Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HKRnGttT7NoOs5SfEulVMKT9HzY.roa
File: HKRnGttT7NoOs5SfEulVMKT9HzY.roa (raw, json)
Hash identifier: zHLXbRxlpHZH8hBmPy4VWKKekYSuHK5YqlkmkRQfpII=
Subject key identifier: 1C:A4:67:1A:DB:53:EC:DA:0E:B3:94:9F:12:E9:55:30:A4:FD:1F:36
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01850FD14F7FF737D0972D816498AF7CA8D3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HKRnGttT7NoOs5SfEulVMKT9HzY.roa
Signing time: Wed 14 Dec 2022 08:47:33 +0000
ROA not before: Wed 14 Dec 2022 08:47:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.200.0/24 maxlen: 24
194.87.205.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:d1:4f:7f:f7:37:d0:97:2d:81:64:98:af:7c:a8:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 14 08:47:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ca4671adb53ecda0eb3949f12e95530a4fd1f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b7:d0:ba:15:ab:de:53:1c:26:54:66:02:20:
bf:9b:27:1e:ab:71:a0:84:24:f4:29:61:a2:02:92:
ae:eb:b9:d3:cc:ca:69:a4:89:58:79:c1:18:2b:25:
cd:5d:b2:df:61:92:0d:5c:d6:b7:31:ea:30:c2:f6:
88:91:f3:5a:d7:7d:f5:98:27:99:76:8c:c6:dd:e3:
60:5b:9a:b2:6b:5a:9b:94:87:8f:28:4a:c6:45:bb:
60:9b:98:a6:ed:d3:9f:92:3a:fd:0c:27:fa:7d:da:
b4:27:c3:84:82:a0:5f:e1:c8:a9:f2:e3:2a:ca:6b:
85:ad:4f:4c:c1:0d:21:7f:f9:90:16:1f:f8:1a:1e:
f5:b9:35:8e:a0:ed:d2:00:50:aa:3b:d6:fb:4f:c9:
47:64:6c:34:cb:b1:04:e5:ee:4f:e8:0c:9e:45:ca:
52:06:4e:9c:94:f2:4c:26:0c:b2:4a:86:f5:02:c0:
cb:1f:9e:5e:2c:53:0e:ea:b6:3e:6a:59:0e:58:23:
a9:63:05:c1:a6:51:6b:47:bf:69:e3:8e:8e:2e:47:
b0:c3:68:ad:2b:c2:8b:ae:ba:aa:2b:e8:ff:f5:bf:
91:9f:89:e2:c8:75:9a:19:43:1b:79:76:03:fb:b4:
3b:68:66:c9:27:98:4a:e2:ab:72:03:bb:1a:66:9d:
40:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A4:67:1A:DB:53:EC:DA:0E:B3:94:9F:12:E9:55:30:A4:FD:1F:36
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HKRnGttT7NoOs5SfEulVMKT9HzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.18.0/24
193.124.45.0/24
193.124.90.0/24
193.124.133.0/24
193.124.200.0/24
194.58.40.0/24
194.58.46.0/24
194.58.59.0/24
194.87.122.0/24
194.87.124.0/23
194.87.170.0/24
194.87.200.0/24
194.87.205.0/24
194.87.233.0/24
194.87.252.0/24
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
54:1c:94:07:39:08:ef:59:e7:a3:fb:64:8d:27:45:a3:e0:ec:
13:bd:2a:37:6f:72:90:4a:4e:2c:46:28:7c:9d:e3:09:2a:14:
a2:59:e5:4b:42:6c:45:cf:fc:61:c2:a1:a6:49:2d:74:f3:01:
92:a5:80:fc:10:45:a9:c4:a4:b0:fc:b3:d1:ba:67:c9:a9:0b:
52:b8:56:d4:1a:a7:dc:50:1f:90:10:1d:29:20:0c:77:b1:51:
9c:31:c4:94:41:c5:b2:94:1f:84:16:18:d2:d7:06:2b:2b:83:
9c:0d:ac:20:58:5f:e8:c6:be:f0:59:9d:d2:99:01:1d:59:bf:
57:3f:1f:c5:fc:b8:f5:f0:25:01:35:5f:72:8e:ec:04:cc:9d:
b9:30:5b:c1:8b:33:d5:01:c7:cd:f1:0b:66:db:7a:e4:28:c6:
9b:47:28:55:57:c5:33:3a:20:2a:25:dd:69:cc:ba:6b:86:d7:
03:1f:c4:ac:94:8e:8e:76:c1:cb:d9:d6:35:6a:f0:c0:68:a4:
a6:6f:ca:32:a5:78:97:3f:da:2a:2b:54:b9:48:a0:fc:ca:30:
81:48:e1:84:4a:20:88:51:a9:6a:30:b0:c0:a2:34:0c:0c:d6:
b0:81:b2:0d:5c:1b:9b:30:0e:b7:0d:5d:a0:2e:d3:7f:2e:13:
92:6f:64:76
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYUP0U9/9zfQly2BZJivfKjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE0MDg0NzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2E0NjcxYWRiNTNlY2RhMGViMzk0OWYxMmU5NTUzMGE0ZmQxZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbfQuhWr3lMcJlRmAiC/myceq3Gg
hCT0KWGiApKu67nTzMpppIlYecEYKyXNXbLfYZINXNa3MeowwvaIkfNa1331mCeZ
dozG3eNgW5qya1qblIePKErGRbtgm5im7dOfkjr9DCf6fdq0J8OEgqBf4cip8uMq
ymuFrU9MwQ0hf/mQFh/4Gh71uTWOoO3SAFCqO9b7T8lHZGw0y7EE5e5P6AyeRcpS
Bk6clPJMJgyySob1AsDLH55eLFMO6rY+alkOWCOpYwXBplFrR79p446OLkeww2it
K8KLrrqqK+j/9b+Rn4niyHWaGUMbeXYD+7Q7aGbJJ5hK4qtyA7saZp1AawIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFBykZxrbU+zaDrOUnxLpVTCk/R82MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSEtSbkd0dFQ3Tm9PczVTZkV1bFZNS1Q5SHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EgMEAMF8LQMEAMF8WgMEAMF8hQME
AMF8yAMEAMI6KAMEAMI6LgMEAMI6OwMEAMJXegMEAcJXfAMEAMJXqgMEAMJXyAME
AMJXzQMEAMJX6QMEAMJX/AMEAMOFTAMEAMOFwQMEANTABQMEANTACTANBgkqhkiG
9w0BAQsFAAOCAQEAVByUBzkI71nno/tkjSdFo+DsE70qN29ykEpOLEYofJ3jCSoU
olnlS0JsRc/8YcKhpkktdPMBkqWA/BBFqcSksPyz0bpnyakLUrhW1Bqn3FAfkBAd
KSAMd7FRnDHElEHFspQfhBYY0tcGKyuDnA2sIFhf6Ma+8Fmd0pkBHVm/Vz8fxfy4
9fAlATVfco7sBMyduTBbwYsz1QHHzfELZtt65CjGm0coVVfFMzogKiXdacy6a4bX
Ax/ErJSOjnbBy9nWNWrwwGikpm/KMqV4lz/aKitUuUig/MowgUjhhEogiFGpajCw
wKI0DAzWsIGyDVwbmzAOtw1doC7Tfy4Tkm9kdg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org