Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YeB5OKzLfkZ1QZgTM7CErUQ5xFs.roa
File: YeB5OKzLfkZ1QZgTM7CErUQ5xFs.roa (raw, json)
Hash identifier: wNBGXd5CaGeSk1d4FzhnbOgfrilawjrhAYilR5xPMgM=
Subject key identifier: 61:E0:79:38:AC:CB:7E:46:75:41:98:13:33:B0:84:AD:44:39:C4:5B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01849ACA3EAADCBB88F50C66917B47782941
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YeB5OKzLfkZ1QZgTM7CErUQ5xFs.roa
Signing time: Mon 21 Nov 2022 15:24:16 +0000
ROA not before: Mon 21 Nov 2022 15:24:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:ca:3e:aa:dc:bb:88:f5:0c:66:91:7b:47:78:29:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 21 15:24:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61e07938accb7e467541981333b084ad4439c45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:63:f7:a0:ef:56:58:13:94:25:36:57:95:f6:
6c:c1:9f:03:77:15:73:53:da:84:d4:17:8e:3c:29:
23:7e:18:16:32:d6:39:fc:5b:38:0a:92:24:9f:66:
a2:f5:4e:97:72:a7:f2:67:72:3b:3d:e4:7f:02:da:
8c:48:29:b6:22:62:a1:ca:a9:16:f7:e3:81:99:ed:
0c:bb:69:d0:68:dc:34:16:44:ad:5b:b2:fb:b4:80:
f1:79:0f:2a:79:0b:71:90:c4:36:8a:e2:58:73:84:
ca:58:e5:e8:b8:a6:15:60:9d:3b:b6:f1:36:9d:3f:
b3:4f:3b:b3:f0:a4:84:6e:d5:48:53:5c:b3:c5:08:
3c:b8:43:0b:80:41:85:b1:8a:4a:99:1d:8f:02:76:
3d:0f:c2:76:74:a5:ec:71:23:08:2d:02:ad:9a:53:
ff:65:82:ff:64:ef:c3:be:78:95:a8:17:a3:b2:1a:
4d:01:e2:a1:d4:66:ec:30:36:4f:98:5f:0f:21:58:
fc:82:42:bf:dc:1f:b6:f3:e4:15:51:39:ce:c6:e9:
d3:7a:e8:08:1b:1c:d9:60:cc:3c:f4:7e:e1:66:8a:
53:7f:a2:0a:3a:23:79:c4:ea:2c:33:33:ce:aa:57:
fa:ea:4f:80:6a:12:23:c5:b8:a5:e3:5c:51:ad:7a:
c0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E0:79:38:AC:CB:7E:46:75:41:98:13:33:B0:84:AD:44:39:C4:5B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YeB5OKzLfkZ1QZgTM7CErUQ5xFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/23
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.16.0/24
193.124.18.0/24
193.124.45.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.1.0/24
194.87.7.0/24
194.87.24.0/22
194.87.32.0/24
194.87.36.0/24
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.137.0/24
194.87.160.0/24
194.87.163.0/24
194.87.165.0/24
194.87.170.0/23
194.87.179.0/24
194.87.191.0/24
194.87.198.0/23
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.18.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.6.0/24
212.192.10.0/24
212.192.208.0/23
212.192.222.0/24
212.193.0.0/24
212.193.3.0/24
212.193.6.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:09:26:f8:11:e4:a2:2e:75:a0:fc:6a:3d:39:cd:19:a2:ce:
