Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MtpDW9mpe1uaAvm3BTuTxF4WoR0.roa
File: MtpDW9mpe1uaAvm3BTuTxF4WoR0.roa (raw, json)
Hash identifier: sELj+BtccMsJ3sF7PYExeKsSlSIbvtVOHVJP59dnxlU=
Subject key identifier: 32:DA:43:5B:D9:A9:7B:5B:9A:02:F9:B7:05:3B:93:C4:5E:16:A1:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185590907C1EB1D7B83C638FEB83E449500
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MtpDW9mpe1uaAvm3BTuTxF4WoR0.roa
Signing time: Wed 28 Dec 2022 14:00:42 +0000
ROA not before: Wed 28 Dec 2022 14:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:09:07:c1:eb:1d:7b:83:c6:38:fe:b8:3e:44:95:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 28 14:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32da435bd9a97b5b9a02f9b7053b93c45e16a11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0c:bf:71:af:ba:e8:99:37:d8:0b:81:33:8a:
6a:83:a5:67:9c:4c:6f:4a:dc:e7:f8:02:cb:38:a7:
b6:47:d9:08:fd:26:26:c1:2e:68:38:1c:12:5b:91:
b1:dd:f9:ee:b3:b9:6b:07:be:7f:7c:d2:da:ac:90:
fc:b3:85:d0:9d:a7:5b:84:a8:7e:ed:7a:6c:7a:e9:
84:d6:d8:87:6b:5f:6a:af:9a:da:01:06:41:3c:26:
b8:39:4e:85:16:05:34:ec:1d:13:51:77:9a:0a:d2:
f9:f2:74:13:15:56:4f:50:4a:39:fb:52:c2:fd:86:
e9:92:4d:26:fa:a5:97:aa:2a:4a:54:fd:1c:16:88:
aa:f9:77:bf:da:c4:1a:d7:5d:d7:f0:73:37:14:41:
dc:45:0d:2f:ab:91:57:6a:4f:bb:d4:c4:7b:c5:c8:
c2:f8:78:e5:73:01:9b:5e:dd:48:42:a8:01:a4:e1:
2d:f6:f8:36:6c:21:aa:cb:b8:c9:7f:e2:5c:7b:19:
7e:76:62:f9:8c:cb:49:18:a5:f3:ac:1e:38:ad:de:
40:11:00:fe:dc:26:bb:82:47:cd:8f:cb:15:9c:a2:
54:d2:91:b3:92:8d:e5:82:61:57:1c:70:0e:5b:4f:
ec:a4:cf:2e:0b:8a:c4:4e:3f:56:76:a0:90:3a:da:
e1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DA:43:5B:D9:A9:7B:5B:9A:02:F9:B7:05:3B:93:C4:5E:16:A1:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MtpDW9mpe1uaAvm3BTuTxF4WoR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
56:0f:c3:ed:96:68:d9:69:f4:9c:5a:cf:e9:57:b0:c7:17:a2:
0e:dc:53:8f:04:99:2b:18:32:40:42:05:93:18:6d:42:fa:83:
a6:37:f5:f2:8c:86:d0:c0:e0:2a:fd:03:f9:35:e4:f1:04:80:
2b:d8:cc:1d:52:19:c5:9f:98:1f:b6:b2:9c:de:83:c4:40:17:
9e:2a:1b:00:f6:42:69:0b:9f:80:38:ee:21:d7:81:b2:e2:5b:
6f:8a:a5:96:f8:32:fa:73:69:ba:4c:8a:bd:32:4e:58:e5:31:
73:f3:1b:93:69:48:c1:6d:48:aa:48:e5:96:b0:c5:0d:f3:8e:
6a:b7:30:9e:65:a5:fe:d9:0c:ac:e6:3f:59:2a:b6:24:55:fd:
67:b5:35:a0:c4:7d:35:8c:ef:2f:8f:7c:8c:6a:83:9e:4d:fd:
e3:da:c1:03:96:2b:bc:9a:c8:e7:28:fe:7c:a8:b4:d4:6b:46:
0f:b7:bc:95:31:64:b8:fd:4a:c7:82:8d:6e:8a:72:62:0a:5d:
bb:14:33:09:8f:df:5f:50:34:ed:f6:95:6f:a6:83:73:b1:e9:
ef:85:e5:72:75:e5:8f:87:b8:70:ee:27:ad:28:75:76:4d:a3:
d5:36:ac:12:e0:58:1a:1d:c9:c4:7c:7a:3a:d0:11:7a:12:fd:
f6:01:fb:50
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYVZCQfB6x17g8Y4/rg+RJUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjI4MTQwMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRhNDM1YmQ5YTk3YjViOWEwMmY5YjcwNTNiOTNjNDVlMTZhMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAy/ca+66Jk32AuBM4pqg6VnnExv
Stzn+ALLOKe2R9kI/SYmwS5oOBwSW5Gx3fnus7lrB75/fNLarJD8s4XQnadbhKh+
7XpseumE1tiHa19qr5raAQZBPCa4OU6FFgU07B0TUXeaCtL58nQTFVZPUEo5+1LC
/Ybpkk0m+qWXqipKVP0cFoiq+Xe/2sQa113X8HM3FEHcRQ0vq5FXak+71MR7xcjC
+HjlcwGbXt1IQqgBpOEt9vg2bCGqy7jJf+Jcexl+dmL5jMtJGKXzrB44rd5AEQD+
3Ca7gkfNj8sVnKJU0pGzko3lgmFXHHAOW0/spM8uC4rETj9WdqCQOtrhyQIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFDLaQ1vZqXtbmgL5twU7k8ReFqEdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXRwRFc5bXBlMXVhQXZtM0JUdVR4RjRXb1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8CAMEAMF8
EgMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wldsAwQAwld0AwQAwld2AwQAwld7AwQAwleIAwQBwleKAwQAwleVAwQAwlejAwQA
wlelMAwDBADCV6sDBADCV6wDBADCV7ADBADCV7YDBAHCV8YDBADCV8oDBAHCV9AD
BAHCV94DBADCV+kDBADDOjIwDAMEAsM6NAMEBsM6AAMEAMOFDAMEAMOFNwMEAMOF
XgMEAMOFwwMEAdTAAAMEANTACgMEANTA3gMEANTBAAMEANTBDDANBgkqhkiG9w0B
AQsFAAOCAQEAVg/D7ZZo2Wn0nFrP6VewxxeiDtxTjwSZKxgyQEIFkxhtQvqDpjf1
8oyG0MDgKv0D+TXk8QSAK9jMHVIZxZ+YH7aynN6DxEAXniobAPZCaQufgDjuIdeB
suJbb4qllvgy+nNpukyKvTJOWOUxc/Mbk2lIwW1IqkjllrDFDfOOarcwnmWl/tkM
rOY/WSq2JFX9Z7U1oMR9NYzvL498jGqDnk3949rBA5YrvJrI5yj+fKi01GtGD7e8
lTFkuP1Kx4KNbopyYgpduxQzCY/fX1A07faVb6aDc7Hp74XlcnXlj4e4cO4nrSh1
dk2j1TasEuBYGh3JxHx6OtARehL99gH7UA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org