Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YQfYMk3jwhDhR3nwNwdrXQikz7s.roa
File: YQfYMk3jwhDhR3nwNwdrXQikz7s.roa (raw, json)
Hash identifier: L/uK1ckq8QOhclu9XvrJA8TELleAYKOw+BDo7atvU4k=
Subject key identifier: 61:07:D8:32:4D:E3:C2:10:E1:47:79:F0:37:07:6B:5D:08:A4:CF:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01824ADB05A97D49F23054D57E834EE67BB4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YQfYMk3jwhDhR3nwNwdrXQikz7s.roa
Signing time: Fri 29 Jul 2022 16:47:23 +0000
ROA not before: Fri 29 Jul 2022 16:47:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.32.0/22 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.116.0/22 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:db:05:a9:7d:49:f2:30:54:d5:7e:83:4e:e6:7b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 29 16:47:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6107d8324de3c210e14779f037076b5d08a4cfbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:04:3f:4d:9f:51:f2:1e:1c:8c:f4:26:e3:e1:
17:d7:94:6d:e4:c3:df:72:c8:3f:7f:42:c8:c7:22:
0e:69:40:be:42:a5:d6:03:ec:96:07:9f:46:46:d5:
81:a0:66:08:dd:76:5e:25:62:cd:ac:3e:97:0b:27:
79:14:bb:86:95:e9:f8:c2:47:a6:1e:5c:cf:58:55:
cd:0b:f9:a3:e6:34:a9:98:b4:71:4d:ee:3b:11:e5:
75:1a:65:00:86:1f:43:f9:b4:1c:f8:85:b4:7e:77:
8c:57:79:0b:71:25:1a:c4:13:0e:c2:d7:1d:00:56:
ea:aa:91:29:62:b7:2d:d5:4e:b1:87:33:58:58:ca:
ed:02:e6:76:29:d9:ec:d6:cb:66:b6:ad:02:55:06:
ed:4b:61:c0:29:33:be:d6:35:73:00:6f:1e:5f:4d:
05:c5:da:c4:ed:91:db:52:19:1f:04:b5:74:e2:97:
22:35:47:08:8f:4f:49:9d:83:0a:25:fd:96:cc:45:
60:e7:00:63:07:5c:c4:af:dc:f3:e0:fb:11:7e:a0:
0d:ed:07:34:24:70:c6:62:5b:c1:2b:12:e8:75:7c:
09:77:ba:20:fb:ab:08:36:ea:a5:1e:bc:79:b7:9f:
6b:c3:5a:88:bf:aa:53:07:7f:52:60:8f:67:3f:11:
42:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:07:D8:32:4D:E3:C2:10:E1:47:79:F0:37:07:6B:5D:08:A4:CF:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YQfYMk3jwhDhR3nwNwdrXQikz7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.203.0/24
194.87.1.0/24
194.87.32.0/22
194.87.64.0/24
194.87.116.0/22
194.87.179.0/24
194.135.23.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
28:8a:1d:70:62:3a:c2:2b:d1:84:27:fd:56:5b:86:fc:40:6c:
f3:3c:cd:30:42:21:bc:0c:f1:ee:8a:03:c5:9a:00:27:0a:d9:
74:b6:c8:d3:d6:0f:65:6a:c3:d3:4d:df:0f:f6:ef:a6:b6:2b:
15:85:e5:ec:cc:1e:3e:24:3f:74:0a:ac:05:06:42:c7:87:31:
f2:34:aa:3e:46:e5:32:87:37:cb:9a:ba:aa:bf:e9:76:3e:0f:
6e:81:a0:2a:e6:80:10:ea:18:87:0d:10:5b:78:43:38:2d:f4:
49:aa:94:b8:44:60:40:2a:19:54:2f:d0:bc:7e:48:1f:2f:ae:
da:df:1f:15:f7:01:62:15:5e:be:58:cd:bd:39:aa:28:3a:5b:
f3:38:d6:49:9f:f4:62:33:73:b3:30:ea:0e:7e:4b:bf:4d:f7:
3b:fe:54:92:9b:84:d6:f9:08:b8:91:6f:d4:40:f4:23:33:ac:
68:76:42:46:44:ee:fe:c8:63:77:48:af:47:d9:48:f5:56:61:
ca:cd:45:17:0f:03:c1:0d:80:20:2b:a9:b0:da:f4:c3:61:9e:
b1:8a:90:d3:1f:1c:24:0d:17:ff:95:5a:89:f1:a6:52:4c:e4:
4b:ef:3f:1a:9f:68:77:63:28:4c:5c:9b:ff:09:c7:c1:ab:ad:
3c:dd:3a:dc
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYJK2wWpfUnyMFTVfoNO5nu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwNzI5MTY0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTA3ZDgzMjRkZTNjMjEwZTE0Nzc5ZjAzNzA3NmI1ZDA4YTRjZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigQ/TZ9R8h4cjPQm4+EX15Rt5MPf
csg/f0LIxyIOaUC+QqXWA+yWB59GRtWBoGYI3XZeJWLNrD6XCyd5FLuGlen4wkem
HlzPWFXNC/mj5jSpmLRxTe47EeV1GmUAhh9D+bQc+IW0fneMV3kLcSUaxBMOwtcd
AFbqqpEpYrct1U6xhzNYWMrtAuZ2Kdns1stmtq0CVQbtS2HAKTO+1jVzAG8eX00F
xdrE7ZHbUhkfBLV04pciNUcIj09JnYMKJf2WzEVg5wBjB1zEr9zz4PsRfqAN7Qc0
JHDGYlvBKxLodXwJd7og+6sINuqlHrx5t59rw1qIv6pTB39SYI9nPxFC2wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGEH2DJN48IQ4Ud58DcHa10IpM+7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWVFmWU1rM2p3aERoUjNud053ZHJYUWlrejdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwHytAwQA
wHyyAwQCwHy0AwQCwHy8AwQAwHzRAwQAwXzLAwQAwlcBAwQCwlcgAwQAwldAAwQC
wld0AwQAwlezAwQAwocXAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQAoih1wYjrC
K9GEJ/1WW4b8QGzzPM0wQiG8DPHuigPFmgAnCtl0tsjT1g9lasPTTd8P9u+mtisV
heXszB4+JD90CqwFBkLHhzHyNKo+RuUyhzfLmrqqv+l2Pg9ugaAq5oAQ6hiHDRBb
eEM4LfRJqpS4RGBAKhlUL9C8fkgfL67a3x8V9wFiFV6+WM29OaooOlvzONZJn/Ri
M3OzMOoOfku/Tfc7/lSSm4TW+Qi4kW/UQPQjM6xodkJGRO7+yGN3SK9H2Uj1VmHK
zUUXDwPBDYAgK6mw2vTDYZ6xipDTHxwkDRf/lVqJ8aZSTORL7z8an2h3YyhMXJv/
CcfBq6083Trc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org