Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Lv2s_nEG71NtqkVko6o1uUEq8XU.roa
File: Lv2s_nEG71NtqkVko6o1uUEq8XU.roa (raw, json)
Hash identifier: B+OmRmK8V4d+AM+iTfKvzJMtaHQdo63GQGoLZN+kVh0=
Subject key identifier: 2E:FD:AC:FE:71:06:EF:53:6D:AA:45:64:A3:AA:35:B9:41:2A:F1:75
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184C2987099B0DD9B533E7E538262D53E26
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Lv2s_nEG71NtqkVko6o1uUEq8XU.roa
Signing time: Tue 29 Nov 2022 08:54:40 +0000
ROA not before: Tue 29 Nov 2022 08:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 193.124.16.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:98:70:99:b0:dd:9b:53:3e:7e:53:82:62:d5:3e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 29 08:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2efdacfe7106ef536daa4564a3aa35b9412af175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:46:e3:4d:9b:33:a0:0c:37:28:d6:07:66:c2:
d9:c1:9a:6e:c1:64:e5:24:37:f5:6c:1c:17:ed:6e:
8f:0b:fd:7b:0d:2d:8b:e3:04:51:98:35:2d:66:98:
a1:aa:4f:36:31:0e:65:c7:e2:29:20:98:dc:f0:86:
7d:69:71:0d:a1:40:ea:74:d1:6d:00:74:b8:e2:09:
d1:3a:ed:18:5b:69:a0:24:1f:31:7e:81:05:38:17:
07:91:87:e5:ce:c4:81:8d:07:15:22:ac:13:1e:04:
4e:e2:65:df:d9:08:fd:a5:1a:45:ed:98:53:5c:ed:
72:86:6a:52:9d:36:ca:9e:4c:ce:21:a8:7b:83:9c:
e1:dd:fc:05:70:3b:08:11:ad:b5:1b:8a:6d:b4:f0:
38:0f:eb:3e:0d:ab:ea:92:6a:de:a1:96:d7:a2:8f:
3c:87:22:fc:46:b4:d0:15:70:51:f9:e4:af:91:e8:
fc:6a:8d:3a:83:0b:2e:16:0d:3c:96:65:5b:4c:c4:
4c:26:70:ec:3f:c8:99:6b:ff:a0:c2:a5:29:c9:af:
83:12:b4:3f:3d:af:88:e9:1f:d7:4e:8c:6e:e4:5e:
45:7f:a8:a1:28:5e:37:d4:57:6d:3d:ae:7b:d0:fb:
98:d3:b1:1c:a6:08:52:5c:bc:d8:68:11:af:a8:6c:
d9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FD:AC:FE:71:06:EF:53:6D:AA:45:64:A3:AA:35:B9:41:2A:F1:75
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Lv2s_nEG71NtqkVko6o1uUEq8XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
192.124.190.0/24
193.124.16.0/24
193.124.202.0/24
194.58.39.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.37.0/24
194.87.83.0/24
194.87.177.0/24
194.87.190.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
77:fb:60:fa:95:d6:d7:5d:73:d8:e1:da:58:27:3d:bf:7e:91:
ae:8b:bc:72:f0:0a:7d:77:47:85:bc:0c:db:11:7a:5b:3f:fc:
09:f0:2a:45:df:df:d5:39:3f:52:66:49:10:4c:82:11:76:86:
fd:ff:27:0b:46:e3:09:6d:3e:13:c4:4f:2e:79:e4:41:10:96:
70:56:c9:89:ba:ab:22:2a:27:bd:4a:72:31:6d:8e:12:cb:6f:
88:ad:ea:9c:3f:b9:f4:1d:41:7a:a9:88:c8:2d:63:b2:d7:eb:
64:c5:03:f6:84:cf:2a:f1:5c:bc:6d:37:ce:b3:c6:6e:51:c8:
ae:50:07:b2:b4:27:34:ca:ef:6c:c5:28:85:40:05:86:86:7b:
ec:0b:a0:41:1c:fa:8d:e9:6e:e9:e7:94:b5:d8:23:fc:8e:e9:
d2:10:cb:da:ab:f4:06:33:10:2a:4d:80:08:dc:15:a8:7d:ea:
33:9b:3a:08:3a:c6:ca:4d:bb:65:91:e3:f4:01:57:7f:f6:40:
e3:e7:06:f9:e5:55:e9:1a:ed:54:e9:25:8b:de:a0:a8:fb:6f:
b5:67:86:4a:f4:dd:71:ea:47:e8:ad:13:95:00:86:c8:81:63:
0e:f9:9b:c4:0e:2c:3f:5a:7e:44:3f:77:e6:eb:d1:35:f9:ac:
2a:23:1c:8d
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYTCmHCZsN2bUz5+U4Ji1T4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTI5MDg1NDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWZkYWNmZTcxMDZlZjUzNmRhYTQ1NjRhM2FhMzViOTQxMmFmMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUbjTZszoAw3KNYHZsLZwZpuwWTl
JDf1bBwX7W6PC/17DS2L4wRRmDUtZpihqk82MQ5lx+IpIJjc8IZ9aXENoUDqdNFt
AHS44gnROu0YW2mgJB8xfoEFOBcHkYflzsSBjQcVIqwTHgRO4mXf2Qj9pRpF7ZhT
XO1yhmpSnTbKnkzOIah7g5zh3fwFcDsIEa21G4pttPA4D+s+DavqkmreoZbXoo88
hyL8RrTQFXBR+eSvkej8ao06gwsuFg08lmVbTMRMJnDsP8iZa/+gwqUpya+DErQ/
Pa+I6R/XToxu5F5Ff6ihKF431FdtPa570PuY07EcpghSXLzYaBGvqGzZ+QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFC79rP5xBu9TbapFZKOqNblBKvF1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTHYyc19uRUc3MU50cWtWa282bzF1VUVxOFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAD5M6AME
AD5M6wMEAMB8vgMEAMF8EAMEAMF8ygMEAMI6JwMEAMI6LwMEAMJXAwMEAMJXEAME
AMJXFgMEAMJXJQMEAMJXUwMEAMJXsQMEAMJXvgMEAMM6OgMEAMOFVgMEAMOFwgME
ANTA0zANBgkqhkiG9w0BAQsFAAOCAQEAd/tg+pXW111z2OHaWCc9v36Rrou8cvAK
fXdHhbwM2xF6Wz/8CfAqRd/f1Tk/UmZJEEyCEXaG/f8nC0bjCW0+E8RPLnnkQRCW
cFbJibqrIionvUpyMW2OEstviK3qnD+59B1BeqmIyC1jstfrZMUD9oTPKvFcvG03
zrPGblHIrlAHsrQnNMrvbMUohUAFhoZ77AugQRz6jelu6eeUtdgj/I7p0hDL2qv0
BjMQKk2ACNwVqH3qM5s6CDrGyk27ZZHj9AFXf/ZA4+cG+eVV6RrtVOkli96gqPtv
tWeGSvTdcepH6K0TlQCGyIFjDvmbxA4sP1p+RD935uvRNfmsKiMcjQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org