Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I4C7xt1N2UCjh0qXbpY5DL7ynZM.roa
File: I4C7xt1N2UCjh0qXbpY5DL7ynZM.roa (raw, json)
Hash identifier: 4dG96x3gKg62A4Ocn6aMUZcvRlLmOejsI+an1ZPY1sk=
Subject key identifier: 23:80:BB:C6:DD:4D:D9:40:A3:87:4A:97:6E:96:39:0C:BE:F2:9D:93
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184BD44C59456FC5EC6005083AC833B42CB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I4C7xt1N2UCjh0qXbpY5DL7ynZM.roa
Signing time: Mon 28 Nov 2022 08:05:11 +0000
ROA not before: Mon 28 Nov 2022 08:05:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:44:c5:94:56:fc:5e:c6:00:50:83:ac:83:3b:42:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 28 08:05:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2380bbc6dd4dd940a3874a976e96390cbef29d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ec:a2:86:d3:2a:be:72:1d:cd:18:95:9c:dc:
18:50:18:9b:22:66:0c:81:ad:2e:d6:37:b3:a0:6f:
27:8b:d3:a4:3d:9b:e2:26:1b:18:5b:95:31:f0:9e:
ed:ff:bb:eb:fa:05:96:0d:57:c5:2a:8c:88:3e:de:
52:7c:79:83:61:06:64:bb:ef:85:16:57:40:e5:86:
9a:ac:08:fa:2b:c5:c5:72:34:42:a2:db:c2:81:ee:
1c:43:b0:8b:5d:35:f8:2e:29:ba:16:6c:70:a4:bc:
82:e0:e2:2a:bb:b3:07:46:20:2f:c5:65:93:6c:7e:
d2:68:b7:a6:73:d8:c6:3e:f2:39:2a:1c:b1:2a:06:
ae:2e:c3:12:6e:f4:6c:b1:2b:02:ff:6f:f6:c2:e4:
2b:db:7e:e6:78:01:55:6d:0c:ba:0f:b2:dd:ed:e0:
a8:51:02:02:47:b8:f1:1c:d2:f3:c4:15:5f:7a:a1:
e0:19:c7:89:85:c7:cd:fc:cf:7b:3e:47:c6:f2:46:
5d:ad:5c:b9:dd:75:b3:90:b8:8e:d0:fd:f0:a4:5f:
b9:db:67:5c:7e:9f:a1:8b:6b:5c:34:fb:a3:65:9b:
df:95:1f:3c:8f:15:51:46:79:5b:15:a6:b5:6b:e2:
4a:3e:88:4d:fe:95:e5:11:08:52:17:76:2a:18:48:
30:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:80:BB:C6:DD:4D:D9:40:A3:87:4A:97:6E:96:39:0C:BE:F2:9D:93
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I4C7xt1N2UCjh0qXbpY5DL7ynZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/23
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.16.0/24
193.124.18.0/24
193.124.45.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.32.0/24
194.87.36.0/24
194.87.56.0/24
194.87.64.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/23
194.87.160.0/24
194.87.163.0-194.87.165.255
194.87.170.0/23
194.87.191.0/24
194.87.198.0/23
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.18.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.6.0/24
212.192.10.0/24
212.192.208.0/23
212.192.222.0/24
212.193.0.0/24
212.193.6.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:e8:3e:3a:39:d2:33:5d:2f:09:be:71:7a:32:91:fc:80:9e:
