Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/M3JLItNK72YFDpZ5W4RpPmbL46Y.roa
File: M3JLItNK72YFDpZ5W4RpPmbL46Y.roa (raw, json)
Hash identifier: wtRilSPcP0KLqiWqrigfnuildH7Wzs3eSggW98Q1qLw=
Subject key identifier: 33:72:4B:22:D3:4A:EF:66:05:0E:96:79:5B:84:69:3E:66:CB:E3:A6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018243A1A53DFB1A67EF8DB9A249BB6DFB34
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/M3JLItNK72YFDpZ5W4RpPmbL46Y.roa
Signing time: Thu 28 Jul 2022 07:07:23 +0000
ROA not before: Thu 28 Jul 2022 07:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.32.0/22 maxlen: 24
194.87.166.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.116.0/22 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:43:a1:a5:3d:fb:1a:67:ef:8d:b9:a2:49:bb:6d:fb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 28 07:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33724b22d34aef66050e96795b84693e66cbe3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e2:b1:19:87:ee:33:a5:de:ac:12:8d:c2:47:
5c:80:e4:f2:c3:e7:f0:10:78:31:c0:bd:92:73:d4:
91:1c:3d:43:3c:b3:7c:88:04:0d:df:9c:69:b8:be:
0a:b1:8e:a5:13:f3:11:e1:17:cf:a2:d1:a5:88:ea:
df:37:70:a0:52:35:40:a7:fc:aa:b8:a5:65:f5:7e:
60:17:6a:5e:1a:da:ee:93:46:93:b6:f5:90:f7:57:
33:77:75:5f:e3:a5:46:b0:9e:d4:50:cf:26:37:2c:
4c:15:3c:9b:b4:57:cc:f0:60:2e:8c:55:c4:d3:ef:
84:98:28:0c:91:4e:d4:92:a4:7f:c9:ae:8b:1c:0c:
8d:dd:2b:a5:21:a8:2b:4b:2e:e9:94:7e:a1:1b:ed:
3e:ad:4f:e5:1d:fc:7c:96:e4:08:bb:71:e2:0c:e0:
d2:62:b5:e6:b4:7b:78:75:55:9e:fd:84:76:39:df:
21:61:9f:ce:12:21:52:cf:29:af:01:42:f2:77:c8:
f5:cb:bb:4d:d7:58:23:8b:72:6d:64:d9:fc:17:e2:
ae:e6:5c:c3:31:d8:85:64:a8:a9:1f:83:e2:87:b3:
42:f6:35:f2:b3:02:0d:55:31:35:ad:93:7a:53:21:
8a:d1:df:2c:50:69:e9:87:76:16:a5:9c:6d:82:24:
68:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:72:4B:22:D3:4A:EF:66:05:0E:96:79:5B:84:69:3E:66:CB:E3:A6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/M3JLItNK72YFDpZ5W4RpPmbL46Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.203.0/24
194.87.1.0/24
194.87.32.0/22
194.87.64.0/24
194.87.116.0/22
194.87.166.0/24
194.87.179.0/24
194.135.23.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
68:8b:60:0a:37:9b:44:96:39:db:ef:5c:c5:13:15:54:a7:f3:
b4:2e:7b:b0:e6:18:f5:f0:82:90:f3:70:31:74:1b:b6:3d:8f:
e4:30:71:2c:a8:96:54:d9:19:9b:9e:88:ae:5a:28:90:85:b1:
56:3b:be:30:ec:26:1d:8a:9a:34:66:61:4f:cb:14:6c:1d:23:
0b:60:73:ea:bf:1f:c4:3c:33:d3:30:c7:13:40:80:8a:6e:57:
dc:c1:e9:1f:c9:2d:a2:4d:b4:a1:40:da:52:a0:53:36:1f:38:
cf:c6:5b:c2:6c:6d:c8:ee:54:03:a7:67:18:58:50:1b:48:72:
ab:c8:f8:c0:09:f2:a5:66:a1:fb:22:b0:7a:c9:77:a6:6c:6a:
8b:5d:0b:2e:44:38:78:0d:4e:b8:2a:89:2b:df:36:02:cf:1d:
c7:c3:c9:16:bd:25:4c:9b:e8:a1:ea:26:7f:47:69:16:e0:10:
ce:9b:87:2b:18:43:90:e8:3b:2a:d2:8e:77:b8:57:9c:63:f5:
cd:eb:81:5b:e7:dc:53:58:fd:cc:f6:da:a2:9a:1d:e7:af:f9:
3e:a5:dd:df:b4:49:18:51:f2:a6:d8:56:66:11:70:c2:2b:59:
61:47:34:50:74:06:ae:c7:dc:75:54:59:62:89:be:03:68:c6:
22:93:34:6d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYJDoaU9+xpn7425okm7bfs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzI4MDcwNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzcyNGIyMmQzNGFlZjY2MDUwZTk2Nzk1Yjg0NjkzZTY2Y2JlM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeKxGYfuM6XerBKNwkdcgOTyw+fw
EHgxwL2Sc9SRHD1DPLN8iAQN35xpuL4KsY6lE/MR4RfPotGliOrfN3CgUjVAp/yq
uKVl9X5gF2peGtruk0aTtvWQ91czd3Vf46VGsJ7UUM8mNyxMFTybtFfM8GAujFXE
0++EmCgMkU7UkqR/ya6LHAyN3SulIagrSy7plH6hG+0+rU/lHfx8luQIu3HiDODS
YrXmtHt4dVWe/YR2Od8hYZ/OEiFSzymvAULyd8j1y7tN11gji3JtZNn8F+Ku5lzD
MdiFZKipH4Pih7NC9jXyswINVTE1rZN6UyGK0d8sUGnph3YWpZxtgiRomQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDNySyLTSu9mBQ6WeVuEaT5my+OmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTTNKTEl0Tks3MllGRHBaNVc0UnBQbWJMNDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwHytAwQA
wHyyAwQCwHy0AwQCwHy8AwQAwHzRAwQAwXzLAwQAwlcBAwQCwlcgAwQAwldAAwQC
wld0AwQAwlemAwQAwlezAwQAwocXAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQBo
i2AKN5tEljnb71zFExVUp/O0Lnuw5hj18IKQ83AxdBu2PY/kMHEsqJZU2Rmbnoiu
WiiQhbFWO74w7CYdipo0ZmFPyxRsHSMLYHPqvx/EPDPTMMcTQICKblfcwekfyS2i
TbShQNpSoFM2HzjPxlvCbG3I7lQDp2cYWFAbSHKryPjACfKlZqH7IrB6yXembGqL
XQsuRDh4DU64Kokr3zYCzx3Hw8kWvSVMm+ih6iZ/R2kW4BDOm4crGEOQ6Dsq0o53
uFecY/XN64Fb59xTWP3M9tqimh3nr/k+pd3ftEkYUfKm2FZmEXDCK1lhRzRQdAau
x9x1VFliib4DaMYikzRt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org