46:73:8f:cb:ca:8e:f7:a3:1a:07:1f:b5:19:35:9c:ea:6b:25:
8d:1e:cd:ac:9a:74:d4:23:e9:d5:91:b5:ea:1f:d3:60:ee:b1:
6a:73:71:33:f3:a5:13:56:b9:49:6e:1c:cb:74:72:a3:80:c9:
07:6e:53:68:bd:7e:96:75:58:1d:57:d7:bb:5f:4b:60:7d:b3:
26:f9:72:08:09:61:9d:ae:59:7e:62:e0:d2:b3:9b:df:0c:60:
bb:70:a2:6a:e5:97:d6:46:0b:79:03:f8:c4:9f:fd:c1:14:60:
c9:ff:6a:53:48:5c:60:65:5f:2a:11:ee:06:12:6c:3c:32:4f:
34:97:6b:89:e9:8f:f0:0a:7c:64:94:82:14:6e:49:f8:80:de:
4f:72:74:d0:1c:33:97:f5:e4:0b:20:b3:28:ee:8b:48:0d:89:
f2:ec:1f:9f:f7:da:74:3c:18:97:e4:b1:cd:b6:57:15:80:08:
6f:dc:c1:87:40:ab:18:a4:a1:d4:cd:48:1e:db:f3:be:2f:41:
ff:94:bb:87:4e:56:16:87:f1:55:c5:d1:bb:9a:63:a0:50:d9:
28:d9:6a:4c:06:6c:16:75:4e:3c:a4:99:3a:d6:6c:26:8a:e6:
21:16:cb:06
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYSayj6q3LuI9QxmkXtHeClBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIxMTUyNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWUwNzkzOGFjY2I3ZTQ2NzU0MTk4MTMzM2IwODRhZDQ0MzljNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmP3oO9WWBOUJTZXlfZswZ8DdxVz
U9qE1BeOPCkjfhgWMtY5/Fs4CpIkn2ai9U6XcqfyZ3I7PeR/AtqMSCm2ImKhyqkW
9+OBme0Mu2nQaNw0FkStW7L7tIDxeQ8qeQtxkMQ2iuJYc4TKWOXouKYVYJ07tvE2
nT+zTzuz8KSEbtVIU1yzxQg8uEMLgEGFsYpKmR2PAnY9D8J2dKXscSMILQKtmlP/
ZYL/ZO/DvniVqBejshpNAeKh1GbsMDZPmF8PIVj8gkK/3B+28+QVUTnOxunTeugI
GxzZYMw89H7hZopTf6IKOiN5xOosMzPOqlf66k+AahIjxbil41xRrXrAswIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFGHgeTisy35GdUGYEzOwhK1EOcRbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWWVCNU9Lekxma1oxUVpnVE03Q0VyVVE1eEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCCAW4EAgABMIIB
ZgMEAD5M5wMEAcB8rAMEAsB8tAMEAMB80QMEAMFscAMEAMF8AwMEAMF8CQMEAMF8
EAMEAMF8EgMEAMF8LQMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6JgMEAcI6
KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcBAwQAwlcHAwQCwlcYAwQAwlcgAwQA
wlckAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQAwld7AwQA
wleJAwQAwlegAwQAwlejAwQAwlelAwQBwleqAwQAwlezAwQAwle/AwQBwlfGMAwD
BADCV88DBAHCV9ADBAHCV94DBADCV+kDBADCV/oDBADChxIDBADChx4DBADDOjID
BAPDOjgDBADDhQwDBADDhR4DBADDhTcDBADUwAYDBADUwAoDBAHUwNADBADUwN4D
BADUwQADBADUwQMDBADUwQYDBADUwQwwDQYJKoZIhvcNAQELBQADggEBAEwJJvgR
5KIudaD8aj05zRmizkZzj8vKjvejGgcftRk1nOprJY0ezayadNQj6dWRteof02Du
sWpzcTPzpRNWuUluHMt0cqOAyQduU2i9fpZ1WB1X17tfS2B9syb5cggJYZ2uWX5i
4NKzm98MYLtwomrll9ZGC3kD+MSf/cEUYMn/alNIXGBlXyoR7gYSbDwyTzSXa4np
j/AKfGSUghRuSfiA3k9ydNAcM5f15Asgsyjui0gNifLsH5/32nQ8GJfksc22VxWA
CG/cwYdAqxikodTNSB7b874vQf+Uu4dOVhaH8VXF0buaY6BQ2SjZakwGbBZ1Tjyk
mTrWbCaK5iEWywY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org