Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tl0jBsE3Uy3ld4U3BlzK2WQpzjE.roa
File: Tl0jBsE3Uy3ld4U3BlzK2WQpzjE.roa (raw, json)
Hash identifier: 7UQwdHTrV0rJXoD74g8jQENAAi958C1nZd9NYy8gmWA=
Subject key identifier: 4E:5D:23:06:C1:37:53:2D:E5:77:85:37:06:5C:CA:D9:64:29:CE:31
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01841095073DDA2FD41CED5AA1641364C5CF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tl0jBsE3Uy3ld4U3BlzK2WQpzjE.roa
Signing time: Tue 25 Oct 2022 19:18:32 +0000
ROA not before: Tue 25 Oct 2022 19:18:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 62.76.231.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:95:07:3d:da:2f:d4:1c:ed:5a:a1:64:13:64:c5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 19:18:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e5d2306c137532de5778537065ccad96429ce31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:45:47:9a:89:56:f4:24:90:63:9a:60:a4:
ad:cf:a0:86:a9:75:15:64:6e:e3:22:66:d9:e1:81:
39:da:c6:4e:1c:ea:f2:3b:8a:35:1a:b8:df:ba:ed:
12:48:d3:81:93:d6:65:4d:27:70:02:34:d1:e7:80:
ee:f7:c5:ea:51:0d:6f:bd:05:20:07:d9:6c:49:b2:
6e:75:a4:d9:65:d0:36:8b:77:17:b4:6e:48:c5:10:
9a:73:d2:62:5a:71:03:24:4a:97:0b:9b:fa:b8:3e:
b7:bc:4d:97:14:42:bb:b7:da:33:1a:16:4a:8c:d9:
09:3f:e4:76:18:99:9a:56:67:74:1c:59:06:a0:ef:
43:5d:69:27:b6:a2:95:7e:22:17:82:de:30:00:fe:
77:dd:f6:f9:a9:b6:6c:96:18:fe:7e:6b:a8:4d:7e:
1d:81:d6:6a:d1:f6:46:0b:0e:fe:f7:48:e9:d6:62:
f6:bd:9e:79:39:cd:1e:54:df:32:2a:c5:53:b9:c6:
c7:c7:04:eb:fa:6d:4c:6f:8b:05:b9:16:ee:2b:93:
cc:52:0a:0a:e8:38:4e:16:93:8d:dc:8c:46:e1:e5:
e6:3c:2d:a3:94:98:55:f5:53:03:89:e4:4a:61:b2:
f7:6f:66:63:e1:6b:06:dc:9e:74:e9:0a:5d:f4:0f:
ec:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5D:23:06:C1:37:53:2D:E5:77:85:37:06:5C:CA:D9:64:29:CE:31
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tl0jBsE3Uy3ld4U3BlzK2WQpzjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
193.124.205.0/24
194.87.22.0/24
194.87.26.0/24
194.135.18.0/24
195.133.12.0/24
195.133.15.0/24
212.192.208.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
85:90:e7:41:d4:5f:40:41:97:47:bd:df:83:76:41:be:da:15:
bf:7b:d8:d1:38:5f:97:b7:ea:08:7a:af:64:67:4a:d5:df:9c:
79:2b:b2:d5:9e:fd:8f:fb:47:04:b0:29:96:71:62:f7:30:ee:
32:ff:74:1c:81:df:99:e5:86:00:46:02:1d:fa:6d:cf:64:4c:
34:35:e2:3d:c4:3d:d1:6a:51:3f:ec:d1:e6:d2:73:16:9a:4e:
85:db:0a:46:56:6e:c1:5f:0e:ac:5b:9b:69:2e:66:3f:ab:86:
60:32:eb:60:3e:3d:3c:78:91:5f:3d:c9:ce:4b:99:3a:20:f0:
72:90:e6:46:2d:b3:bb:52:d2:47:8a:4e:e5:cd:41:5c:1c:d5:
c5:0b:78:aa:a0:8d:30:e9:45:b3:4d:7c:2c:f7:e4:e5:67:a4:
b9:37:e0:21:64:70:be:5a:52:95:97:c6:41:d7:8a:5b:d2:e8:
cd:13:20:4c:01:7c:c9:fe:c6:bf:96:c5:03:b0:4a:0a:83:b8:
af:64:df:38:6b:e8:84:94:55:a1:88:a0:0a:ef:1c:7f:45:d5:
61:63:51:fd:73:9b:3d:14:06:f4:15:39:db:f3:53:00:e0:38:
05:af:8a:28:3e:eb:63:25:4d:c3:ce:2b:a1:6c:02:3a:5f:cb:
9a:16:68:56
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYQQlQc92i/UHO1aoWQTZMXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MTkxODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVkMjMwNmMxMzc1MzJkZTU3Nzg1MzcwNjVjY2FkOTY0MjljZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjxFR5qJVvQkkGOaYKStz6CGqXUV
ZG7jImbZ4YE52sZOHOryO4o1Grjfuu0SSNOBk9ZlTSdwAjTR54Du98XqUQ1vvQUg
B9lsSbJudaTZZdA2i3cXtG5IxRCac9JiWnEDJEqXC5v6uD63vE2XFEK7t9ozGhZK
jNkJP+R2GJmaVmd0HFkGoO9DXWkntqKVfiIXgt4wAP533fb5qbZslhj+fmuoTX4d
gdZq0fZGCw7+90jp1mL2vZ55Oc0eVN8yKsVTucbHxwTr+m1Mb4sFuRbuK5PMUgoK
6DhOFpON3IxG4eXmPC2jlJhV9VMDieRKYbL3b2Zj4WsG3J506Qpd9A/sOQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFE5dIwbBN1Mt5XeFNwZcytlkKc4xMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVGwwakJzRTNVeTNsZDRVM0JseksyV1FwempFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAPkznAwQA
wHysAwQAwHyyAwQAwXzNAwQAwlcWAwQAwlcaAwQAwocSAwQAw4UMAwQAw4UPAwQA
1MDQAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQCFkOdB1F9AQZdHvd+DdkG+2hW/
e9jROF+Xt+oIeq9kZ0rV35x5K7LVnv2P+0cEsCmWcWL3MO4y/3Qcgd+Z5YYARgId
+m3PZEw0NeI9xD3RalE/7NHm0nMWmk6F2wpGVm7BXw6sW5tpLmY/q4ZgMutgPj08
eJFfPcnOS5k6IPBykOZGLbO7UtJHik7lzUFcHNXFC3iqoI0w6UWzTXws9+TlZ6S5
N+AhZHC+WlKVl8ZB14pb0ujNEyBMAXzJ/sa/lsUDsEoKg7ivZN84a+iElFWhiKAK
7xx/RdVhY1H9c5s9FAb0FTnb81MA4DgFr4ooPutjJU3DziuhbAI6X8uaFmhW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:04 2023 by rpki-client on console-fra.rpki-client.org