Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/URk3vDzXW-aN7lYMTFOiL5wn_o8.roa
File: URk3vDzXW-aN7lYMTFOiL5wn_o8.roa (raw, json)
Hash identifier: ysdlEyQzhxjExawF7cOPaSySsk7dXFbQHLls/OCd+FE=
Subject key identifier: 51:19:37:BC:3C:D7:5B:E6:8D:EE:56:0C:4C:53:A2:2F:9C:27:FE:8F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E15278F4D7ED7C10FE2918B836F8FE86
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/URk3vDzXW-aN7lYMTFOiL5wn_o8.roa
Signing time: Mon 05 Dec 2022 08:06:29 +0000
ROA not before: Mon 05 Dec 2022 08:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 193.124.16.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:52:78:f4:d7:ed:7c:10:fe:29:18:b8:36:f8:fe:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 08:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=511937bc3cd75be68dee560c4c53a22f9c27fe8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:97:8e:35:50:95:a4:27:3a:81:c4:ee:a1:f0:
04:a7:05:6e:50:d6:af:42:7b:38:c7:f6:67:ee:3b:
87:d5:96:d2:96:f6:10:9e:55:f4:17:35:ce:5f:db:
8d:d3:71:71:e7:dc:68:d0:2c:f7:80:73:a7:52:f3:
a9:47:bd:02:d0:9c:00:e5:7c:bc:b5:bd:c0:1c:9f:
d0:f7:3e:6b:ff:fe:24:3b:c7:cc:53:71:44:9e:2d:
44:55:be:69:0e:a1:cd:32:f0:3a:87:69:d3:3b:3e:
b2:d8:63:94:07:5f:e6:17:86:f6:43:18:b5:20:c6:
11:99:3d:1b:f7:47:7d:19:4e:30:bd:57:9f:c0:db:
6a:dd:1b:33:30:9b:0b:02:ea:bd:0a:87:4a:39:0b:
57:ec:7b:33:7d:3c:02:c4:cf:67:64:5a:92:33:78:
cc:09:fb:20:01:36:02:1c:28:0a:a2:35:4a:39:f6:
89:13:34:2f:02:4f:0b:95:1d:fb:32:8c:ea:18:5e:
c5:83:c3:eb:63:71:cb:70:0e:25:0d:ca:71:6d:2e:
79:63:be:b7:89:45:c2:2f:16:d6:df:ef:f3:4e:27:
2e:96:dd:aa:ca:a8:46:5b:f4:2e:3b:18:e3:90:d3:
f6:d5:f2:a9:71:02:f3:7a:73:5d:db:50:fc:10:c5:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:19:37:BC:3C:D7:5B:E6:8D:EE:56:0C:4C:53:A2:2F:9C:27:FE:8F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/URk3vDzXW-aN7lYMTFOiL5wn_o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
192.124.190.0/24
193.124.16.0/24
193.124.202.0/24
194.58.39.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.36.0/23
194.87.83.0/24
194.87.177.0/24
194.87.190.0/24
195.58.54.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
89:85:8b:59:51:3c:90:5b:37:0a:99:d1:84:78:35:86:3d:7c:
b5:02:5b:ba:bc:0f:83:00:10:93:0f:55:b9:02:80:1b:3b:a0:
46:80:29:4c:f2:58:47:54:44:bf:0c:58:c5:73:7a:08:99:25:
02:f2:a7:e1:85:d7:73:59:57:5f:1f:dd:25:9b:79:6c:cd:46:
83:c0:00:46:94:6d:e7:80:da:a3:ad:18:12:83:ce:03:c9:31:
b2:09:41:1c:34:4b:22:7b:9d:9c:84:85:a8:84:b1:9d:8b:5d:
1f:cc:c7:56:1e:5c:38:d6:48:08:63:9e:0b:f1:66:8d:a7:f7:
c4:d7:82:8f:44:02:07:ed:85:fb:a7:83:b2:da:7b:b7:4f:00:
3b:a7:cd:af:fd:7e:8d:a8:50:e7:dd:6c:4e:4e:8a:e1:f6:29:
21:11:96:cf:22:2a:31:f9:7d:aa:6f:ff:0b:1f:bc:2d:c7:9b:
56:29:97:96:5e:92:91:1f:62:85:90:d6:a7:d8:25:b8:7c:71:
2f:0b:32:3a:c3:a8:83:e2:62:49:85:b9:83:92:97:eb:e2:08:
2e:e2:43:27:0d:9c:98:05:fb:c0:e2:ee:0d:28:8b:90:b8:40:
93:ba:6f:c2:3a:6a:c2:4f:a9:23:6b:2e:87:06:be:56:bb:8f:
fa:97:da:5f
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYThUnj01+18EP4pGLg2+P6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MDgwNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTE5MzdiYzNjZDc1YmU2OGRlZTU2MGM0YzUzYTIyZjljMjdmZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5eONVCVpCc6gcTuofAEpwVuUNav
Qns4x/Zn7juH1ZbSlvYQnlX0FzXOX9uN03Fx59xo0Cz3gHOnUvOpR70C0JwA5Xy8
tb3AHJ/Q9z5r//4kO8fMU3FEni1EVb5pDqHNMvA6h2nTOz6y2GOUB1/mF4b2Qxi1
IMYRmT0b90d9GU4wvVefwNtq3RszMJsLAuq9CodKOQtX7HszfTwCxM9nZFqSM3jM
CfsgATYCHCgKojVKOfaJEzQvAk8LlR37MozqGF7Fg8PrY3HLcA4lDcpxbS55Y763
iUXCLxbW3+/zTicult2qyqhGW/QuOxjjkNP21fKpcQLzenNd21D8EMWlCwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFFEZN7w811vmje5WDExToi+cJ/6PMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVVJrM3ZEelhXLWFON2xZTVRGT2lMNXduX284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAPkzo
AwQAPkzrAwQAwHy+AwQAwXwQAwQAwXzKAwQAwjonAwQAwjovAwQAwlcDAwQAwlcQ
AwQAwlcWAwQBwlckAwQAwldTAwQAwlexAwQAwle+AwQAwzo2AwQAwzo6AwQAw4VW
AwQAw4XCAwQA1MDTAwQA1MEIMA0GCSqGSIb3DQEBCwUAA4IBAQCJhYtZUTyQWzcK
mdGEeDWGPXy1Alu6vA+DABCTD1W5AoAbO6BGgClM8lhHVES/DFjFc3oImSUC8qfh
hddzWVdfH90lm3lszUaDwABGlG3ngNqjrRgSg84DyTGyCUEcNEsie52chIWohLGd
i10fzMdWHlw41kgIY54L8WaNp/fE14KPRAIH7YX7p4Oy2nu3TwA7p82v/X6NqFDn
3WxOTorh9ikhEZbPIiox+X2qb/8LH7wtx5tWKZeWXpKRH2KFkNan2CW4fHEvCzI6
w6iD4mJJhbmDkpfr4ggu4kMnDZyYBfvA4u4NKIuQuECTum/COmrCT6kjay6HBr5W
u4/6l9pf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:04 2023 by rpki-client on console-fra.rpki-client.org