Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TcZw0Y-NIlPyC3q1dbuo6nAGdgI.roa
File: TcZw0Y-NIlPyC3q1dbuo6nAGdgI.roa (raw, json)
Hash identifier: 96BeQRUhWhryMFqE4jniGZqaUU9Zmle+yO99GZgsSDg=
Subject key identifier: 4D:C6:70:D1:8F:8D:22:53:F2:0B:7A:B5:75:BB:A8:EA:70:06:76:02
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C2712775476A2BE917A8FC2628400FBB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TcZw0Y-NIlPyC3q1dbuo6nAGdgI.roa
Signing time: Mon 10 Oct 2022 15:08:58 +0000
ROA not before: Mon 10 Oct 2022 15:08:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
195.133.12.0/22 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:71:27:75:47:6a:2b:e9:17:a8:fc:26:28:40:0f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 10 15:08:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4dc670d18f8d2253f20b7ab575bba8ea70067602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:22:4e:6b:f3:cf:cc:15:57:83:25:bf:fb:
e1:5a:6e:63:2f:f7:55:b8:fb:e0:e7:e8:8d:ba:a7:
95:d7:cd:b3:84:93:e3:18:c6:ba:49:f9:8e:41:0c:
8d:34:31:c3:7e:7d:35:a8:f6:f1:66:05:12:fc:0d:
e5:31:e6:6f:ff:0a:cc:50:25:bf:c8:8c:23:59:c7:
f2:0f:e8:66:23:61:87:7f:cc:f6:c2:fd:ef:30:91:
35:6d:f4:f7:06:1d:ca:d5:66:94:d3:75:81:27:7f:
67:d8:e7:6a:17:c4:d4:77:96:24:6a:cc:41:3d:09:
64:e6:56:56:27:e5:9c:e8:4f:ea:5c:98:b0:94:48:
3f:0c:cd:68:8a:54:0c:0a:9b:ca:a6:a1:fe:c4:7e:
da:f5:91:ad:89:93:ba:b2:63:ce:62:a5:04:40:51:
df:9b:02:34:f2:eb:67:a0:44:68:16:c6:33:92:53:
98:88:03:67:16:77:4e:25:ec:47:d7:58:fc:d4:4c:
6a:46:20:db:36:5c:6c:40:5c:b6:dc:db:4c:b2:31:
11:81:d3:53:ea:25:ac:46:45:35:f1:13:95:f8:32:
7f:0b:f0:d4:ae:58:a6:db:a3:1c:c6:83:63:75:b0:
4b:fe:8f:77:c5:f3:73:e3:76:b5:c5:b9:5e:f0:39:
86:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C6:70:D1:8F:8D:22:53:F2:0B:7A:B5:75:BB:A8:EA:70:06:76:02
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TcZw0Y-NIlPyC3q1dbuo6nAGdgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.45.0/24
193.124.90.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.24.0/22
194.87.165.0/24
194.87.169.0-194.87.170.255
194.87.179.0/24
194.87.191.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.87.254.0/24
194.135.23.0/24
195.58.54.0/24
195.133.12.0/22
195.133.76.0/24
195.133.80.0/24
195.133.82.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:2e:bc:98:a0:88:b2:52:a2:c8:78:5e:6e:75:f6:bf:a0:35:
3f:f7:87:4e:90:76:00:a7:d0:7b:70:1f:ac:31:94:18:b2:8f:
d1:21:3f:c4:9d:bb:81:a3:43:d7:e1:b8:59:97:0c:80:33:43:
a4:1f:cf:a4:df:87:a1:e3:1d:96:99:9a:ee:f3:01:f1:3c:f0:
6a:f0:82:86:22:ba:fb:11:85:7d:15:c3:67:76:30:d4:7c:40:
12:4d:e6:e2:87:47:41:72:85:84:74:f9:12:99:b0:f5:80:78:
5d:ca:35:66:58:57:13:32:10:8c:5b:b5:53:db:2f:06:3a:bd:
2a:03:20:8f:b2:75:65:d7:f9:b5:99:b3:4b:9a:8a:9f:58:45:
c8:fb:83:54:78:3d:fa:f9:ab:82:fb:36:0a:4c:bc:93:3e:2f:
e8:2f:8e:32:d1:89:c1:53:bd:aa:47:16:c3:b6:e1:e8:eb:49:
83:23:bc:ca:c1:21:c9:cd:78:54:d8:a9:bd:00:d0:fa:c6:ec:
00:a2:c9:09:e4:49:4c:5c:30:91:80:18:6b:f0:e4:4a:5d:b8:
5e:78:0a:43:50:0f:6b:62:e0:b9:7f:a9:97:7c:dd:74:be:7c:
80:5f:34:e7:de:fe:63:fa:c3:b4:a5:c1:77:c5:fe:4a:ee:aa:
46:6a:7b:6c
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAYPCcSd1R2or6Reo/CYoQA+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEwMTUwODU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM2NzBkMThmOGQyMjUzZjIwYjdhYjU3NWJiYThlYTcwMDY3NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ8iTmvzz8wVV4Mlv/vhWm5jL/dV
uPvg5+iNuqeV182zhJPjGMa6SfmOQQyNNDHDfn01qPbxZgUS/A3lMeZv/wrMUCW/
yIwjWcfyD+hmI2GHf8z2wv3vMJE1bfT3Bh3K1WaU03WBJ39n2OdqF8TUd5YkasxB
PQlk5lZWJ+Wc6E/qXJiwlEg/DM1oilQMCpvKpqH+xH7a9ZGtiZO6smPOYqUEQFHf
mwI08utnoERoFsYzklOYiANnFndOJexH11j81ExqRiDbNlxsQFy23NtMsjERgdNT
6iWsRkU18ROV+DJ/C/DUrlim26McxoNjdbBL/o93xfNz43a1xble8DmG7QIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFE3GcNGPjSJT8gt6tXW7qOpwBnYCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVGNadzBZLU5JbFB5QzNxMWRidW82bkFHZGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBALAfLwDBADAfNEDBADB
fAMDBADBfC0DBADBfFoDBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBALC
VxgDBADCV6UwDAMEAMJXqQMEAMJXqgMEAMJXswMEAMJXvwMEAMJXxjAMAwQAwlfP
AwQBwlfQAwQBwlfeAwQAwlfiAwQAwlf+AwQAwocXAwQAwzo2AwQCw4UMAwQAw4VM
AwQAw4VQAwQAw4VSAwQA1MEMAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQBdLryY
oIiyUqLIeF5udfa/oDU/94dOkHYAp9B7cB+sMZQYso/RIT/EnbuBo0PX4bhZlwyA
M0OkH8+k34eh4x2WmZru8wHxPPBq8IKGIrr7EYV9FcNndjDUfEASTebih0dBcoWE
dPkSmbD1gHhdyjVmWFcTMhCMW7VT2y8GOr0qAyCPsnVl1/m1mbNLmoqfWEXI+4NU
eD36+auC+zYKTLyTPi/oL44y0YnBU72qRxbDtuHo60mDI7zKwSHJzXhU2Km9AND6
xuwAoskJ5ElMXDCRgBhr8ORKXbheeApDUA9rYuC5f6mXfN10vnyAXzTn3v5j+sO0
pcF3xf5K7qpGants
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org