Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QvidOnPWLOLEPNaxBibNy5IpFp4.roa
File: QvidOnPWLOLEPNaxBibNy5IpFp4.roa (raw, json)
Hash identifier: Gc+VvxgUbo3rKlhK301H/7xiPqwA7Ee8He4X7BFfBXE=
Subject key identifier: 42:F8:9D:3A:73:D6:2C:E2:C4:3C:D6:B1:06:26:CD:CB:92:29:16:9E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184ECB5FD1832A294E6C39B77CAB85EC2B0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QvidOnPWLOLEPNaxBibNy5IpFp4.roa
Signing time: Wed 07 Dec 2022 13:11:00 +0000
ROA not before: Wed 07 Dec 2022 13:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:b5:fd:18:32:a2:94:e6:c3:9b:77:ca:b8:5e:c2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 13:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42f89d3a73d62ce2c43cd6b10626cdcb9229169e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b8:f6:45:5f:8c:de:1c:0d:a8:a2:61:ff:db:
2a:e1:e4:6c:c0:ca:b1:42:9d:b1:ea:c8:9d:1b:ab:
81:12:40:c1:d7:2a:8e:2d:7b:ba:22:3b:5e:17:cf:
b0:3f:b0:2c:2f:9a:eb:ff:14:b4:17:cc:f8:0d:1a:
50:7c:bc:1f:aa:83:6c:64:16:f7:5f:38:8a:d1:63:
1e:c2:2e:e3:78:eb:c0:71:ca:a0:61:2f:51:6b:c4:
b0:a8:c4:75:cc:f6:68:96:5e:7e:85:f6:7a:99:7d:
da:79:db:0b:20:03:2b:1a:a2:9c:ef:c9:37:ab:27:
22:e5:99:69:c5:a8:68:71:8a:51:cb:d1:0d:82:7a:
0d:e9:f0:bc:ce:c6:d3:62:d9:51:c5:1e:49:20:f5:
c3:27:7d:53:9c:26:04:48:c9:f4:0a:f9:3c:1b:e9:
9a:61:7b:51:bd:25:5f:73:5b:6e:3d:9e:e0:6e:26:
74:f0:2e:72:6c:e7:7a:3f:fd:c2:74:2e:ff:8b:40:
99:79:17:8d:13:65:c5:b0:07:71:d3:1b:a0:58:38:
d1:bf:23:ed:60:c9:44:85:4d:e5:b7:2e:13:eb:aa:
4a:6a:a0:f4:f5:72:a0:98:c1:a2:67:84:9f:25:49:
4b:75:f7:e0:5f:7e:fb:1d:a6:93:75:26:fa:ff:9d:
b3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F8:9D:3A:73:D6:2C:E2:C4:3C:D6:B1:06:26:CD:CB:92:29:16:9E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QvidOnPWLOLEPNaxBibNy5IpFp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/23
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/23
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.170.0-194.87.172.255
194.87.176.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.10.0/24
212.192.208.0-212.192.210.255
212.192.222.0/24
212.193.0.0/24
212.193.6.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
66:76:5b:8a:09:c1:bb:98:be:0c:51:b3:78:40:1c:0a:bc:9f:
8c:aa:0e:26:11:76:d4:92:7d:52:2e:92:2e:6a:68:13:f9:62:
3a:57:ce:5f:28:09:36:a8:bd:99:a5:5d:07:e0:ec:2d:54:66:
3d:9e:fd:13:a0:58:cc:88:85:55:b3:44:31:49:13:f8:f1:b7:
