Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I63tKFxSoNjZwWggjufU28b_rDE.roa
File: I63tKFxSoNjZwWggjufU28b_rDE.roa (raw, json)
Hash identifier: 5f3Yx5B8+5pskPm/gBJsfIR6/625s+Z4NvMTJ/kceqk=
Subject key identifier: 23:AD:ED:28:5C:52:A0:D8:D9:C1:68:20:8E:E7:D4:DB:C6:FF:AC:31
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184CE191885CD7F93F5AA13B1477020DD61
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I63tKFxSoNjZwWggjufU28b_rDE.roa
Signing time: Thu 01 Dec 2022 14:31:01 +0000
ROA not before: Thu 01 Dec 2022 14:31:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.224.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:19:18:85:cd:7f:93:f5:aa:13:b1:47:70:20:dd:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 1 14:31:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23aded285c52a0d8d9c168208ee7d4dbc6ffac31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:e5:eb:f4:e3:fa:1c:3a:b1:25:d4:df:20:
05:f2:30:85:7e:d1:f2:a8:4e:a2:68:08:95:34:de:
80:b0:75:ce:24:41:3f:16:18:07:22:52:9d:02:0f:
a2:cf:1a:fd:28:09:96:35:c3:e8:98:57:fa:d5:11:
3e:c1:a0:4d:01:6f:b5:ee:d2:ff:a6:55:8f:de:33:
f1:8a:6b:df:6f:00:11:f6:1f:22:93:21:55:51:93:
bb:45:0d:d3:72:0b:43:f3:79:e5:32:3f:79:1a:10:
17:68:5b:4b:54:a3:27:33:45:da:3b:65:a4:ca:4e:
0d:eb:d4:61:eb:f7:bf:a7:e0:e9:41:22:fb:50:e9:
e0:45:0c:24:37:6a:e8:89:f7:82:17:f8:4d:07:71:
5b:56:bd:fa:f5:d2:88:35:9c:b7:ba:e8:1f:e3:be:
0d:54:11:8d:43:15:e4:f8:9b:b8:dc:0a:e3:e8:49:
b2:c1:c2:15:d5:14:b4:cd:61:d6:ea:72:9a:bd:f4:
e8:34:b5:d2:c6:fd:7b:c9:28:5e:03:2c:b1:4a:94:
9e:a2:87:4c:ce:89:4a:f7:8a:dc:c0:d7:e2:42:54:
9f:a0:24:e8:bd:aa:ef:6d:51:ad:2a:e7:b0:ca:07:
a0:c6:e6:8d:2a:31:ff:43:ec:95:85:a0:59:c4:a7:
4f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AD:ED:28:5C:52:A0:D8:D9:C1:68:20:8E:E7:D4:DB:C6:FF:AC:31
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I63tKFxSoNjZwWggjufU28b_rDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
62.76.231.0/24
192.124.172.0/23
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.45.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.32.0/24
194.87.36.0/24
194.87.56.0/24
194.87.64.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/23
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.170.0-194.87.172.255
194.87.176.0/24
194.87.191.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.6.0/24
212.192.10.0/24
212.192.208.0-212.192.210.255
212.192.222.0/24
212.193.0.0/24
212.193.6.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
73:6e:20:2a:2f:53:cd:32:99:26:c9:1c:d4:3e:9b:9c:81:b1:
f0:94:4b:6d:17:50:ec:e6:30:ad:25:f5:da:fc:98:50:81:19:
