Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Oif6HfEO9b0yaDhE-cFCpw2l6rs.roa
File: Oif6HfEO9b0yaDhE-cFCpw2l6rs.roa (raw, json)
Hash identifier: LOYjivHfE2FK/jInKV14NoHepFx7QiQO1Ci8MqLmIvY=
Subject key identifier: 3A:27:FA:1D:F1:0E:F5:BD:32:68:38:44:F9:C1:42:A7:0D:A5:EA:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C2764DC7BDFD15501A35C82B2036D152
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Oif6HfEO9b0yaDhE-cFCpw2l6rs.roa
Signing time: Mon 10 Oct 2022 15:14:36 +0000
ROA not before: Mon 10 Oct 2022 15:14:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
195.133.12.0/22 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:76:4d:c7:bd:fd:15:50:1a:35:c8:2b:20:36:d1:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 10 15:14:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a27fa1df10ef5bd32683844f9c142a70da5eabb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5d:b6:dc:7d:4a:b1:6c:cd:3e:da:6c:8c:45:
e8:17:ea:3c:0e:10:ff:53:08:28:c1:7f:4a:26:77:
7e:16:5a:0e:7c:7e:29:76:94:23:28:c2:42:cb:dd:
c0:e6:32:7e:50:ca:29:7e:ce:3f:68:d3:58:d9:aa:
66:b7:51:6b:ca:6a:8d:07:c2:53:41:8d:d5:34:96:
72:cb:cb:ba:e4:e9:ad:99:40:f6:df:98:68:a6:57:
ef:1c:7d:f1:af:cc:9b:26:ad:5e:1a:11:ff:b9:31:
7a:2b:98:82:df:65:1f:ba:28:a6:17:9a:eb:38:09:
ce:3a:b2:09:7d:65:ad:18:a0:16:a6:5c:f5:49:07:
d2:4e:45:1e:08:d4:6f:f7:6b:31:f0:72:77:40:44:
e5:fd:12:00:aa:58:13:d2:51:dd:06:6f:17:ab:a2:
b8:d4:20:71:00:3e:18:20:65:ed:2a:ea:96:84:86:
98:03:df:9f:cd:6b:d3:40:7c:12:36:b1:e4:72:a1:
f0:18:37:93:5c:56:6a:20:79:fd:09:95:c5:b4:9a:
0d:5c:e3:07:66:ff:d0:09:c3:f8:3e:82:e3:70:d9:
58:e1:b5:4d:96:d7:6e:d7:b1:50:df:67:ce:e8:08:
dd:32:50:d2:75:ec:94:a0:6a:d3:c4:bd:93:de:57:
b1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:27:FA:1D:F1:0E:F5:BD:32:68:38:44:F9:C1:42:A7:0D:A5:EA:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Oif6HfEO9b0yaDhE-cFCpw2l6rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.41.0/24
193.124.45.0/24
193.124.90.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.24.0/22
194.87.165.0/24
194.87.169.0-194.87.170.255
194.87.179.0/24
194.87.191.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.87.254.0/24
194.135.23.0/24
195.58.54.0/24
195.133.12.0/22
195.133.76.0/24
195.133.80.0/24
195.133.82.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:3c:89:e6:c3:32:2b:34:20:fb:50:ac:bf:68:65:cf:b6:af:
14:a3:c2:c2:52:db:64:a4:33:43:13:2f:dd:da:1f:e0:ba:d0:
be:77:27:99:7e:49:ec:de:4d:a2:97:73:76:1a:14:ed:0e:17:
f8:ee:0b:73:95:29:d3:da:96:b4:93:72:fe:3e:15:90:c3:e6:
44:56:1c:c7:9d:82:a1:d6:22:da:47:4b:cc:3f:6a:ec:d4:dd:
d9:36:4c:a9:68:ac:f1:49:26:05:d0:62:46:b9:c6:9a:f8:d5:
45:fa:ed:5e:e2:86:04:a6:78:8d:f3:ee:c2:8f:bd:c2:0d:d8:
72:92:f3:87:74:08:c5:21:06:82:f1:a8:ab:84:0d:c8:11:af:
bc:fa:0f:aa:71:37:b1:3d:c9:2d:01:dd:fc:be:e0:40:6e:d9:
41:4b:2c:8c:49:11:d2:56:c9:82:46:43:60:6d:66:34:98:f4:
2b:41:54:92:89:58:ce:38:fa:aa:91:ec:1b:49:ba:1a:6a:3b:
28:12:3c:f5:48:cb:7c:53:6e:d6:49:4d:0c:72:f1:f4:c9:7a:
73:ce:26:7e:53:76:ce:25:97:75:6c:fa:4a:5c:be:9d:67:e8:
28:35:33:7b:9c:9f:a1:ff:af:6b:4c:7c:7f:9e:8e:bf:f2:87:
9a:fa:91:0d
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAYPCdk3Hvf0VUBo1yCsgNtFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEwMTUxNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI3ZmExZGYxMGVmNWJkMzI2ODM4NDRmOWMxNDJhNzBkYTVlYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4l223H1KsWzNPtpsjEXoF+o8DhD/
UwgowX9KJnd+FloOfH4pdpQjKMJCy93A5jJ+UMopfs4/aNNY2apmt1FrymqNB8JT
QY3VNJZyy8u65OmtmUD235hoplfvHH3xr8ybJq1eGhH/uTF6K5iC32UfuiimF5rr
OAnOOrIJfWWtGKAWplz1SQfSTkUeCNRv92sx8HJ3QETl/RIAqlgT0lHdBm8Xq6K4
1CBxAD4YIGXtKuqWhIaYA9+fzWvTQHwSNrHkcqHwGDeTXFZqIHn9CZXFtJoNXOMH
Zv/QCcP4PoLjcNlY4bVNltdu17FQ32fO6AjdMlDSdeyUoGrTxL2T3lexLwIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFDon+h3xDvW9Mmg4RPnBQqcNpeq7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT2lmNkhmRU85YjB5YURoRS1jRkNwdzJsNnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBALAfLwDBADAfNEDBADB
fAMDBADBfCkDBADBfC0DBADBfFoDBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADC
VwEDBALCVxgDBADCV6UwDAMEAMJXqQMEAMJXqgMEAMJXswMEAMJXvwMEAMJXxjAM
AwQAwlfPAwQBwlfQAwQBwlfeAwQAwlfiAwQAwlf+AwQAwocXAwQAwzo2AwQCw4UM
AwQAw4VMAwQAw4VQAwQAw4VSAwQA1MEMAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IB
AQAbPInmwzIrNCD7UKy/aGXPtq8Uo8LCUttkpDNDEy/d2h/gutC+dyeZfkns3k2i
l3N2GhTtDhf47gtzlSnT2pa0k3L+PhWQw+ZEVhzHnYKh1iLaR0vMP2rs1N3ZNkyp
aKzxSSYF0GJGucaa+NVF+u1e4oYEpniN8+7Cj73CDdhykvOHdAjFIQaC8airhA3I
Ea+8+g+qcTexPcktAd38vuBAbtlBSyyMSRHSVsmCRkNgbWY0mPQrQVSSiVjOOPqq
kewbSboaajsoEjz1SMt8U27WSU0McvH0yXpzziZ+U3bOJZd1bPpKXL6dZ+goNTN7
nJ+h/69rTHx/no6/8oea+pEN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:02 2023 by rpki-client on console-fra.rpki-client.org