Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PG52l9CdoWNYDdiNI-zD0JdhD9E.roa
File: PG52l9CdoWNYDdiNI-zD0JdhD9E.roa (raw, json)
Hash identifier: /W3OYXjJzQUyFS1zjJ5druQMIgyFOJMhSusGEJBEGUE=
Subject key identifier: 3C:6E:76:97:D0:9D:A1:63:58:0D:D8:8D:23:EC:C3:D0:97:61:0F:D1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01842A5B83B896010EF5728F0F21677B6BDD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PG52l9CdoWNYDdiNI-zD0JdhD9E.roa
Signing time: Sun 30 Oct 2022 19:25:51 +0000
ROA not before: Sun 30 Oct 2022 19:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2a:5b:83:b8:96:01:0e:f5:72:8f:0f:21:67:7b:6b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 30 19:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c6e7697d09da163580dd88d23ecc3d097610fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9c:d9:e2:cc:1a:98:11:aa:bc:46:d3:41:35:
b2:79:d1:42:93:61:7d:c7:7f:4c:b4:04:98:45:9e:
04:bf:c2:a8:ce:a0:a7:72:e9:93:e0:e3:3f:18:72:
81:2b:67:99:71:c9:f6:f9:c4:73:18:d2:8f:35:74:
22:97:b7:7b:1f:6c:a8:3a:55:f0:8d:ca:e1:47:95:
0f:12:61:b2:10:69:d6:91:e4:b4:bf:3a:a0:1f:57:
2e:c7:b0:d1:ab:b2:ee:5a:15:9e:e4:6b:74:20:0a:
58:2b:24:f4:08:0a:3d:2d:8e:2e:af:84:a2:35:29:
10:d4:9a:a0:24:ce:57:dd:86:1b:42:15:8d:f2:ca:
c7:74:b7:a7:6a:49:54:e5:fd:13:06:b5:0f:2c:82:
ed:65:49:93:6f:5b:c2:9a:2a:61:11:2d:8c:09:3f:
63:48:b2:90:c8:d2:a1:46:a9:2c:f9:ec:83:f5:1e:
68:b0:d8:a1:1d:50:8c:ab:56:cc:5d:4a:f3:82:3e:
ad:b2:1c:90:df:bc:de:a3:6d:28:ec:8e:1f:9a:63:
e4:52:10:50:92:8e:4e:86:ad:85:f5:ac:4a:2f:4c:
9f:e3:b5:ea:34:46:e5:5d:ea:44:66:03:1a:e5:d4:
c3:3b:86:57:c3:e7:9c:45:33:fe:93:56:b0:e1:72:
47:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6E:76:97:D0:9D:A1:63:58:0D:D8:8D:23:EC:C3:D0:97:61:0F:D1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PG52l9CdoWNYDdiNI-zD0JdhD9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
192.124.190.0/24
195.58.58.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:77:b2:7b:37:e8:a4:4b:62:19:5f:17:02:50:e6:81:db:e9:
c0:78:0f:80:98:8f:4f:0d:b4:bd:91:09:2b:9b:8d:9f:90:04:
f6:0a:6a:d4:d4:e4:b3:bc:81:b4:fa:6f:0c:64:db:77:11:f3:
75:b7:99:4b:03:d2:d4:8a:9a:52:7e:2e:d5:b9:36:af:ef:51:
a4:af:c3:69:eb:a0:2e:3f:f4:70:d5:f2:d7:13:23:e2:aa:8b:
7b:1c:54:ce:46:82:28:03:f8:87:92:76:c8:a4:6a:3c:5c:a6:
4b:3c:4e:6e:53:43:e5:cd:2b:2c:d6:44:ee:a6:c1:30:da:57:
2a:4f:2e:13:21:55:c6:74:c1:eb:e2:03:75:64:b0:2f:74:ca:
47:bf:28:0b:d2:e0:89:06:41:4d:1c:43:d7:2b:b1:dc:42:a5:
6f:54:c6:1e:20:ac:94:a5:9b:58:ad:8c:ba:9d:97:c2:2b:b3:
49:9b:ee:58:d6:d7:12:7d:fc:f6:c9:c1:e3:dc:76:c0:89:26:
0e:a6:b4:31:4b:8c:e9:86:28:3e:56:89:0e:08:f0:bc:35:1b:
6e:7d:c2:11:63:eb:98:81:e6:b6:71:f4:96:d5:fb:5e:6d:d9:
be:1b:41:e2:7b:b9:0d:5c:c7:28:53:b9:fd:6e:05:ff:e3:5e:
a2:b8:66:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQqW4O4lgEO9XKPDyFne2vdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDMwMTkyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzZlNzY5N2QwOWRhMTYzNTgwZGQ4OGQyM2VjYzNkMDk3NjEwZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipzZ4swamBGqvEbTQTWyedFCk2F9
x39MtASYRZ4Ev8KozqCncumT4OM/GHKBK2eZccn2+cRzGNKPNXQil7d7H2yoOlXw
jcrhR5UPEmGyEGnWkeS0vzqgH1cux7DRq7LuWhWe5Gt0IApYKyT0CAo9LY4ur4Si
NSkQ1JqgJM5X3YYbQhWN8srHdLenaklU5f0TBrUPLILtZUmTb1vCmiphES2MCT9j
SLKQyNKhRqks+eyD9R5osNihHVCMq1bMXUrzgj6tshyQ37zeo20o7I4fmmPkUhBQ
ko5Ohq2F9axKL0yf47XqNEblXepEZgMa5dTDO4ZXw+ecRTP+k1aw4XJHfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDxudpfQnaFjWA3YjSPsw9CXYQ/RMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUEc1Mmw5Q2RvV05ZRGRpTkktekQwSmRoRDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPkzoAwQA
PkzrAwQAwHy+AwQAwzo6AwQA1MDTMA0GCSqGSIb3DQEBCwUAA4IBAQAfd7J7N+ik
S2IZXxcCUOaB2+nAeA+AmI9PDbS9kQkrm42fkAT2CmrU1OSzvIG0+m8MZNt3EfN1
t5lLA9LUippSfi7VuTav71Gkr8Np66AuP/Rw1fLXEyPiqot7HFTORoIoA/iHknbI
pGo8XKZLPE5uU0PlzSss1kTupsEw2lcqTy4TIVXGdMHr4gN1ZLAvdMpHvygL0uCJ
BkFNHEPXK7HcQqVvVMYeIKyUpZtYrYy6nZfCK7NJm+5Y1tcSffz2ycHj3HbAiSYO
prQxS4zphig+VokOCPC8NRtufcIRY+uYgea2cfSW1ftebdm+G0Hie7kNXMcoU7n9
bgX/416iuGYu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org