roa
File: CsHOOPBYizi0uXiYAynzSFP4p8k.roa (raw, json)
Hash identifier: HsV7maN/61Ldfg2szKlZA75uGeU117EKX/sv+Zh8km8=
Subject key identifier: 0A:C1:CE:38:F0:58:8B:38:B4:B9:78:98:03:29:F3:48:53:F8:A7:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E1527975B2B0F9B6C13B10A410B81E82
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CsHOOPBYizi0uXiYAynzSFP4p8k.roa
Signing time: Mon 05 Dec 2022 08:06:29 +0000
ROA not before: Mon 05 Dec 2022 08:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.200.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:52:79:75:b2:b0:f9:b6:c1:3b:10:a4:10:b8:1e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 08:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ac1ce38f0588b38b4b978980329f34853f8a7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2a:35:3b:66:4d:f3:67:34:ae:38:6a:bb:4a:
11:99:4b:6c:5b:06:7d:87:83:57:04:95:64:20:e4:
16:6b:10:1f:1b:2b:1a:0c:ce:c4:65:f6:18:04:b4:
68:58:2b:f2:1f:2b:87:17:12:a4:70:f3:a9:dd:4a:
ae:07:a6:07:85:59:58:45:6e:59:6b:63:c1:a0:15:
85:00:98:ed:8d:e8:e2:87:d0:dd:8e:dc:fc:b1:7e:
d3:f5:1d:28:7c:8d:c0:89:3f:a3:06:67:8a:43:9e:
3f:36:dd:9d:58:59:be:4e:39:4c:33:8a:05:92:18:
99:94:7c:ed:60:ae:14:c0:7a:c5:84:cc:1a:94:79:
5c:3f:f6:3d:59:6d:4f:f6:8f:4e:46:38:c6:2d:2c:
81:b8:ff:df:f3:30:03:2c:3c:c2:9a:2f:6a:0f:da:
3c:df:0c:d4:5d:90:57:3d:1c:88:dd:92:cc:ab:8f:
b2:33:54:68:70:0c:d0:96:63:83:50:eb:49:de:21:
dd:5e:92:ce:bf:ba:8f:58:b2:6f:ef:6b:45:6e:ba:
13:a3:20:ba:87:e9:6c:eb:f6:c6:97:5f:71:c4:d9:
7e:1e:4e:c3:a7:2f:32:2e:3f:f8:85:2c:23:40:2e:
8f:c4:02:43:a0:0d:9f:b6:7c:a4:e3:ea:e3:0b:58:
ad:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C1:CE:38:F0:58:8B:38:B4:B9:78:98:03:29:F3:48:53:F8:A7:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CsHOOPBYizi0uXiYAynzSFP4p8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.18.0/24
193.124.90.0/24
193.124.133.0/24
193.124.200.0/24
194.58.40.0/24
194.58.46.0/24
194.58.59.0/24
194.87.122.0/24
194.87.124.0/23
194.87.200.0/24
194.87.223.0/24
194.87.226.0/24
194.87.233.0/24
194.87.252.0/24
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0-212.192.10.255
Signature Algorithm: sha256WithRSAEncryption
18:0b:c9:a8:c6:3a:7a:ac:24:e3:0b:46:8d:41:38:5f:af:87:
97:56:f3:76:8d:cb:75:9d:20:4a:a5:83:74:2f:19:eb:0c:9e:
34:08:0f:b9:be:bb:4e:9e:3c:73:c8:59:53:9e:db:7a:85:f5:
56:96:e7:5b:9d:33:61:71:21:a4:5f:fd:1b:b3:d2:4e:36:d1:
8d:50:61:c6:c4:ae:d2:1d:3b:61:1b:33:fb:a9:12:a7:18:46:
ec:ec:e9:a6:39:85:b3:96:eb:3a:cd:2f:50:2f:2f:ca:26:f6:
03:49:54:1e:5e:61:23:27:d9:ba:de:78:33:8e:b9:44:cb:c8:
4b:71:c8:5f:93:a5:e3:25:b6:a1:b4:b2:cd:0a:fc:62:38:d7:
93:da:10:9e:9d:16:45:c8:96:1a:2a:12:0b:bb:1b:a6:74:a7:
f3:08:f7:a2:2e:3d:f3:67:38:82:6f:67:de:0b:5d:42:2f:d3:
8e:d6:8f:93:a3:96:4b:25:7f:89:45:13:6a:0f:60:d4:05:61:
f6:3a:c6:18:b9:6e:de:11:6f:f2:c0:60:c7:84:c8:3e:e2:6e:
6a:2c:62:09:bd:95:eb:6d:38:b6:ba:72:d1:4e:8c:98:1e:7e:
a5:dd:e3:e2:a9:57:cf:1d:76:ea:1a:b9:f2:23:1a:bc:c8:fa:
e7:23:6c:c8
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYThUnl1srD5tsE7EKQQuB6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MDgwNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWMxY2UzOGYwNTg4YjM4YjRiOTc4OTgwMzI5ZjM0ODUzZjhhN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyo1O2ZN82c0rjhqu0oRmUtsWwZ9
h4NXBJVkIOQWaxAfGysaDM7EZfYYBLRoWCvyHyuHFxKkcPOp3UquB6YHhVlYRW5Z
a2PBoBWFAJjtjejih9Ddjtz8sX7T9R0ofI3AiT+jBmeKQ54/Nt2dWFm+TjlMM4oF
khiZlHztYK4UwHrFhMwalHlcP/Y9WW1P9o9ORjjGLSyBuP/f8zADLDzCmi9qD9o8
3wzUXZBXPRyI3ZLMq4+yM1RocAzQlmODUOtJ3iHdXpLOv7qPWLJv72tFbroToyC6
h+ls6/bGl19xxNl+Hk7Dpy8yLj/4hSwjQC6PxAJDoA2ftnyk4+rjC1itTwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFArBzjjwWIs4tLl4mAMp80hT+KfJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ3NIT09QQllpemkwdVhpWUF5bnpTRlA0cDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4wDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EgMEAMF8WgMEAMF8hQMEAMF8yAME
AMI6KAMEAMI6LgMEAMI6OwMEAMJXegMEAcJXfAMEAMJXyAMEAMJX3wMEAMJX4gME
AMJX6QMEAMJX/AMEAMOFTAMEAMOFwQMEANTABTAMAwQA1MAJAwQA1MAKMA0GCSqG
SIb3DQEBCwUAA4IBAQAYC8moxjp6rCTjC0aNQThfr4eXVvN2jct1nSBKpYN0Lxnr
DJ40CA+5vrtOnjxzyFlTntt6hfVWludbnTNhcSGkX/0bs9JONtGNUGHGxK7SHTth
GzP7qRKnGEbs7OmmOYWzlus6zS9QLy/KJvYDSVQeXmEjJ9m63ngzjrlEy8hLcchf
k6XjJbahtLLNCvxiONeT2hCenRZFyJYaKhILuxumdKfzCPeiLj3zZziCb2feC11C
L9OO1o+To5ZLJX+JRRNqD2DUBWH2OsYYuW7eEW/ywGDHhMg+4m5qLGIJvZXrbTi2
unLRToyYHn6l3ePiqVfPHXbqGrnyIxq8yPrnI2zI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:58 2023 by rpki-client on console-fra.rpki-client.org