Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SChOz7zycS7qiQUaFHlUdMIQnPk.roa
File: SChOz7zycS7qiQUaFHlUdMIQnPk.roa (raw, json)
Hash identifier: UXRtOrH8wh6W8WqDJJCj8kN2zvaPyjfkeXA3Aw8MqZ8=
Subject key identifier: 48:28:4E:CF:BC:F2:71:2E:EA:89:05:1A:14:79:54:74:C2:10:9C:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018534FA354AF38D8F1EB9372B7A3F75C23C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SChOz7zycS7qiQUaFHlUdMIQnPk.roa
Signing time: Wed 21 Dec 2022 13:58:10 +0000
ROA not before: Wed 21 Dec 2022 13:58:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 194.87.3.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:fa:35:4a:f3:8d:8f:1e:b9:37:2b:7a:3f:75:c2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 21 13:58:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48284ecfbcf2712eea89051a14795474c2109cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:e6:db:05:c0:eb:83:29:d1:eb:de:cc:57:
e0:8c:85:7a:8e:1e:10:a3:c7:7d:d8:9e:b1:86:ed:
0c:f1:61:05:be:45:58:ca:25:80:55:54:1b:a3:67:
0d:f4:ed:3d:8a:7c:d8:a0:80:e7:ed:73:fe:7a:82:
a7:c8:c4:65:e3:dd:f2:e6:a9:81:8e:e6:95:f5:60:
78:63:b2:d7:d4:2d:b1:b6:8a:22:70:e2:84:29:5a:
58:2a:04:12:c7:4a:fe:83:15:14:2b:a1:69:17:5d:
86:e1:91:a8:23:c6:6e:11:e5:84:75:2c:f1:58:2d:
25:dd:ff:00:e3:1c:f9:d3:b2:61:fb:44:2e:e6:02:
19:94:bb:b2:dd:b1:9f:db:a2:00:c3:e8:a1:99:55:
d8:72:7c:9a:f4:39:db:3b:c8:a4:ed:2f:1c:33:8d:
e3:db:f5:10:97:8d:ef:32:d7:35:86:a5:87:94:c3:
56:05:2a:cd:f7:fb:87:9d:c4:2a:bd:b7:04:b2:f8:
d8:ac:d9:4c:01:54:6b:20:51:73:0e:b4:6a:1c:e8:
b2:28:19:d3:67:15:36:c6:2d:6f:50:c8:01:1d:63:
7f:62:fe:df:91:a4:94:b5:16:e6:56:22:b3:8d:70:
df:21:19:9a:74:cb:01:fa:b0:ec:5e:bd:d8:24:49:
4c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:28:4E:CF:BC:F2:71:2E:EA:89:05:1A:14:79:54:74:C2:10:9C:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SChOz7zycS7qiQUaFHlUdMIQnPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
192.124.190.0/24
193.124.16.0/24
193.124.93.0/24
193.124.202.0/24
194.58.39.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.36.0/23
194.87.83.0/24
194.87.177.0/24
194.87.190.0/24
195.58.54.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:01:f7:d0:2b:bb:c5:fc:40:87:72:f3:2a:05:9e:5f:16:33:
fb:6e:25:28:af:04:3c:e2:18:9e:02:1f:4c:98:39:01:75:0e:
3f:e1:cf:cc:e4:e6:69:7c:79:40:07:fd:8b:a6:a4:bb:e9:a1:
98:bc:e5:95:db:f7:3b:da:13:12:fa:9f:c7:e2:d8:d6:64:ce:
d1:06:4a:04:15:7d:06:1d:c7:e0:1c:3f:6f:e2:fb:35:c0:47:
4b:e4:6f:5c:4a:7a:df:d4:ca:37:cc:49:72:61:93:32:4d:27:
44:89:6b:e0:9e:56:a9:51:4b:05:8b:d6:34:df:40:c8:98:9c:
bf:5b:81:67:fc:03:80:8c:fb:e1:8a:74:3c:37:f9:f2:2b:49:
df:72:a5:d5:df:c8:7f:27:09:51:5d:af:2e:9e:44:6c:2c:43:
ce:f2:c5:56:dd:ba:4e:47:69:90:ae:b7:0e:af:b4:3b:dd:7d:
5c:6c:21:08:1d:51:e4:9f:0d:e8:c1:81:ff:a5:6e:bc:e7:70:
ba:2c:5e:2b:7a:6d:fc:86:3a:4a:50:26:3b:f4:16:25:ae:51:
c7:66:25:e5:73:ff:5f:6f:00:b1:d5:6d:ef:8c:f5:6b:91:67:
12:9c:3d:a1:b9:da:e9:39:1d:41:3b:4f:09:0c:52:36:38:cd:
6e:f9:fd:db
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYU0+jVK842PHrk3K3o/dcI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIxMTM1ODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODI4NGVjZmJjZjI3MTJlZWE4OTA1MWExNDc5NTQ3NGMyMTA5Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQHm2wXA64Mp0evezFfgjIV6jh4Q
o8d92J6xhu0M8WEFvkVYyiWAVVQbo2cN9O09inzYoIDn7XP+eoKnyMRl493y5qmB
juaV9WB4Y7LX1C2xtooicOKEKVpYKgQSx0r+gxUUK6FpF12G4ZGoI8ZuEeWEdSzx
WC0l3f8A4xz507Jh+0Qu5gIZlLuy3bGf26IAw+ihmVXYcnya9DnbO8ik7S8cM43j
2/UQl43vMtc1hqWHlMNWBSrN9/uHncQqvbcEsvjYrNlMAVRrIFFzDrRqHOiyKBnT
ZxU2xi1vUMgBHWN/Yv7fkaSUtRbmViKzjXDfIRmadMsB+rDsXr3YJElMDwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFEgoTs+88nEu6okFGhR5VHTCEJz5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU0NoT3o3enljUzdxaVFVYUZIbFVkTUlRblBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAPkzo
AwQAwHy+AwQAwXwQAwQAwXxdAwQAwXzKAwQAwjonAwQAwjovAwQAwlcDAwQAwlcQ
AwQAwlcWAwQBwlckAwQAwldTAwQAwlexAwQAwle+AwQAwzo2AwQAwzo6AwQAw4VW
AwQAw4XCAwQA1MDTAwQA1MEIMA0GCSqGSIb3DQEBCwUAA4IBAQBfAffQK7vF/ECH
cvMqBZ5fFjP7biUorwQ84hieAh9MmDkBdQ4/4c/M5OZpfHlAB/2LpqS76aGYvOWV
2/c72hMS+p/H4tjWZM7RBkoEFX0GHcfgHD9v4vs1wEdL5G9cSnrf1Mo3zElyYZMy
TSdEiWvgnlapUUsFi9Y030DImJy/W4Fn/AOAjPvhinQ8N/nyK0nfcqXV38h/JwlR
Xa8unkRsLEPO8sVW3bpOR2mQrrcOr7Q73X1cbCEIHVHknw3owYH/pW6853C6LF4r
em38hjpKUCY79BYlrlHHZiXlc/9fbwCx1W3vjPVrkWcSnD2hudrpOR1BO08JDFI2
OM1u+f3b
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org