Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YM1Vf3Epw1O6FVbmcFUPhLeJBis.roa
File: YM1Vf3Epw1O6FVbmcFUPhLeJBis.roa (raw, json)
Hash identifier: NvrdWwMaiSbKvoAoCLgzW0zDnwz5KPffJirO6aPXxMU=
Subject key identifier: 60:CD:55:7F:71:29:C3:53:BA:15:56:E6:70:55:0F:84:B7:89:06:2B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01846272D5488283F0CE0E0F1E94C15EC2AA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YM1Vf3Epw1O6FVbmcFUPhLeJBis.roa
Signing time: Thu 10 Nov 2022 16:50:03 +0000
ROA not before: Thu 10 Nov 2022 16:50:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:62:72:d5:48:82:83:f0:ce:0e:0f:1e:94:c1:5e:c2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 10 16:50:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60cd557f7129c353ba1556e670550f84b789062b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a1:ce:3d:12:26:b0:5a:3d:10:60:d5:aa:e7:
df:87:3e:2d:cf:25:f2:e1:34:fe:70:6b:32:82:f6:
34:b4:3b:44:16:af:c2:1d:84:56:70:d9:4c:67:f2:
ee:80:c7:d5:f9:c1:37:33:97:0d:d4:4c:f7:21:69:
7b:11:e8:7b:6a:78:e7:c7:1f:e1:5e:17:8d:24:df:
2f:8a:0c:77:ad:18:ab:e8:9e:b8:29:88:d2:de:ac:
62:94:ff:5b:1e:4c:e9:a9:68:8a:9d:04:f6:dc:d8:
7e:85:72:24:c7:72:f3:5b:14:35:4f:e1:04:b7:81:
e4:b5:fe:98:f2:bb:7a:64:8f:f9:0f:e6:f8:bf:e6:
be:a7:9e:53:c7:62:f4:12:e2:aa:99:6f:6b:e5:5f:
ad:69:22:fd:54:aa:f0:a0:d3:c4:7a:b2:94:6c:ee:
d0:8b:34:29:93:95:3c:6d:53:db:82:80:68:e0:34:
9d:ae:f6:c4:17:8f:68:64:08:6b:b0:51:cf:63:a6:
e8:a9:70:0b:9e:b8:50:60:3c:68:82:d3:7d:37:49:
d8:3b:5a:04:73:e5:0c:a8:be:1c:c0:6f:b1:95:45:
44:62:b1:8b:70:df:28:fd:49:4a:99:e8:8a:24:59:
28:73:31:86:aa:bc:e0:ab:09:72:eb:c2:09:33:a1:
72:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CD:55:7F:71:29:C3:53:BA:15:56:E6:70:55:0F:84:B7:89:06:2B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YM1Vf3Epw1O6FVbmcFUPhLeJBis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.200.0/23
193.124.203.0/24
194.58.38.0/24
194.58.40.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.1.0/24
194.87.3.0/24
194.87.7.0/24
194.87.16.0/24
194.87.24.0/22
194.87.56.0/24
194.87.72.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.118.0/24
194.87.160.0/24
194.87.163.0/24
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.56.0/21
195.133.30.0/24
195.133.55.0/24
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:44:c8:79:15:cb:9b:29:9a:9b:78:fb:0c:0c:72:1e:81:70:
