Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hi6AfLKw4gYMIU9KTCJti4lFfls.roa
File: Hi6AfLKw4gYMIU9KTCJti4lFfls.roa (raw, json)
Hash identifier: mGXsitls457/rCH0oCoidPRBarjgV+Dx3Ql8CyMuxjc=
Subject key identifier: 1E:2E:80:7C:B2:B0:E2:06:0C:21:4F:4A:4C:22:6D:8B:89:45:7E:5B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E157F7B66EF8ADA96396DB3A4E46D65F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hi6AfLKw4gYMIU9KTCJti4lFfls.roa
Signing time: Mon 05 Dec 2022 08:12:29 +0000
ROA not before: Mon 05 Dec 2022 08:12:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 193.124.16.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:57:f7:b6:6e:f8:ad:a9:63:96:db:3a:4e:46:d6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 08:12:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e2e807cb2b0e2060c214f4a4c226d8b89457e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2d:fc:3c:bd:69:c3:df:d6:2d:09:f8:b8:49:
f0:3c:42:2a:82:42:66:4d:ec:5b:0b:a7:30:f0:b9:
24:72:59:16:fc:10:e2:94:8f:51:26:4b:21:60:f3:
ca:30:35:87:82:05:09:fd:a9:42:30:55:ab:4c:6a:
02:5f:2f:27:91:1e:f8:de:64:d2:11:c1:d9:b3:06:
1e:58:e3:48:84:dc:8c:29:42:52:88:d5:f5:0a:0a:
d7:f8:0f:82:29:e5:28:1c:84:41:9e:c0:67:bf:80:
99:5b:5f:93:8f:fa:34:41:ac:cd:18:34:03:49:53:
27:b6:1a:83:df:97:c1:5b:c3:97:69:39:ad:5f:40:
93:34:bf:52:89:6e:05:78:c7:9a:e6:8a:1b:07:22:
bb:1c:f3:6d:d6:0d:51:12:16:42:1e:1e:34:c5:e6:
f7:8a:f7:34:87:c8:b7:2b:f4:9b:17:31:bd:2a:b9:
b8:59:c6:51:29:82:e9:bd:8d:b5:62:f6:97:ba:04:
2b:26:a4:c6:97:64:f6:e3:df:c8:2e:f8:e6:2c:ed:
cb:70:4c:07:fc:ab:a6:84:8d:cd:43:a0:b6:c9:69:
27:95:85:88:e3:a3:fe:be:ff:9c:da:95:51:10:56:
c5:24:39:b7:55:af:57:0d:9a:cd:e4:9c:c1:28:be:
9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:2E:80:7C:B2:B0:E2:06:0C:21:4F:4A:4C:22:6D:8B:89:45:7E:5B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hi6AfLKw4gYMIU9KTCJti4lFfls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
192.124.190.0/24
193.124.16.0/24
193.124.93.0/24
193.124.202.0/24
194.58.39.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.36.0/23
194.87.83.0/24
194.87.177.0/24
194.87.190.0/24
195.58.54.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
42:fa:e9:5d:90:7f:b3:f4:34:48:43:aa:85:dd:d2:40:0c:b3:
ff:5f:85:58:49:5f:ea:0e:41:21:45:fa:62:e7:31:9b:1b:3d:
a8:20:00:6c:17:b0:68:a0:81:49:f5:c3:51:3d:70:8f:64:c1:
d7:19:87:2f:03:0c:3d:d4:a8:36:ba:32:a6:ff:62:b5:2c:69:
9e:56:09:6a:1d:12:15:a8:af:32:cd:20:eb:71:f4:27:c6:15:
ec:32:1a:82:a1:7b:ca:30:ef:fb:c3:ce:c5:dd:ba:ab:14:3b:
43:fe:b0:af:ec:1c:5c:b7:9d:5e:a1:76:63:f5:8a:90:b0:51:
cf:20:70:dc:9b:2d:6c:7a:33:7f:06:07:6d:2e:61:dd:1e:a6:
16:99:a0:b1:3c:9c:0c:38:6d:09:58:4a:4d:0c:1f:06:28:8c:
4b:f0:aa:f4:51:7a:29:4f:b5:6a:44:9a:04:aa:2f:2b:c8:f0:
db:ac:43:fc:db:fa:70:0a:2b:fc:b8:9d:7f:9f:72:53:d5:3d:
37:48:ca:d2:96:35:77:9a:dc:0f:7d:b0:e5:4d:58:d1:96:0b:
73:80:b0:88:18:58:4d:76:26:f8:3f:f8:84:00:b8:63:0e:ad:
21:a6:01:3a:a4:31:7e:ec:40:3f:a1:74:e3:41:2b:85:a9:de:
d5:bd:63:08
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYThV/e2bvitqWOW2zpORtZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MDgxMjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTJlODA3Y2IyYjBlMjA2MGMyMTRmNGE0YzIyNmQ4Yjg5NDU3ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2S38PL1pw9/WLQn4uEnwPEIqgkJm
TexbC6cw8LkkclkW/BDilI9RJkshYPPKMDWHggUJ/alCMFWrTGoCXy8nkR743mTS
EcHZswYeWONIhNyMKUJSiNX1CgrX+A+CKeUoHIRBnsBnv4CZW1+Tj/o0QazNGDQD
SVMnthqD35fBW8OXaTmtX0CTNL9SiW4FeMea5oobByK7HPNt1g1REhZCHh40xeb3
ivc0h8i3K/SbFzG9Krm4WcZRKYLpvY21YvaXugQrJqTGl2T249/ILvjmLO3LcEwH
/KumhI3NQ6C2yWknlYWI46P+vv+c2pVREFbFJDm3Va9XDZrN5JzBKL6atwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFB4ugHyysOIGDCFPSkwibYuJRX5bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSGk2QWZMS3c0Z1lNSVU5S1RDSnRpNGxGZmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAD5M
6AMEAD5M6wMEAMB8vgMEAMF8EAMEAMF8XQMEAMF8ygMEAMI6JwMEAMI6LwMEAMJX
AwMEAMJXEAMEAMJXFgMEAcJXJAMEAMJXUwMEAMJXsQMEAMJXvgMEAMM6NgMEAMM6
OgMEAMOFVgMEAMOFwgMEANTA0wMEANTBCDANBgkqhkiG9w0BAQsFAAOCAQEAQvrp
XZB/s/Q0SEOqhd3SQAyz/1+FWElf6g5BIUX6Yucxmxs9qCAAbBewaKCBSfXDUT1w
j2TB1xmHLwMMPdSoNroypv9itSxpnlYJah0SFaivMs0g63H0J8YV7DIagqF7yjDv
+8POxd26qxQ7Q/6wr+wcXLedXqF2Y/WKkLBRzyBw3JstbHozfwYHbS5h3R6mFpmg
sTycDDhtCVhKTQwfBiiMS/Cq9FF6KU+1akSaBKovK8jw26xD/Nv6cAor/Lidf59y
U9U9N0jK0pY1d5rcD32w5U1Y0ZYLc4CwiBhYTXYm+D/4hAC4Yw6tIaYBOqQxfuxA
P6F040Erhane1b1jCA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org