Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K_bC4-WOsU1ciY8eyfGhfaGrgN4.roa
File: K_bC4-WOsU1ciY8eyfGhfaGrgN4.roa (raw, json)
Hash identifier: vkNJp1D6QOD0lAXq1HAJB7tyykxK/dU/neR28Op4BGE=
Subject key identifier: 2B:F6:C2:E3:E5:8E:B1:4D:5C:89:8F:1E:C9:F1:A1:7D:A1:AB:80:DE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184ECE437FF70DB82EE963248CDB6B3493C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K_bC4-WOsU1ciY8eyfGhfaGrgN4.roa
Signing time: Wed 07 Dec 2022 14:01:30 +0000
ROA not before: Wed 07 Dec 2022 14:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:e4:37:ff:70:db:82:ee:96:32:48:cd:b6:b3:49:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 14:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bf6c2e3e58eb14d5c898f1ec9f1a17da1ab80de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1e:99:64:dc:6e:39:46:68:a5:d4:40:3d:d9:
34:49:a8:59:73:78:9d:60:93:e5:20:5b:76:6e:90:
8e:b1:5f:30:14:5b:9d:32:d1:ab:38:7f:fd:0e:f6:
08:83:b6:6c:b8:2e:77:a7:86:87:5b:6a:60:48:02:
41:cd:bb:9b:96:02:8e:32:82:e7:bc:27:7a:49:26:
77:06:c8:8a:4b:89:74:28:d9:c0:0b:be:4b:41:35:
b3:c5:e6:09:ce:8f:5b:9f:9f:58:aa:9d:4c:9d:96:
9d:45:30:81:ac:72:46:6d:6d:6a:e2:06:b9:e4:07:
b4:4c:46:95:76:d9:0b:a4:1e:4f:a2:94:73:b7:27:
8d:80:36:87:5e:17:b9:02:eb:72:69:84:7f:bf:c0:
a9:b8:3d:9e:70:6f:91:10:18:2d:df:89:e6:b1:68:
a6:81:43:0f:88:d4:f1:b9:b6:fb:8c:6c:81:fe:b4:
1b:81:a2:c8:1f:81:c6:1f:e7:d0:00:12:69:43:53:
06:c2:cf:45:96:43:06:81:ce:6b:4c:c5:37:95:d8:
b4:69:48:1f:3e:c8:23:ec:f8:a9:e4:7f:eb:5b:48:
b1:33:8e:b1:44:4a:b9:26:75:d1:01:af:5f:f9:02:
78:24:32:8a:71:2e:de:cc:8d:79:5c:48:cd:a6:8f:
c6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F6:C2:E3:E5:8E:B1:4D:5C:89:8F:1E:C9:F1:A1:7D:A1:AB:80:DE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K_bC4-WOsU1ciY8eyfGhfaGrgN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/23
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.10.0/24
212.192.208.0-212.192.210.255
212.192.222.0/24
212.193.0.0/24
212.193.6.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e5:3c:dd:e4:03:ca:96:22:ea:06:d6:b0:49:15:fb:83:b9:
7b:9d:ee:56:42:6a:dc:ba:aa:46:df:94:79:17:a2:35:6b:b8:
4e:e7:d3:93:6a:14:bf:c4:71:c8:08:0a:da:93:3f:17:c8:bb:
07:44:76:72:9e:cb:86:62:13:e0:09:ec:a7:91:67:6d:16:13:
ae:5c:d9:99:85:1f:b7:e2:4b:e1:44:13:64:05:ab:4d:de:a2:
de:8a:d6:b5:e5:f5:e8:9b:1b:4a:c2:6e:d1:ce:05:09:86:a8:
e4:64:66:81:ba:d6:af:bb:a7:f1:dd:15:5e:e1:52:c0:c3:db:
f2:67:94:58:79:7d:01:72:6a:a5:f6:69:db:a9:50:45:fc:d6:
45:57:f0:37:25:a0:3d:82:d0:fd:00:12:c4:b9:87:e5:d3:6e:
aa:6a:31:41:26:49:ba:0e:fd:6e:65:47:69:40:c4:78:11:2a:
c7:b3:0d:a6:e5:5a:41:62:b4:b4:9c:f8:f0:f3:1d:59:40:be:
74:d8:dd:98:65:18:91:cf:a2:d3:80:3f:d3:d9:5b:8e:f0:d0:
85:b5:03:45:da:78:de:3d:25:2d:a7:26:21:4a:21:e0:b2:1a:
58:22:b6:9e:91:31:e9:63:e1:7c:13:0d:bb:4d:37:35:de:c4:
b0:3c:f0:19
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgISAYTs5Df/cNuC7pYySM22s0k8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA3MTQwMTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmY2YzJlM2U1OGViMTRkNWM4OThmMWVjOWYxYTE3ZGExYWI4MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB6ZZNxuOUZopdRAPdk0SahZc3id
YJPlIFt2bpCOsV8wFFudMtGrOH/9DvYIg7ZsuC53p4aHW2pgSAJBzbublgKOMoLn
vCd6SSZ3BsiKS4l0KNnAC75LQTWzxeYJzo9bn59Yqp1MnZadRTCBrHJGbW1q4ga5
5Ae0TEaVdtkLpB5PopRztyeNgDaHXhe5AutyaYR/v8CpuD2ecG+REBgt34nmsWim
gUMPiNTxubb7jGyB/rQbgaLIH4HGH+fQABJpQ1MGws9FlkMGgc5rTMU3ldi0aUgf
Psgj7Pip5H/rW0ixM46xREq5JnXRAa9f+QJ4JDKKcS7ezI15XEjNpo/GEQIDAQAB
o4IDYTCCA10wHQYDVR0OBBYEFCv2wuPljrFNXImPHsnxoX2hq4DeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS19iQzQtV09zVTFjaVk4ZXlmR2hmYUdyZ040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdQYIKwYBBQUHAQcBAf8EggFkMIIBYDCCAVwEAgABMIIB
VAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB80QMEAMF8AwMEAMF8CQMEAMF8
EgMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6JgMEAcI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wldsAwQAwld2AwQAwld7AwQBwleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6Qw
DAMEAMJXqwMEAMJXrAMEAMJXsAMEAcJXxgMEAMJXyjAMAwQAwlfPAwQBwlfQAwQB
wlfeAwQAwlfpAwQAwlf6AwQAwoceAwQAwzoyAwQDwzo4AwQAw4UMAwQAw4UeAwQA
w4U3AwQA1MAKMAwDBATUwNADBADUwNIDBADUwN4DBADUwQADBADUwQYDBADUwQwD
BADUwQ4wDQYJKoZIhvcNAQELBQADggEBAI7lPN3kA8qWIuoG1rBJFfuDuXud7lZC
aty6qkbflHkXojVruE7n05NqFL/EccgICtqTPxfIuwdEdnKey4ZiE+AJ7KeRZ20W
E65c2ZmFH7fiS+FEE2QFq03eot6K1rXl9eibG0rCbtHOBQmGqORkZoG61q+7p/Hd
FV7hUsDD2/JnlFh5fQFyaqX2adupUEX81kVX8DcloD2C0P0AEsS5h+XTbqpqMUEm
SboO/W5lR2lAxHgRKsezDablWkFitLSc+PDzHVlAvnTY3ZhlGJHPotOAP9PZW47w
0IW1A0XaeN49JS2nJiFKIeCyGlgitp6RMelj4XwTDbtNNzXexLA88Bk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:01 2023 by rpki-client on console-fra.rpki-client.org