65:b9:59:12:79:72:60:2e:6f:93:4a:1d:7b:41:fd:cb:48:dc:
40:3d:65:9d:49:33:8f:61:23:bd:82:4b:45:d5:18:ba:93:d9:
c7:91:f7:61:50:c9:aa:37:ba:51:8c:40:5d:5e:a4:79:5e:5b:
77:2a:9d:32:04:c9:3c:99:93:6f:52:97:10:1d:43:b8:30:86:
e4:95:6f:28:44:36:70:85:05:f3:4a:f0:7b:69:0a:3f:4c:89:
78:1e:fa:3c:c8:49:9a:c8:db:cb:5c:c5:d1:ff:de:c0:cb:65:
9d:d1:94:e0:78:cd:26:e7:1c:27:40:f3:b4:d3:9a:ef:01:ac:
78:3d:35:ca:3f:bb:f7:49:f9:30:ba:c5:a0:a6:ad:6f:70:9b:
81:0f:eb:35:03:56:f4:96:9c:29:23:c8:80:b2:4b:da:de:61:
d4:1e:65:ee:df:a7:ea:62:d6:92:e8:8d:bc:00:40:a6:d0:0e:
dc:ec:a8:e6:6c:3b:96:9e:85:05:d3:b2:4c:0f:24:40:84:fc:
99:fe:ca:94:ad:0f:34:ab:c3:6b:8a:ab:61:52:17:85:32:51:
d1:bf:d2:ba:b9:32:d5:78:88:7f:bb:5b:29:21:f1:54:ff:90:
18:69:f7:f8
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYRictVIgoPwzg4PHpTBXsKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTEwMTY1MDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNkNTU3ZjcxMjljMzUzYmExNTU2ZTY3MDU1MGY4NGI3ODkwNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqHOPRImsFo9EGDVquffhz4tzyXy
4TT+cGsygvY0tDtEFq/CHYRWcNlMZ/LugMfV+cE3M5cN1Ez3IWl7Eeh7anjnxx/h
XheNJN8vigx3rRir6J64KYjS3qxilP9bHkzpqWiKnQT23Nh+hXIkx3LzWxQ1T+EE
t4Hktf6Y8rt6ZI/5D+b4v+a+p55Tx2L0EuKqmW9r5V+taSL9VKrwoNPEerKUbO7Q
izQpk5U8bVPbgoBo4DSdrvbEF49oZAhrsFHPY6boqXALnrhQYDxogtN9N0nYO1oE
c+UMqL4cwG+xlUVEYrGLcN8o/UlKmeiKJFkoczGGqrzgqwly68IJM6Fy0wIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFGDNVX9xKcNTuhVW5nBVD4S3iQYrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWU0xVmYzRXB3MU82RlZibWNGVVBoTGVKQmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAD5M5wMEAMB8rQMEAsB8tAMEAMB80QMEAMFscAMEAMF8AwMEAMF8CQMEAMF8
EgMEAcF8yAMEAMF8ywMEAMI6JgMEAMI6KAMEAMI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwlcBAwQAwlcDAwQAwlcHAwQAwlcQAwQCwlcYAwQAwlc4AwQAwldIAwQA
wldMAwQBwldSAwQAwldoAwQAwld2AwQAwlegAwQAwlejAwQAwlelAwQAwleqAwQA
wlezAwQAwlfGMAwDBADCV88DBAHCV9ADBAHCV94DBADCV+kDBADChx4DBAPDOjgD
BADDhR4DBADDhTcDBADUwAoDBADUwN4DBADUwQADBADUwQwwDQYJKoZIhvcNAQEL
BQADggEBAE5EyHkVy5spmpt4+wwMch6BcGW5WRJ5cmAub5NKHXtB/ctI3EA9ZZ1J
M49hI72CS0XVGLqT2ceR92FQyao3ulGMQF1epHleW3cqnTIEyTyZk29SlxAdQ7gw
huSVbyhENnCFBfNK8HtpCj9MiXge+jzISZrI28tcxdH/3sDLZZ3RlOB4zSbnHCdA
87TTmu8BrHg9Nco/u/dJ+TC6xaCmrW9wm4EP6zUDVvSWnCkjyICyS9reYdQeZe7f
p+pi1pLojbwAQKbQDtzsqOZsO5aehQXTskwPJECE/Jn+ypStDzSrw2uKq2FSF4Uy
UdG/0rq5MtV4iH+7Wykh8VT/kBhp9/g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org