Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FEJVXGdQBJgErxKuDcumg9ruZf0.roa
File: FEJVXGdQBJgErxKuDcumg9ruZf0.roa (raw, json)
Hash identifier: RCIb0nYmayhQBOcD3Q8/5T7+/8z9D3mKIsS3/y8nJv0=
Subject key identifier: 14:42:55:5C:67:50:04:98:04:AF:12:AE:0D:CB:A6:83:DA:EE:65:FD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01843D45B8ABE0783FCB836B168699351148
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FEJVXGdQBJgErxKuDcumg9ruZf0.roa
Signing time: Thu 03 Nov 2022 11:34:50 +0000
ROA not before: Thu 03 Nov 2022 11:34:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:45:b8:ab:e0:78:3f:cb:83:6b:16:86:99:35:11:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 3 11:34:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1442555c6750049804af12ae0dcba683daee65fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:90:ec:81:d8:f2:7a:2f:c6:4a:ed:07:91:58:
13:dd:9d:c8:1e:c7:ad:7f:b4:80:81:57:d8:b3:a8:
1d:b2:4a:b7:3c:94:f4:eb:7b:d0:53:bc:91:8f:0b:
94:9a:31:14:3f:a9:72:e9:2d:cf:5d:84:4c:fc:7b:
85:d7:e1:91:45:01:cf:44:3c:28:61:a5:94:c4:be:
08:ba:11:67:b6:4f:9c:ca:55:7e:bd:87:11:dc:86:
7c:30:24:90:67:e3:13:ff:f0:9d:5e:d2:e0:91:99:
c0:81:ea:65:88:f9:fd:c9:d8:6b:b3:15:c7:18:89:
5f:7c:56:7b:ff:46:b4:eb:82:73:ad:44:ec:59:87:
e7:c4:c3:42:4b:85:28:67:39:75:1c:66:5b:f3:79:
2f:23:69:84:42:be:f2:a7:91:70:24:45:bb:04:3e:
0d:84:26:dc:32:e0:37:4c:51:6f:ac:9e:94:c2:12:
9f:2e:92:50:a1:87:50:e5:54:05:29:58:c4:eb:18:
ee:26:e8:21:f5:a2:f8:93:b6:58:09:3b:cf:09:cf:
8f:84:2c:8a:9b:b9:de:f6:f5:6d:b1:a9:16:ac:0d:
62:f2:21:b9:2a:cd:d0:c6:cc:44:3d:d3:df:ed:ea:
f4:20:3e:61:4e:9d:7e:e2:da:9e:e8:36:e4:81:4e:
5a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:42:55:5C:67:50:04:98:04:AF:12:AE:0D:CB:A6:83:DA:EE:65:FD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FEJVXGdQBJgErxKuDcumg9ruZf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.203.0/24
194.58.45.0/24
194.87.1.0/24
194.87.3.0/24
194.87.16.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.118.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.135.30.0/24
195.58.56.0/21
195.133.55.0/24
195.133.76.0/24
212.192.10.0/24
212.193.0.0/24
212.193.2.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:5d:87:a3:96:52:45:26:9d:e2:15:15:17:ab:77:05:8a:e5:
1e:28:72:0d:d7:fd:a6:ee:5d:fb:88:cc:bc:82:73:55:29:b8:
2d:d7:ec:45:69:cf:bc:4a:bf:a0:6d:f7:68:fe:5f:6e:e5:a7:
1a:e3:d8:b5:11:ae:91:14:51:cf:17:98:41:51:f4:d3:f5:12:
6a:01:00:ac:04:e9:44:b0:a6:ea:c1:7e:2a:7a:e4:90:7b:5e:
52:05:dd:ac:e1:6a:69:30:b7:bc:61:f4:24:31:40:3c:6c:ed:
57:3e:a2:b0:e4:0d:72:c0:6c:07:1e:35:f3:05:25:3c:0a:b4:
aa:b9:e2:99:09:6b:3f:1e:0c:2f:8b:bf:4a:14:59:ac:c7:7a:
93:e1:f7:6d:c7:ef:a1:a6:d4:c1:b0:c4:a8:73:f1:d2:4c:70:
e9:67:bc:0c:d2:04:18:65:94:0b:42:5b:70:ed:e4:e2:c6:4f:
e0:a0:96:97:c1:b8:4a:ee:c8:20:0f:8e:80:f8:14:30:21:0e:
53:2f:3d:5c:6c:19:19:fb:b7:8f:5f:6b:65:58:9a:cb:8d:c5:
22:e8:44:f4:b9:bf:8f:b5:e6:89:d7:69:be:f0:6e:4a:d7:99:
c6:b5:17:a6:58:b4:ff:f2:29:08:0e:7a:c8:09:4f:d2:b5:ef:
83:f8:36:72
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYQ9Rbir4Hg/y4NrFoaZNRFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAzMTEzNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDQyNTU1YzY3NTAwNDk4MDRhZjEyYWUwZGNiYTY4M2RhZWU2NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZDsgdjyei/GSu0HkVgT3Z3IHset
f7SAgVfYs6gdskq3PJT063vQU7yRjwuUmjEUP6ly6S3PXYRM/HuF1+GRRQHPRDwo
YaWUxL4IuhFntk+cylV+vYcR3IZ8MCSQZ+MT//CdXtLgkZnAgepliPn9ydhrsxXH
GIlffFZ7/0a064JzrUTsWYfnxMNCS4UoZzl1HGZb83kvI2mEQr7yp5FwJEW7BD4N
hCbcMuA3TFFvrJ6UwhKfLpJQoYdQ5VQFKVjE6xjuJugh9aL4k7ZYCTvPCc+PhCyK
m7ne9vVtsakWrA1i8iG5Ks3QxsxEPdPf7er0ID5hTp1+4tqe6DbkgU5avwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFBRCVVxnUASYBK8Srg3LpoPa7mX9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRkVKVlhHZFFCSmdFcnhLdURjdW1nOXJ1WmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAA+
TOcDBADAfK0DBALAfLQDBADAfNEDBADBbHADBADBfAMDBADBfMsDBADCOi0DBADC
VwEDBADCVwMDBADCVxADBALCVxgDBADCVzgDBADCV0wDBAHCV1IDBADCV2gDBADC
V3YDBADCV6MwDAMEAMJXpQMEAMJXpgMEAMJXqgMEAMJXswMEAMJXxjAMAwQAwlfP
AwQBwlfQAwQBwlfeAwQAwoceAwQDwzo4AwQAw4U3AwQAw4VMAwQA1MAKAwQA1MEA
AwQA1MECAwQA1MEMAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQBLXYejllJFJp3i
FRUXq3cFiuUeKHIN1/2m7l37iMy8gnNVKbgt1+xFac+8Sr+gbfdo/l9u5aca49i1
Ea6RFFHPF5hBUfTT9RJqAQCsBOlEsKbqwX4qeuSQe15SBd2s4WppMLe8YfQkMUA8
bO1XPqKw5A1ywGwHHjXzBSU8CrSqueKZCWs/Hgwvi79KFFmsx3qT4fdtx++hptTB
sMSoc/HSTHDpZ7wM0gQYZZQLQltw7eTixk/goJaXwbhK7sggD46A+BQwIQ5TLz1c
bBkZ+7ePX2tlWJrLjcUi6ET0ub+PteaJ12m+8G5K15nGtRemWLT/8ikIDnrICU/S
te+D+DZy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org