Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OqX0C6HNPsuS6IkuIAfJBI4Mhfg.roa
File: OqX0C6HNPsuS6IkuIAfJBI4Mhfg.roa (raw, json)
Hash identifier: xNn9J0BLexFLyErCbu6mpVgCW7DOhj70bdsG0BGZu4g=
Subject key identifier: 3A:A5:F4:0B:A1:CD:3E:CB:92:E8:89:2E:20:07:C9:04:8E:0C:85:F8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183ACC7B9E6F9798551978B3FF34E7F3B68
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OqX0C6HNPsuS6IkuIAfJBI4Mhfg.roa
Signing time: Thu 06 Oct 2022 10:11:53 +0000
ROA not before: Thu 06 Oct 2022 10:11:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
195.133.12.0/22 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:c7:b9:e6:f9:79:85:51:97:8b:3f:f3:4e:7f:3b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 6 10:11:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3aa5f40ba1cd3ecb92e8892e2007c9048e0c85f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:28:08:64:76:bd:16:d2:40:c1:05:0d:e3:7f:
58:b7:db:d0:a3:6f:5a:2b:f3:3a:12:4c:85:c7:f9:
fb:9c:ce:e2:e2:8c:7f:fd:81:b2:cf:38:4e:cc:7f:
8d:d1:ce:23:5a:d7:2e:fb:34:2f:54:38:60:89:35:
42:a0:12:d9:fb:53:ac:c9:94:ae:8e:75:de:0e:6b:
94:6b:0c:7b:36:52:a6:60:61:12:dc:7c:e5:97:56:
93:3d:d3:58:c5:be:ec:9a:6e:2d:41:42:32:15:c3:
6d:a9:73:99:c9:4f:82:ea:ed:d0:27:ca:e7:21:42:
4f:a6:7e:83:92:64:bf:c4:15:a4:c9:6f:73:f6:d3:
ee:fe:ac:fb:e6:e2:b7:08:73:e1:7c:ac:59:40:76:
c1:4d:37:67:62:c1:a5:b2:24:70:8c:79:29:7c:81:
aa:bf:74:0d:1f:91:34:9b:e2:72:1b:86:bc:06:3d:
fc:e7:15:2d:6b:7b:38:69:1f:aa:85:32:44:a2:1c:
e5:c4:4e:72:38:af:41:58:23:62:45:c8:7f:a7:f1:
ac:27:7c:81:bc:4e:c8:c1:cc:07:3a:b9:ef:95:ca:
61:a3:3b:25:9d:4d:3a:1d:58:c1:1d:ed:6c:90:5f:
81:20:52:37:1e:35:42:22:ec:66:73:24:53:d7:81:
9b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A5:F4:0B:A1:CD:3E:CB:92:E8:89:2E:20:07:C9:04:8E:0C:85:F8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OqX0C6HNPsuS6IkuIAfJBI4Mhfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.45.0/24
193.124.90.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.24.0/22
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.191.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.226.0/24
194.87.254.0/24
194.135.23.0/24
195.58.54.0/24
195.133.12.0/22
195.133.76.0/24
195.133.80.0/24
195.133.82.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
01:e4:ed:a1:1f:1c:a5:a0:9c:e5:24:ab:c8:c9:3b:88:0b:0b:
24:1a:46:81:6d:b8:c4:d0:52:09:6a:ef:3c:42:c0:4c:e3:42:
35:da:55:b7:3a:40:6c:a4:e8:ea:11:c3:66:ef:eb:4a:f5:4b:
91:fc:29:ef:c3:18:72:8d:79:8d:a7:ac:a2:a1:69:1f:15:5c:
0c:c8:30:2d:6d:8b:9a:9b:13:89:c5:e2:86:13:02:e4:d9:ce:
13:a0:88:05:f3:7b:03:14:6f:2c:b7:9e:84:2d:a6:5c:c6:00:
d5:86:a5:15:f2:85:98:32:1e:b6:99:b4:39:bb:52:45:cc:f2:
ed:a2:0e:f3:82:bf:b5:26:77:0e:d1:bd:95:37:04:c5:a6:89:
c7:c9:d2:d5:a6:94:b0:bf:8b:2a:b4:e3:72:68:99:44:5f:d1:
56:4c:bb:12:ae:6d:a9:15:4b:5c:80:95:ef:28:08:19:9c:0d:
0b:51:50:c3:76:bb:24:a6:49:4e:3e:98:6c:2f:53:6b:c4:d1:
e5:28:7f:59:9b:ca:9c:6e:27:09:a1:bd:2a:c8:6a:22:f0:77:
96:4c:d2:0e:55:60:36:8e:06:c8:73:f3:43:b8:7e:58:b8:71:
57:c1:cc:d7:a6:8f:a2:22:0d:6b:dd:92:0e:c8:82:8a:7d:8d:
28:f3:41:d2
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYOsx7nm+XmFUZeLP/NOfztoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDA2MTAxMTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWE1ZjQwYmExY2QzZWNiOTJlODg5MmUyMDA3YzkwNDhlMGM4NWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCgIZHa9FtJAwQUN439Yt9vQo29a
K/M6EkyFx/n7nM7i4ox//YGyzzhOzH+N0c4jWtcu+zQvVDhgiTVCoBLZ+1OsyZSu
jnXeDmuUawx7NlKmYGES3Hzll1aTPdNYxb7smm4tQUIyFcNtqXOZyU+C6u3QJ8rn
IUJPpn6DkmS/xBWkyW9z9tPu/qz75uK3CHPhfKxZQHbBTTdnYsGlsiRwjHkpfIGq
v3QNH5E0m+JyG4a8Bj385xUta3s4aR+qhTJEohzlxE5yOK9BWCNiRch/p/GsJ3yB
vE7IwcwHOrnvlcphozslnU06HVjBHe1skF+BIFI3HjVCIuxmcyRT14GbWQIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFDql9AuhzT7LkuiJLiAHyQSODIX4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT3FYMEM2SE5Qc3VTNklrdUlBZkpCSTRNaGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBALAfLwDBADAfNEDBADB
fAMDBADBfC0DBADBfFoDBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBALC
VxgDBADCV6UDBADCV6oDBADCV7MDBADCV78DBADCV8YDBAHCV9ADBAHCV94DBADC
V+IDBADCV/4DBADChxcDBADDOjYDBALDhQwDBADDhUwDBADDhVADBADDhVIDBADU
wQwDBADUwQ8wDQYJKoZIhvcNAQELBQADggEBAAHk7aEfHKWgnOUkq8jJO4gLCyQa
RoFtuMTQUglq7zxCwEzjQjXaVbc6QGyk6OoRw2bv60r1S5H8Ke/DGHKNeY2nrKKh
aR8VXAzIMC1ti5qbE4nF4oYTAuTZzhOgiAXzewMUbyy3noQtplzGANWGpRXyhZgy
HraZtDm7UkXM8u2iDvOCv7Umdw7RvZU3BMWmicfJ0tWmlLC/iyq043JomURf0VZM
uxKubakVS1yAle8oCBmcDQtRUMN2uySmSU4+mGwvU2vE0eUof1mbypxuJwmhvSrI
aiLwd5ZM0g5VYDaOBshz80O4fli4cVfBzNemj6IiDWvdkg7Igop9jSjzQdI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org