Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MDklhp_agd3Y9mRCUsjbw8PzBrQ.roa
File: MDklhp_agd3Y9mRCUsjbw8PzBrQ.roa (raw, json)
Hash identifier: bDbirRq9U6IWhdawjFBOYC3HHcYyOiMrSSCh8UUXhOg=
Subject key identifier: 30:39:25:86:9F:DA:81:DD:D8:F6:64:42:52:C8:DB:C3:C3:F3:06:B4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840E8697EED5D52BE7E97A95249520276D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MDklhp_agd3Y9mRCUsjbw8PzBrQ.roa
Signing time: Tue 25 Oct 2022 09:43:32 +0000
ROA not before: Tue 25 Oct 2022 09:43:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:86:97:ee:d5:d5:2b:e7:e9:7a:95:24:95:20:27:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 09:43:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=303925869fda81ddd8f6644252c8dbc3c3f306b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:11:29:0c:5e:26:85:04:b2:b5:11:cf:9c:06:
33:4d:09:cd:2e:ee:c9:04:1d:c8:45:31:af:a9:ea:
cc:b9:b5:3f:1c:73:0d:3f:ea:14:20:69:a6:52:4a:
e0:65:a0:e9:7c:7c:33:34:17:cc:31:e4:dd:70:ab:
6a:af:b0:a0:93:bf:44:15:fd:f5:69:c5:b8:65:39:
9a:ee:59:00:c8:51:ed:f3:47:e3:25:55:78:d8:67:
0e:22:b1:48:94:f6:00:69:a1:9a:bb:6e:e8:94:36:
0a:64:71:fd:4d:d0:bb:f6:e9:c4:82:7d:37:15:e3:
5b:e8:43:60:4b:bd:eb:20:63:4b:d9:1f:0c:86:b6:
69:15:a7:cc:02:9a:d0:25:7e:08:89:42:17:f5:14:
ec:ba:1c:06:04:25:87:9d:db:7c:23:5d:46:b2:c6:
61:96:da:7d:2b:d3:1a:82:7c:30:78:72:71:4c:40:
3c:0d:48:71:42:2f:d2:78:85:cb:99:a9:d7:70:da:
53:ca:a2:6a:7a:6e:1a:d5:c7:80:7e:4f:d1:69:6e:
a9:25:0e:9f:5e:7f:d7:78:e1:47:b5:ab:57:c8:47:
01:97:3b:4a:98:b7:cc:05:9e:35:1a:3f:4b:df:2e:
7c:e1:b0:38:71:18:a7:34:7e:d9:61:a1:04:1b:54:
32:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:39:25:86:9F:DA:81:DD:D8:F6:64:42:52:C8:DB:C3:C3:F3:06:B4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MDklhp_agd3Y9mRCUsjbw8PzBrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.3.0/24
194.87.16.0/24
194.87.24.0/22
194.87.118.0/24
194.87.165.0/24
194.87.170.0/24
194.87.178.0/23
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0-194.87.224.255
194.87.226.0/24
194.135.23.0/24
194.135.30.0/24
195.58.54.0/24
195.133.55.0/24
195.133.76.0/24
212.193.0.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:98:e1:47:b5:46:a7:9e:35:f6:e9:8b:08:3b:44:c9:60:ba:
a0:17:cc:80:4b:89:08:4c:8e:7d:66:cb:49:fa:6e:d3:1a:0b:
d2:1a:06:f2:25:86:ce:34:16:2d:92:0d:8d:1a:ad:23:72:b7:
bc:eb:68:da:45:f2:4e:33:ca:64:54:2b:1a:c5:89:25:17:d1:
41:5e:67:f1:b3:42:1b:c8:63:d4:75:89:0f:2b:d2:a7:74:9b:
b5:fd:3b:e7:15:55:2c:1e:0b:1e:d2:23:41:9a:83:88:73:5a:
bd:11:b0:5f:2f:a6:53:6d:43:59:6d:b9:b7:65:1d:4c:4e:1d:
bd:9c:b9:f3:b4:43:86:97:52:39:cf:6b:1f:52:fd:04:05:8b:
fb:48:67:ee:4a:bf:ef:e3:32:31:bc:0e:fd:84:2b:d4:eb:c5:
e9:1e:9d:05:3d:cd:66:59:fe:fc:87:30:f3:62:9a:e6:cb:6f:
38:d9:02:31:f4:2f:5c:8d:a4:04:9d:bf:74:67:a7:e6:85:ce:
c8:81:b2:97:c8:24:94:e5:02:99:ff:70:9e:01:02:57:08:dc:
25:9f:f4:11:d9:15:33:7f:cf:5b:71:f0:2d:36:f8:35:ea:a4:
ce:f9:ee:5e:7c:16:da:43:8c:6b:f9:ce:aa:23:21:ad:78:75:
3b:02:a0:13
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYQOhpfu1dUr5+l6lSSVICdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MDk0MzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDM5MjU4NjlmZGE4MWRkZDhmNjY0NDI1MmM4ZGJjM2MzZjMwNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhEpDF4mhQSytRHPnAYzTQnNLu7J
BB3IRTGvqerMubU/HHMNP+oUIGmmUkrgZaDpfHwzNBfMMeTdcKtqr7Cgk79EFf31
acW4ZTma7lkAyFHt80fjJVV42GcOIrFIlPYAaaGau27olDYKZHH9TdC79unEgn03
FeNb6ENgS73rIGNL2R8MhrZpFafMAprQJX4IiUIX9RTsuhwGBCWHndt8I11GssZh
ltp9K9MagnwweHJxTEA8DUhxQi/SeIXLmanXcNpTyqJqem4a1ceAfk/RaW6pJQ6f
Xn/XeOFHtatXyEcBlztKmLfMBZ41Gj9L3y584bA4cRinNH7ZYaEEG1QyYQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFDA5JYaf2oHd2PZkQlLI28PD8wa0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTURrbGhwX2FnZDNZOW1SQ1VzamJ3OFB6QnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBbHADBADB
fAMDBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBADCVwMDBADCVxADBALC
VxgDBADCV3YDBADCV6UDBADCV6oDBAHCV7IDBADCV8YwDAMEAMJXzwMEAcJX0DAM
AwQBwlfeAwQAwlfgAwQAwlfiAwQAwocXAwQAwoceAwQAwzo2AwQAw4U3AwQAw4VM
AwQA1MEAAwQA1MEMAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQCNmOFHtUannjX2
6YsIO0TJYLqgF8yAS4kITI59ZstJ+m7TGgvSGgbyJYbONBYtkg2NGq0jcre862ja
RfJOM8pkVCsaxYklF9FBXmfxs0IbyGPUdYkPK9KndJu1/TvnFVUsHgse0iNBmoOI
c1q9EbBfL6ZTbUNZbbm3ZR1MTh29nLnztEOGl1I5z2sfUv0EBYv7SGfuSr/v4zIx
vA79hCvU68XpHp0FPc1mWf78hzDzYprmy2842QIx9C9cjaQEnb90Z6fmhc7IgbKX
yCSU5QKZ/3CeAQJXCNwln/QR2RUzf89bcfAtNvg16qTO+e5efBbaQ4xr+c6qIyGt
eHU7AqAT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:01 2023 by rpki-client on console-fra.rpki-client.org