a0:3d:7c:d6:f9:b9:74:ad:c3:db:1d:0e:33:93:f1:a4:03:e3:
03:f3:be:ef:11:c2:bf:92:bc:bd:5d:71:db:57:32:ef:db:dc:
5f:a5:2d:1e:8b:e5:b5:72:50:b5:39:5c:c4:81:2b:59:1c:0b:
20:fa:8b:0e:35:9b:78:79:b3:02:c8:91:63:14:e0:c2:6f:9a:
0e:30:05:90:91:64:d0:ad:0b:78:ab:07:66:95:d5:69:80:ba:
7f:ac:93:db:b5:3c:fd:22:70:07:23:55:74:06:70:71:de:ff:
d3:3d:0c:fc:4c:71:83:23:80:30:ed:b5:2b:2c:af:39:83:5f:
9d:71:a0:7b:74:79:ed:05:80:41:cb:e2:ab:a8:4b:01:af:e4:
f8:22:e3:d9:39:ef:5e:1c:cd:e4:25:5c:3c:62:a9:51:3f:3d:
fc:4f:cc:e3:d0:93:d6:6c:6a:35:32:40:ab:05:24:c7:f4:cf:
7c:b7:c1:c6:85:16:80:46:65:4a:44:f3:3d:a6:8a:ac:53:ec:
ff:df:96:2d:73:62:c6:5c:12:f3:42:b6:eb:36:5a:5c:ff:38:
97:2c:60:d7
-----BEGIN CERTIFICATE-----
MIIGhTCCBW2gAwIBAgISAYTOGRiFzX+T9aoTsUdwIN1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjAxMTQzMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FkZWQyODVjNTJhMGQ4ZDljMTY4MjA4ZWU3ZDRkYmM2ZmZhYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluDl6/Tj+hw6sSXU3yAF8jCFftHy
qE6iaAiVNN6AsHXOJEE/FhgHIlKdAg+izxr9KAmWNcPomFf61RE+waBNAW+17tL/
plWP3jPximvfbwAR9h8ikyFVUZO7RQ3TcgtD83nlMj95GhAXaFtLVKMnM0XaO2Wk
yk4N69Rh6/e/p+DpQSL7UOngRQwkN2roifeCF/hNB3FbVr369dKINZy3uugf474N
VBGNQxXk+Ju43Arj6EmywcIV1RS0zWHW6nKavfToNLXSxv17ySheAyyxSpSeoodM
zolK94rcwNfiQlSfoCTovarvbVGtKuewygegxuaNKjH/Q+yVhaBZxKdPhwIDAQAB
o4IDkTCCA40wHQYDVR0OBBYEFCOt7ShcUqDY2cFoII7n1NvG/6wxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSTYzdEtGeFNvTmpad1dnZ2p1ZlUyOGJfckRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpQYIKwYBBQUHAQcBAf8EggGUMIIBkDCCAYwEAgABMIIB
hAMEAD5M4AMEAD5M5wMEAcB8rAMEAMB8sgMEAsB8tAMEAMB80QMEAMFscAMEAMF8
AwMEAMF8CQMEAMF8EgMEAMF8LQMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6
JgMEAcI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlcgAwQA
wlckAwQAwlc4AwQAwldAAwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQA
wld7AwQBwleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6QwDAMEAcJXqgMEAMJX
rAMEAMJXsAMEAMJXvwMEAcJXxgMEAMJXyjAMAwQAwlfPAwQBwlfQAwQBwlfeAwQA
wlfpAwQAwlf6AwQAwoceAwQAwzoyAwQDwzo4AwQAw4UMAwQAw4UeAwQAw4U3AwQA
1MAGAwQA1MAKMAwDBATUwNADBADUwNIDBADUwN4DBADUwQADBADUwQYDBADUwQwD
BADUwQ4wDQYJKoZIhvcNAQELBQADggEBAHNuICovU80ymSbJHNQ+m5yBsfCUS20X
UOzmMK0l9dr8mFCBGaA9fNb5uXStw9sdDjOT8aQD4wPzvu8Rwr+SvL1dcdtXMu/b
3F+lLR6L5bVyULU5XMSBK1kcCyD6iw41m3h5swLIkWMU4MJvmg4wBZCRZNCtC3ir
B2aV1WmAun+sk9u1PP0icAcjVXQGcHHe/9M9DPxMcYMjgDDttSssrzmDX51xoHt0
ee0FgEHL4quoSwGv5Pgi49k5714czeQlXDxiqVE/PfxPzOPQk9ZsajUyQKsFJMf0
z3y3wcaFFoBGZUpE8z2miqxT7P/fli1zYsZcEvNCtus2Wlz/OJcsYNc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:00 2023 by rpki-client on console-fra.rpki-client.org