Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OWKmkK9P6fQtHrBLlOdt2WmZEcg.roa
File: OWKmkK9P6fQtHrBLlOdt2WmZEcg.roa (raw, json)
Hash identifier: KbRiH8VITaMF7hI5gOtPNKWRQnYLucbnjCKyaHO6inM=
Subject key identifier: 39:62:A6:90:AF:4F:E9:F4:2D:1E:B0:4B:94:E7:6D:D9:69:99:11:C8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E152784430520A99754C1FA28BE5CF4F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OWKmkK9P6fQtHrBLlOdt2WmZEcg.roa
Signing time: Mon 05 Dec 2022 08:06:29 +0000
ROA not before: Mon 05 Dec 2022 08:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.224.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:52:78:44:30:52:0a:99:75:4c:1f:a2:8b:e5:cf:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 08:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3962a690af4fe9f42d1eb04b94e76dd9699911c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ef:76:62:3c:a7:2c:02:b0:bf:62:32:d3:7b:
1b:52:92:82:42:ff:06:37:6a:34:aa:6f:29:7f:e4:
96:bd:97:f4:15:b8:b3:a0:ed:12:3f:1d:af:3a:46:
af:f9:54:af:c5:94:b9:39:41:1e:94:85:2b:18:cb:
24:cc:63:72:3b:3c:f0:4a:13:f2:e1:85:79:e1:99:
6f:4a:0d:f7:0b:a2:cb:9c:49:8b:7f:3f:81:1b:a0:
dc:c6:11:ee:5c:e7:57:94:c3:d8:70:1e:52:cf:3d:
65:4b:e0:d7:11:d4:5b:2b:19:33:d1:d0:c8:8a:6d:
75:00:00:ac:13:46:c5:7d:be:4e:8a:db:c7:3e:39:
3e:72:e2:6d:e3:11:d2:1d:51:24:f1:ae:fa:f3:68:
ea:c6:35:db:2a:60:67:c4:32:63:1e:f8:b5:9d:67:
73:3f:c8:76:49:ec:fd:95:7b:2c:64:a1:c4:f5:e7:
27:f0:7a:eb:c7:b6:9a:c2:38:f4:83:47:07:c8:ac:
30:fd:11:75:52:f9:2e:04:4d:14:59:2c:12:45:68:
ad:42:38:2a:38:37:1a:2e:55:b4:a2:9b:d3:82:22:
fe:fd:91:2a:f7:5f:68:cd:36:20:21:a7:f5:5a:f2:
29:fa:8c:7a:64:64:82:59:27:c9:40:5a:af:16:52:
aa:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:62:A6:90:AF:4F:E9:F4:2D:1E:B0:4B:94:E7:6D:D9:69:99:11:C8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OWKmkK9P6fQtHrBLlOdt2WmZEcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
62.76.231.0/24
192.124.172.0/23
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.45.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.32.0/24
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/23
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.170.0-194.87.172.255
194.87.176.0/24
194.87.191.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.6.0/24
212.192.10.0/24
212.192.208.0-212.192.210.255
212.192.222.0/24
212.193.0.0/24
212.193.6.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
79:a7:d2:67:48:3a:9d:2c:44:b6:d0:3d:f8:c1:4b:4a:f6:ba:
60:6f:0a:c7:28:86:00:77:56:da:68:12:cc:6a:77:ea:e2:11:
