Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H_ZXl203d6sYlowKQ5VREiEGnu8.roa
File: H_ZXl203d6sYlowKQ5VREiEGnu8.roa (raw, json)
Hash identifier: RMBSRD8/UBnCkXqm9DGDSxTetL/WUiSayjLmrpIpMtI=
Subject key identifier: 1F:F6:57:97:6D:37:77:AB:18:96:8C:0A:43:95:51:12:21:06:9E:EF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852F44A6018C1D8ABDB2A1C533ED8E47AF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H_ZXl203d6sYlowKQ5VREiEGnu8.roa
Signing time: Tue 20 Dec 2022 11:21:46 +0000
ROA not before: Tue 20 Dec 2022 11:21:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 194.87.3.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:44:a6:01:8c:1d:8a:bd:b2:a1:c5:33:ed:8e:47:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 11:21:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ff657976d3777ab18968c0a4395511221069eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:72:61:ed:0f:7b:e8:37:c8:4e:01:9e:20:ed:
78:d3:68:1f:6e:c9:c8:64:e7:30:c3:74:25:42:58:
41:0b:e6:15:a0:3f:23:14:00:d2:d6:97:26:94:28:
81:87:52:2e:40:84:ac:4a:73:24:2d:4c:68:35:16:
45:63:72:8a:24:0c:3a:d9:54:e5:ff:05:df:cf:c8:
5f:69:5e:e2:b6:f0:dd:ea:cf:af:f1:34:7b:5f:4f:
82:8a:35:d6:44:96:c2:89:47:cd:82:ba:ce:fd:25:
87:c8:ae:73:d8:2a:96:0d:4f:cb:17:f7:94:6d:8d:
fa:7e:31:84:11:e6:db:a0:ec:20:bf:93:df:12:38:
c4:a8:f0:df:ad:ce:6e:b8:26:a2:09:9e:e7:df:81:
64:84:08:06:71:16:0f:67:ef:50:c6:23:d2:b8:a5:
cd:49:d9:ea:ca:1b:bb:e7:d3:00:76:f5:c0:f7:2a:
67:fb:e7:08:c5:d9:f6:75:f0:d6:d5:c6:3a:4a:aa:
2d:ca:69:62:d7:25:75:8d:4b:47:cd:7e:a2:11:08:
79:c5:da:11:3b:77:d3:22:12:e5:cb:7c:8a:9a:d3:
c5:3e:b9:5b:c7:99:88:b0:34:f7:b4:87:13:cb:6b:
5c:eb:f5:b7:63:df:ac:26:47:02:12:31:b3:20:56:
b6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F6:57:97:6D:37:77:AB:18:96:8C:0A:43:95:51:12:21:06:9E:EF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H_ZXl203d6sYlowKQ5VREiEGnu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
192.124.190.0/24
193.124.16.0/24
193.124.93.0/24
193.124.202.0/24
194.58.39.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.36.0/23
194.87.83.0/24
194.87.177.0/24
194.87.190.0/24
195.58.54.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:3f:80:8d:94:1d:20:81:28:b6:0f:c1:f4:39:69:1d:84:be:
f6:2c:dd:68:29:35:3d:aa:ad:a5:24:43:11:1a:18:eb:ae:42:
0f:2a:85:31:58:c3:90:77:eb:f0:7a:56:d0:be:0b:93:d3:2c:
ef:8d:4a:fb:55:67:8a:87:9d:6c:1e:d7:3f:cc:1a:99:40:89:
d1:14:1a:d0:7b:6d:03:53:e2:02:d9:1e:79:42:42:4e:14:8c:
af:87:2e:b0:a6:8f:4a:11:3d:a5:d7:3e:a2:04:41:d2:c3:2b:
3b:b7:79:f7:a7:0a:30:e7:c1:c3:cf:a8:bb:4c:03:8e:4c:a8:
5f:cf:24:4f:0f:2a:f7:a9:b9:6c:94:35:f7:de:6c:8c:e8:db:
d2:ec:43:bc:91:f6:4e:51:c6:ef:89:f5:8b:68:39:83:5a:94:
81:b7:9a:be:5f:96:f4:91:12:55:30:d1:e3:9d:f7:44:c9:ff:
c0:1f:8c:70:91:f1:b6:9a:f2:80:ba:16:9b:7b:d5:96:61:79:
e3:70:3c:e9:aa:6c:fa:8f:4c:4b:35:41:08:3b:dc:e8:12:27:
cf:67:1c:e2:b6:05:67:6a:17:a7:58:81:77:50:63:5e:54:ee:
18:a0:f6:fe:ae:0a:dc:60:89:ac:78:7d:d8:39:35:e8:13:a5:
50:bf:b3:b9
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYUvRKYBjB2KvbKhxTPtjkevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMTEyMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY2NTc5NzZkMzc3N2FiMTg5NjhjMGE0Mzk1NTExMjIxMDY5ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nJh7Q976DfITgGeIO1402gfbsnI
ZOcww3QlQlhBC+YVoD8jFADS1pcmlCiBh1IuQISsSnMkLUxoNRZFY3KKJAw62VTl
/wXfz8hfaV7itvDd6s+v8TR7X0+CijXWRJbCiUfNgrrO/SWHyK5z2CqWDU/LF/eU
bY36fjGEEebboOwgv5PfEjjEqPDfrc5uuCaiCZ7n34FkhAgGcRYPZ+9QxiPSuKXN
Sdnqyhu759MAdvXA9ypn++cIxdn2dfDW1cY6Sqotymli1yV1jUtHzX6iEQh5xdoR
O3fTIhLly3yKmtPFPrlbx5mIsDT3tIcTy2tc6/W3Y9+sJkcCEjGzIFa2aQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFB/2V5dtN3erGJaMCkOVURIhBp7vMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSF9aWGwyMDNkNnNZbG93S1E1VlJFaUVHbnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAPkzo
AwQAwHy+AwQAwXwQAwQAwXxdAwQAwXzKAwQAwjonAwQAwjovAwQAwlcDAwQAwlcQ
AwQAwlcWAwQBwlckAwQAwldTAwQAwlexAwQAwle+AwQAwzo2AwQAwzo6AwQAw4VW
AwQAw4XCAwQA1MDTAwQA1MEIMA0GCSqGSIb3DQEBCwUAA4IBAQBqP4CNlB0ggSi2
D8H0OWkdhL72LN1oKTU9qq2lJEMRGhjrrkIPKoUxWMOQd+vwelbQvguT0yzvjUr7
VWeKh51sHtc/zBqZQInRFBrQe20DU+IC2R55QkJOFIyvhy6wpo9KET2l1z6iBEHS
wys7t3n3pwow58HDz6i7TAOOTKhfzyRPDyr3qblslDX33myM6NvS7EO8kfZOUcbv
ifWLaDmDWpSBt5q+X5b0kRJVMNHjnfdEyf/AH4xwkfG2mvKAuhabe9WWYXnjcDzp
qmz6j0xLNUEIO9zoEifPZxzitgVnahenWIF3UGNeVO4YoPb+rgrcYImseH3YOTXo
E6VQv7O5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org