Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mm6Eaf2bQXCGyxPN2GXjZSIUcMo.roa
File: Mm6Eaf2bQXCGyxPN2GXjZSIUcMo.roa (raw, json)
Hash identifier: f24KXaCoxlwqbWprf9WF6i1rbQ1NvQ4MMHXI7WkBVlk=
Subject key identifier: 32:6E:84:69:FD:9B:41:70:86:CB:13:CD:D8:65:E3:65:22:14:70:CA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018510DAD11AB1F275F220726BBC6DAC0007
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mm6Eaf2bQXCGyxPN2GXjZSIUcMo.roa
Signing time: Wed 14 Dec 2022 13:37:33 +0000
ROA not before: Wed 14 Dec 2022 13:37:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:da:d1:1a:b1:f2:75:f2:20:72:6b:bc:6d:ac:00:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 14 13:37:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=326e8469fd9b417086cb13cdd865e365221470ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:ab:ce:2c:b5:21:cb:5b:37:c4:1c:11:b9:
1f:45:3e:48:6a:7a:73:fc:6d:81:e8:bb:25:f0:d7:
08:3c:e5:9f:58:fe:17:f7:71:11:6d:44:b7:3f:68:
a3:7d:5c:c4:21:63:93:94:b6:3b:76:49:89:c0:d2:
0a:31:bd:41:0b:a7:33:d7:99:64:c3:79:6b:b7:d9:
4a:ee:f9:01:09:c1:a3:79:00:bc:61:5e:6d:eb:ce:
5e:46:d9:f7:c0:21:f2:5f:f6:1e:ca:a1:af:b0:2c:
6f:05:d3:9e:de:12:b8:7b:43:c0:df:51:fc:f2:3f:
f0:81:6f:0c:95:67:6a:84:60:3f:60:c1:3e:6e:3c:
bf:0b:97:33:1b:88:c0:1c:15:51:64:1a:b1:29:a8:
59:d6:cc:47:38:91:1f:48:42:c7:af:25:73:5a:d4:
5e:09:2d:7b:c3:c5:76:a2:c1:4c:62:00:b5:6f:10:
c4:ed:0b:92:f8:5d:83:6a:d9:97:48:ed:81:7f:a6:
c7:48:34:c2:14:57:40:78:1e:fe:57:19:84:43:b4:
f7:c4:58:75:81:42:d2:2f:5f:63:f3:40:ab:52:86:
5b:48:59:53:14:9d:1d:fa:bd:b7:98:dc:f6:32:39:
c7:26:ab:3c:55:b5:24:ef:20:16:b6:d3:f5:02:93:
3d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:6E:84:69:FD:9B:41:70:86:CB:13:CD:D8:65:E3:65:22:14:70:CA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Mm6Eaf2bQXCGyxPN2GXjZSIUcMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
194.87.1.0/24
194.87.38.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/23
194.87.187.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.133.0.0/24
195.133.30.0/24
195.133.35.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
31:22:54:57:6a:2f:47:84:43:04:ea:d9:77:9b:05:27:c0:2a:
ca:6d:a1:35:d1:d6:bf:cc:c4:d8:30:9f:2f:b8:e1:72:73:b2:
93:93:5f:d4:f2:46:e8:b3:b9:10:fa:61:43:c7:9d:39:90:83:
93:94:b2:77:58:b5:2a:8e:40:b9:ae:ca:85:65:3d:7b:19:19:
c9:90:8b:3c:bd:f7:ca:db:05:67:b0:88:a8:cb:b0:2e:0a:55:
c2:88:e7:37:a8:52:8d:ae:dc:f8:01:d8:a6:86:4e:3b:0c:f9:
18:0f:8a:b9:ca:64:20:68:59:74:5d:b1:e1:85:35:83:94:03:
c0:2d:92:a0:0f:00:47:ba:4f:ea:0b:fe:4e:34:7b:d5:8b:cc:
5a:5f:f6:1b:9b:19:66:66:ed:0e:1a:c8:b9:cd:1f:bb:4f:22:
ef:62:6f:ec:92:a6:98:5f:70:34:bb:d4:2c:39:cb:24:ee:63:
97:67:e8:7a:6e:50:4b:5c:22:23:50:68:22:4a:cc:71:16:9c:
88:01:b9:55:e9:c6:25:30:aa:f4:8e:86:5f:54:d4:f7:05:31:
71:93:c6:09:36:e8:3d:a0:dc:e8:09:f1:5a:a9:b6:5a:89:d9:
cb:3c:57:44:8b:d6:80:f3:fd:8f:42:19:bd:51:78:1a:e4:38:
c9:49:7a:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYUQ2tEasfJ18iBya7xtrAAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE0MTMzNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjZlODQ2OWZkOWI0MTcwODZjYjEzY2RkODY1ZTM2NTIyMTQ3MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYurziy1IctbN8QcEbkfRT5Ianpz
/G2B6Lsl8NcIPOWfWP4X93ERbUS3P2ijfVzEIWOTlLY7dkmJwNIKMb1BC6cz15lk
w3lrt9lK7vkBCcGjeQC8YV5t685eRtn3wCHyX/YeyqGvsCxvBdOe3hK4e0PA31H8
8j/wgW8MlWdqhGA/YME+bjy/C5czG4jAHBVRZBqxKahZ1sxHOJEfSELHryVzWtRe
CS17w8V2osFMYgC1bxDE7QuS+F2DatmXSO2Bf6bHSDTCFFdAeB7+VxmEQ7T3xFh1
gULSL19j80CrUoZbSFlTFJ0d+r23mNz2MjnHJqs8VbUk7yAWttP1ApM9FwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFDJuhGn9m0FwhssTzdhl42UiFHDKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTW02RWFmMmJRWENHeXhQTjJHWGpaU0lVY01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAMF8AwME
AMJXAQMEAMJXJgMEAMJXSQMEAcJXggMEAMJXpgMEAMJXqAMEAcJXsgMEAMJXuwME
AMKHEgMEAMKHFzAMAwQAwzojAwQAwzokAwQAw4UAAwQAw4UeAwQAw4UjAwQA1MAf
MA0GCSqGSIb3DQEBCwUAA4IBAQAxIlRXai9HhEME6tl3mwUnwCrKbaE10da/zMTY
MJ8vuOFyc7KTk1/U8kbos7kQ+mFDx505kIOTlLJ3WLUqjkC5rsqFZT17GRnJkIs8
vffK2wVnsIioy7AuClXCiOc3qFKNrtz4Adimhk47DPkYD4q5ymQgaFl0XbHhhTWD
lAPALZKgDwBHuk/qC/5ONHvVi8xaX/YbmxlmZu0OGsi5zR+7TyLvYm/skqaYX3A0
u9QsOcsk7mOXZ+h6blBLXCIjUGgiSsxxFpyIAblV6cYlMKr0joZfVNT3BTFxk8YJ
Nug9oNzoCfFaqbZaidnLPFdEi9aA8/2PQhm9UXga5DjJSXqG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org