c1:f7:35:e2:6c:fa:8b:de:9d:4c:42:ae:e7:d1:2b:7f:ca:c4:
6f:02:71:98:84:54:ef:eb:5e:c2:d6:61:3f:42:43:9d:62:bf:
12:4e:ff:7c:69:19:4c:5e:68:3f:e7:6d:fd:79:8d:91:fa:df:
1d:b4:06:38:60:41:5b:14:77:49:ef:6a:58:c3:f7:bf:a3:16:
a5:10:d5:0d:df:6f:57:db:c1:9d:39:dd:b7:92:f4:0e:bb:82:
e8:89:bb:88:71:10:fb:68:2e:80:12:e1:3d:d5:f8:87:fa:9d:
c6:00:b9:f3:2a:7e:a5:7b:dd:ed:d7:6a:7e:c3:ff:13:70:34:
bf:9c:e0:7d:e8:a8:30:48:31:6e:d4:00:e7:00:b4:01:dd:1c:
20:0b:8b:45:0f:7c:d0:e2:ea:8f:85:bf:31:a1:36:d5:00:25:
61:89:e1:b8:5f:ec:0f:60:58:da:f1:6c:d0:76:44:b0:51:bf:
e1:3d:70:b4
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgISAYTstf0YMqKU5sObd8q4XsKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA3MTMxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY4OWQzYTczZDYyY2UyYzQzY2Q2YjEwNjI2Y2RjYjkyMjkxNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLj2RV+M3hwNqKJh/9sq4eRswMqx
Qp2x6sidG6uBEkDB1yqOLXu6IjteF8+wP7AsL5rr/xS0F8z4DRpQfLwfqoNsZBb3
XziK0WMewi7jeOvAccqgYS9Ra8SwqMR1zPZoll5+hfZ6mX3aedsLIAMrGqKc78k3
qyci5ZlpxahocYpRy9ENgnoN6fC8zsbTYtlRxR5JIPXDJ31TnCYESMn0Cvk8G+ma
YXtRvSVfc1tuPZ7gbiZ08C5ybOd6P/3CdC7/i0CZeReNE2XFsAdx0xugWDjRvyPt
YMlEhU3lty4T66pKaqD09XKgmMGiZ4SfJUlLdffgX377HaaTdSb6/52zgwIDAQAB
o4IDYTCCA10wHQYDVR0OBBYEFEL4nTpz1izixDzWsQYmzcuSKRaeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUXZpZE9uUFdMT0xFUE5heEJpYk55NUlwRnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdQYIKwYBBQUHAQcBAf8EggFkMIIBYDCCAVwEAgABMIIB
VAMEAD5M5wMEAcB8rAMEAMB8sgMEAsB8tAMEAMB80QMEAMF8AwMEAMF8CQMEAMF8
EgMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6JgMEAcI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wldsAwQAwld2AwQAwld7AwQBwleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6Qw
DAMEAcJXqgMEAMJXrAMEAMJXsAMEAcJXxgMEAMJXyjAMAwQAwlfPAwQBwlfQAwQB
wlfeAwQAwlfpAwQAwlf6AwQAwoceAwQAwzoyAwQDwzo4AwQAw4UMAwQAw4UeAwQA
w4U3AwQA1MAKMAwDBATUwNADBADUwNIDBADUwN4DBADUwQADBADUwQYDBADUwQwD
BADUwQ4wDQYJKoZIhvcNAQELBQADggEBAGZ2W4oJwbuYvgxRs3hAHAq8n4yqDiYR
dtSSfVIuki5qaBP5YjpXzl8oCTaovZmlXQfg7C1UZj2e/ROgWMyIhVWzRDFJE/jx
t8H3NeJs+ovenUxCrufRK3/KxG8CcZiEVO/rXsLWYT9CQ51ivxJO/3xpGUxeaD/n
bf15jZH63x20BjhgQVsUd0nvaljD97+jFqUQ1Q3fb1fbwZ053beS9A67guiJu4hx
EPtoLoAS4T3V+If6ncYAufMqfqV73e3Xan7D/xNwNL+c4H3oqDBIMW7UAOcAtAHd
HCALi0UPfNDi6o+FvzGhNtUAJWGJ4bhf7A9gWNrxbNB2RLBRv+E9cLQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:03 2023 by rpki-client on console-fra.rpki-client.org