c6:4a:bd:1d:48:1b:a0:a4:b2:12:f3:7c:26:14:09:2c:e9:8c:
ff:1c:63:30:ae:7c:61:79:61:df:1b:b8:4e:0c:ed:2b:58:b5:
71:a2:18:3d:81:ba:8e:8c:c1:bf:01:7b:05:d3:ee:b6:f4:2b:
88:a1:b4:7d:00:fe:79:15:89:f5:de:82:f3:79:9f:63:63:5b:
1e:77:1c:44:4c:3b:d0:2b:f9:96:6f:ca:44:3e:22:75:9f:5b:
a4:77:c4:8d:40:d3:13:62:f1:37:d8:e0:a2:15:b5:fa:97:69:
35:eb:b5:63:d1:30:37:a4:6d:5c:29:30:df:6e:fa:1d:e3:f5:
08:c6:d5:c5:b8:19:28:b9:ef:86:87:84:a6:cf:a5:aa:da:e7:
39:97:fa:7c:5b:00:92:5e:70:2b:f0:62:ee:b0:a8:7a:35:c6:
eb:04:a8:a5:0f:b6:4e:86:21:3b:81:81:8e:86:b5:15:7e:27:
7f:56:56:ad:b5:c2:a9:e7:d4:da:78:35:cf:b2:9e:9b:0b:41:
a7:27:ab:5b:37:83:81:37:fe:56:ce:4d:a0:8d:c3:22:da:fe:
f2:38:0a:04
-----BEGIN CERTIFICATE-----
MIIGeTCCBWGgAwIBAgISAYThUnhEMFIKmXVMH6KL5c9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MDgwNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTYyYTY5MGFmNGZlOWY0MmQxZWIwNGI5NGU3NmRkOTY5OTkxMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO92YjynLAKwv2Iy03sbUpKCQv8G
N2o0qm8pf+SWvZf0FbizoO0SPx2vOkav+VSvxZS5OUEelIUrGMskzGNyOzzwShPy
4YV54ZlvSg33C6LLnEmLfz+BG6DcxhHuXOdXlMPYcB5Szz1lS+DXEdRbKxkz0dDI
im11AACsE0bFfb5OitvHPjk+cuJt4xHSHVEk8a7682jqxjXbKmBnxDJjHvi1nWdz
P8h2Sez9lXssZKHE9ecn8Hrrx7aawjj0g0cHyKww/RF1UvkuBE0UWSwSRWitQjgq
ODcaLlW0opvTgiL+/ZEq919ozTYgIaf1WvIp+ox6ZGSCWSfJQFqvFlKqjQIDAQAB
o4IDhTCCA4EwHQYDVR0OBBYEFDlippCvT+n0LR6wS5TnbdlpmRHIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT1dLbWtLOVA2ZlF0SHJCTGxPZHQyV21aRWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmQYIKwYBBQUHAQcBAf8EggGIMIIBhDCCAYAEAgABMIIB
eAMEAD5M4AMEAD5M5wMEAcB8rAMEAMB8sgMEAsB8tAMEAMB80QMEAMFscAMEAMF8
AwMEAMF8CQMEAMF8EgMEAMF8LQMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6
JgMEAcI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlcgAwQA
wlc4AwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQAwld7AwQBwleIAwQA
wleVAwQBwlegMAwDBADCV6MDBAHCV6QwDAMEAcJXqgMEAMJXrAMEAMJXsAMEAMJX
vwMEAcJXxgMEAMJXyjAMAwQAwlfPAwQBwlfQAwQBwlfeAwQAwlfpAwQAwlf6AwQA
woceAwQAwzoyAwQDwzo4AwQAw4UMAwQAw4UeAwQAw4U3AwQA1MAGAwQA1MAKMAwD
BATUwNADBADUwNIDBADUwN4DBADUwQADBADUwQYDBADUwQwDBADUwQ4wDQYJKoZI
hvcNAQELBQADggEBAHmn0mdIOp0sRLbQPfjBS0r2umBvCscohgB3VtpoEsxqd+ri
EcZKvR1IG6CkshLzfCYUCSzpjP8cYzCufGF5Yd8buE4M7StYtXGiGD2Buo6Mwb8B
ewXT7rb0K4ihtH0A/nkVifXegvN5n2NjWx53HERMO9Ar+ZZvykQ+InWfW6R3xI1A
0xNi8TfY4KIVtfqXaTXrtWPRMDekbVwpMN9u+h3j9QjG1cW4GSi574aHhKbPpara
5zmX+nxbAJJecCvwYu6wqHo1xusEqKUPtk6GITuBgY6GtRV+J39WVq21wqnn1Np4
Nc+ynpsLQacnq1s3g4E3/lbOTaCNwyLa/vI4CgQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org