49:2f:72:31:2d:ac:c5:4a:6a:6d:0d:e9:66:cb:0c:08:de:53:
d4:8c:b5:ef:d5:8e:e3:bd:b1:eb:9d:27:4d:73:de:24:d3:46:
fe:5d:f7:ca:c2:65:72:4d:cc:50:cf:4b:6c:1d:65:e6:dd:02:
2e:fc:85:44:05:b9:0c:42:35:51:1c:7b:a8:c5:d2:08:89:7d:
d9:7b:d8:43:c6:6d:32:e2:01:93:83:dc:80:b4:57:a9:00:92:
bf:d9:3c:6c:dd:4b:5b:10:b1:23:ee:03:93:71:47:84:84:5d:
98:93:99:cb:c6:b2:50:ef:02:6b:ea:69:0a:31:fe:9b:57:36:
57:8d:4f:26:0b:f7:1e:97:b3:ad:a1:85:b8:5c:65:15:5e:c7:
16:6c:59:be:a2:6e:3e:ce:6f:ad:ac:6b:bf:c8:c6:2e:d5:20:
e1:21:b7:0a:e3:ce:49:1f:ac:5d:59:a5:0d:5a:cd:93:bd:77:
b3:ac:53:9f:77:05:e2:a5:9e:cd:ed:d6:6a:86:92:5a:8e:03:
9c:ec:e5:88:59:13:35:91:93:12:51:79:0e:4f:24:fa:87:7a:
9d:bb:8b:30:ee:fc:cd:3c:18:f7:74:58:77:d2:f1:5f:cf:0c:
7f:90:38:17
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgISAYS9RMWUVvxexgBQg6yDO0LLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTI4MDgwNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzgwYmJjNmRkNGRkOTQwYTM4NzRhOTc2ZTk2MzkwY2JlZjI5ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOyihtMqvnIdzRiVnNwYUBibImYM
ga0u1jezoG8ni9OkPZviJhsYW5Ux8J7t/7vr+gWWDVfFKoyIPt5SfHmDYQZku++F
FldA5YaarAj6K8XFcjRCotvCge4cQ7CLXTX4Lim6FmxwpLyC4OIqu7MHRiAvxWWT
bH7SaLemc9jGPvI5KhyxKgauLsMSbvRssSsC/2/2wuQr237meAFVbQy6D7Ld7eCo
UQICR7jxHNLzxBVfeqHgGceJhcfN/M97PkfG8kZdrVy53XWzkLiO0P3wpF+522dc
fp+hi2tcNPujZZvflR88jxVRRnlbFaa1a+JKPohN/pXlEQhSF3YqGEgw0wIDAQAB
o4IDaTCCA2UwHQYDVR0OBBYEFCOAu8bdTdlAo4dKl26WOQy+8p2TMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSTRDN3h0MU4yVUNqaDBxWGJwWTVETDd5blpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfQYIKwYBBQUHAQcBAf8EggFsMIIBaDCCAWQEAgABMIIB
XAMEAD5M5wMEAcB8rAMEAsB8tAMEAMB80QMEAMFscAMEAMF8AwMEAMF8CQMEAMF8
EAMEAMF8EgMEAMF8LQMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6JgMEAcI6
KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlcgAwQAwlckAwQA
wlc4AwQAwldAAwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQAwld7AwQB
wleIAwQAwlegMAwDBADCV6MDBAHCV6QDBAHCV6oDBADCV78DBAHCV8YwDAMEAMJX
zwMEAcJX0AMEAcJX3gMEAMJX6QMEAMJX+gMEAMKHEgMEAMKHHgMEAMM6MgMEA8M6
OAMEAMOFDAMEAMOFHgMEAMOFNwMEANTABgMEANTACgMEAdTA0AMEANTA3gMEANTB
AAMEANTBBgMEANTBDDANBgkqhkiG9w0BAQsFAAOCAQEAb+g+OjnSM10vCb5xejKR
/ICeSS9yMS2sxUpqbQ3pZssMCN5T1Iy179WO472x650nTXPeJNNG/l33ysJlck3M
UM9LbB1l5t0CLvyFRAW5DEI1URx7qMXSCIl92XvYQ8ZtMuIBk4PcgLRXqQCSv9k8
bN1LWxCxI+4Dk3FHhIRdmJOZy8ayUO8Ca+ppCjH+m1c2V41PJgv3HpezraGFuFxl
FV7HFmxZvqJuPs5vraxrv8jGLtUg4SG3CuPOSR+sXVmlDVrNk713s6xTn3cF4qWe
ze3WaoaSWo4DnOzliFkTNZGTElF5Dk8k+od6nbuLMO78zTwY93RYd9LxX88Mf5A4
Fw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org