Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YsoITgHm8WbNDxUgsIxn8ztrsc0.roa
File: YsoITgHm8WbNDxUgsIxn8ztrsc0.roa (raw, json)
Hash identifier: O+P72vPg9SB8+jdYTaxoE0TIXkfP7ewP68/FJNaJSI8=
Subject key identifier: 62:CA:08:4E:01:E6:F1:66:CD:0F:15:20:B0:8C:67:F3:3B:6B:B1:CD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 1036BD2F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YsoITgHm8WbNDxUgsIxn8ztrsc0.roa
Signing time: Fri 03 Jun 2022 10:52:20 +0000
ROA not before: Fri 03 Jun 2022 10:52:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 194.87.216.0/24 maxlen: 24
194.87.218.0/24 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.36.0/22 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.25.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 272022831 (0x1036bd2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 3 10:52:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62ca084e01e6f166cd0f1520b08c67f33b6bb1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:a0:6b:d3:da:94:2d:56:1f:aa:29:45:d8:
17:b3:86:75:53:7f:07:3b:3f:8a:6d:7e:a3:a5:3b:
5f:17:a1:c3:5e:5d:1f:e3:1b:4e:cb:26:92:87:e1:
7d:a8:9e:94:5f:fa:bb:d2:6b:df:67:ca:06:30:4a:
06:03:11:66:42:c9:4c:34:88:75:d3:1c:11:00:f3:
e3:76:cb:58:11:a4:e3:a7:b5:cb:51:9f:6d:1e:52:
29:27:72:73:1a:9f:51:9f:c7:50:2b:a3:85:0c:b2:
cb:82:6b:3b:90:06:28:33:33:e2:a6:20:e8:7f:fb:
d0:72:38:25:d0:b6:ba:17:e8:2a:68:84:bd:c9:46:
66:9d:77:9e:a7:69:75:16:d7:f5:66:5f:6a:f0:ae:
a1:48:a5:82:35:67:0d:ef:af:1c:87:8c:c1:d5:21:
25:87:52:e1:80:c1:7a:8e:ef:b1:90:fc:38:20:7e:
17:20:61:d4:34:9a:51:48:07:b0:1a:05:d9:bc:8f:
64:22:8b:c3:2b:35:1a:40:4b:fb:64:23:ec:c6:03:
cf:08:e4:0e:6e:a2:6c:b4:10:28:71:f8:12:91:d6:
1a:51:72:f0:30:fa:18:86:df:6d:95:52:d8:2e:a5:
09:4d:6b:8b:c7:f8:1c:55:44:8f:c6:53:4f:3f:d7:
4e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:CA:08:4E:01:E6:F1:66:CD:0F:15:20:B0:8C:67:F3:3B:6B:B1:CD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YsoITgHm8WbNDxUgsIxn8ztrsc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
194.87.31.0/24
194.87.36.0/22
194.87.216.0/24
194.87.218.0/24
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.25.0-195.133.27.255
195.133.55.0/24
195.133.59.0/24
212.192.14.0/24
212.193.2.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:0e:b9:dd:ec:d8:10:a1:a6:44:ca:4c:b7:f9:f3:5f:76:63:
9c:fe:85:3c:7b:ef:fc:c4:e9:97:8a:f1:46:06:62:72:b8:e2:
27:a0:a7:03:ad:e2:ff:d4:0d:27:69:7b:34:dc:34:b4:e8:e2:
14:b8:92:e1:2b:3c:c5:9d:3a:b0:44:5b:b4:14:21:88:b4:6a:
3e:f7:ef:57:7a:fe:33:9e:1b:24:0c:99:23:9e:4e:a7:72:2c:
b2:1c:dd:cd:5f:f3:e6:27:50:a7:d7:8d:25:90:94:a0:03:b5:
03:a5:d4:f8:24:db:86:b6:46:12:ba:29:1b:46:4e:9a:a0:ff:
a8:5a:aa:b5:fe:c7:12:9c:d1:79:83:f8:34:e2:0a:25:08:29:
02:f9:97:f6:fd:73:1f:a3:28:9e:7b:dc:c9:09:91:8b:27:41:
96:e3:5c:e6:1c:d1:44:c1:58:9a:f0:09:3b:07:ce:7f:fa:7f:
98:06:40:ce:d0:0f:ff:7d:a1:b6:af:72:cd:3c:09:a9:bc:69:
7f:56:89:bd:4b:ba:e2:84:c2:69:74:41:4d:bc:d9:91:fc:45:
c4:ab:2c:12:69:dc:db:24:61:48:48:30:09:c1:bd:67:41:29:
b9:9e:77:0e:85:a2:6d:a6:a6:19:a3:68:38:44:2e:cb:7f:6d:
85:9a:b9:82
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIEEDa9LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDYw
MzEwNTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJjYTA4NGUwMWU2
ZjE2NmNkMGYxNTIwYjA4YzY3ZjMzYjZiYjFjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwjoGvT2pQtVh+qKUXYF7OGdVN/Bzs/im1+o6U7Xxehw15d
H+MbTssmkofhfaielF/6u9Jr32fKBjBKBgMRZkLJTDSIddMcEQDz43bLWBGk46e1
y1GfbR5SKSdycxqfUZ/HUCujhQyyy4JrO5AGKDMz4qYg6H/70HI4JdC2uhfoKmiE
vclGZp13nqdpdRbX9WZfavCuoUilgjVnDe+vHIeMwdUhJYdS4YDBeo7vsZD8OCB+
FyBh1DSaUUgHsBoF2byPZCKLwys1GkBL+2Qj7MYDzwjkDm6ibLQQKHH4EpHWGlFy
8DD6GIbfbZVS2C6lCU1ri8f4HFVEj8ZTTz/XTuUCAwEAAaOCAmwwggJoMB0GA1Ud
DgQWBBRiyghOAebxZs0PFSCwjGfzO2uxzTAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L1lzb0lUZ0htOFdiTkR4VWdzSXhuOHp0cnNjMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gQYIKwYBBQUHAQcBAf8EcjBwMG4EAgABMGgDBADBbHADBADCVx8DBALCVyQDBADC
V9gDBADCV9oDBADCV+EDBADChyADBADChyYDBADCh2gDBADDhQkDBADDhRUwDAME
AMOFGQMEAsOFGAMEAMOFNwMEAMOFOwMEANTADgMEANTBAjANBgkqhkiG9w0BAQsF
AAOCAQEAPw653ezYEKGmRMpMt/nzX3ZjnP6FPHvv/MTpl4rxRgZicrjiJ6CnA63i
/9QNJ2l7NNw0tOjiFLiS4Ss8xZ06sERbtBQhiLRqPvfvV3r+M54bJAyZI55Op3Is
shzdzV/z5idQp9eNJZCUoAO1A6XU+CTbhrZGEropG0ZOmqD/qFqqtf7HEpzReYP4
NOIKJQgpAvmX9v1zH6MonnvcyQmRiydBluNc5hzRRMFYmvAJOwfOf/p/mAZAztAP
/32htq9yzTwJqbxpf1aJvUu64oTCaXRBTbzZkfxFxKssEmnc2yRhSEgwCcG9Z0Ep
uZ53DoWibaamGaNoOEQuy39thZq5gg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org