Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZHk8hMVnmPSdaxHFAsYWJTyHzLs.roa
File: ZHk8hMVnmPSdaxHFAsYWJTyHzLs.roa (raw, json)
Hash identifier: 1GNI7m9iShx7KVGvcTP/GtA/q4AnjdfTIYpiszyhDpM=
Subject key identifier: 64:79:3C:84:C5:67:98:F4:9D:6B:11:C5:02:C6:16:25:3C:87:CC:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E2835AEC390F8F9A075C5C075848D731
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZHk8hMVnmPSdaxHFAsYWJTyHzLs.roa
Signing time: Mon 05 Dec 2022 13:39:29 +0000
ROA not before: Mon 05 Dec 2022 13:39:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.224.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:83:5a:ec:39:0f:8f:9a:07:5c:5c:07:58:48:d7:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 13:39:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64793c84c56798f49d6b11c502c616253c87ccbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bb:68:ae:94:0e:2b:24:4c:69:71:43:42:7c:
d1:50:ec:31:25:a8:7e:1f:ab:d4:a0:46:c6:f7:5a:
18:e9:55:7d:2b:0e:34:c0:83:0d:77:91:a4:fa:ce:
12:47:47:4d:2d:33:b4:81:48:7f:52:d1:3a:57:de:
92:48:0a:c6:3d:93:16:2b:35:0a:c7:e2:c4:7f:f7:
71:5b:f8:b3:2c:27:89:b8:b6:26:8b:e6:98:dc:5a:
dc:53:cd:91:d0:a2:26:f1:bb:f1:3a:72:d7:9f:af:
ad:b7:9c:2b:32:4d:30:dd:33:ad:b4:1f:48:97:5c:
e1:48:f0:ed:aa:ac:fe:e5:8b:e0:47:5a:36:c9:37:
da:05:8c:6e:21:48:d7:d8:0d:6f:31:06:89:34:f3:
35:da:9f:99:4e:43:9f:da:4a:a4:cd:4d:9d:1a:40:
dc:d8:eb:07:c3:0e:87:61:e6:4b:11:ee:aa:2e:27:
0b:ed:6e:78:db:53:fc:03:b1:1f:22:2d:98:33:e8:
cf:54:1d:04:0e:d5:e3:b1:2a:2c:a4:8a:66:22:b4:
77:61:20:e4:db:73:ee:29:bd:8d:8b:9d:04:b8:99:
c7:c2:e9:25:d1:95:8e:d4:45:1b:4e:fa:09:fb:69:
03:a1:02:b1:5b:61:d7:4a:63:92:7a:dc:dd:b2:cc:
05:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:79:3C:84:C5:67:98:F4:9D:6B:11:C5:02:C6:16:25:3C:87:CC:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZHk8hMVnmPSdaxHFAsYWJTyHzLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
62.76.231.0/24
192.124.172.0/23
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.32.0/24
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/23
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.170.0-194.87.172.255
194.87.176.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.6.0/24
212.192.10.0/24
212.192.208.0-212.192.210.255
212.192.222.0/24
212.193.0.0/24
212.193.6.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:77:0e:fc:f5:61:64:9f:ce:12:0d:30:6d:a3:2d:2d:50:e0:
9a:f5:64:41:c4:1e:fa:8a:c2:f6:21:d5:15:72:5a:c1:c8:4b:
47:c3:19:ae:ce:f8:db:da:8a:54:c6:c8:74:fb:21:ad:75:9f:
ef:9c:96:0c:ea:e4:91:08:cd:47:77:82:01:db:1b:eb:dd:b4:
ec:78:60:06:c7:0f:67:b0:e0:dc:71:f5:8a:86:cc:e8:f1:64:
f5:c0:9b:0d:e2:7d:e4:27:41:e7:41:5b:75:a1:66:76:ba:d1:
1f:0c:15:a8:05:5e:65:18:49:df:73:4a:6f:88:f7:69:cf:19:
a7:4a:16:41:8a:b9:5b:11:72:ed:70:d1:44:2d:3d:62:cf:2e:
93:23:72:f6:10:bd:7f:5b:43:f5:d4:e3:62:0c:c1:d6:8e:9a:
c6:7a:fb:17:d3:3f:d4:79:20:a1:c7:9c:5d:4b:72:7f:4f:3a:
69:08:d7:aa:dd:76:77:a1:9d:3d:62:ea:d1:c1:7d:be:3f:e4:
d8:b8:8c:33:52:22:ea:00:03:38:87:8a:c5:5f:a5:7d:95:af:
0f:89:e0:26:be:68:d0:ef:95:ef:b2:cb:99:2d:2b:32:31:9b:
d7:80:6f:c9:1e:53:c8:39:92:64:fd:a7:0b:28:d1:95:3d:ad:
58:28:c0:20
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAYTig1rsOQ+PmgdcXAdYSNcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MTMzOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDc5M2M4NGM1Njc5OGY0OWQ2YjExYzUwMmM2MTYyNTNjODdjY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07torpQOKyRMaXFDQnzRUOwxJah+
H6vUoEbG91oY6VV9Kw40wIMNd5Gk+s4SR0dNLTO0gUh/UtE6V96SSArGPZMWKzUK
x+LEf/dxW/izLCeJuLYmi+aY3FrcU82R0KIm8bvxOnLXn6+tt5wrMk0w3TOttB9I
l1zhSPDtqqz+5YvgR1o2yTfaBYxuIUjX2A1vMQaJNPM12p+ZTkOf2kqkzU2dGkDc
2OsHww6HYeZLEe6qLicL7W5421P8A7EfIi2YM+jPVB0EDtXjsSospIpmIrR3YSDk
23PuKb2Ni50EuJnHwukl0ZWO1EUbTvoJ+2kDoQKxW2HXSmOSetzdsswFCwIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFGR5PITFZ5j0nWsRxQLGFiU8h8y7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWkhrOGhNVm5tUFNkYXhIRkFzWVdKVHlIekxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAXQEAgABMIIB
bAMEAD5M4AMEAD5M5wMEAcB8rAMEAMB8sgMEAsB8tAMEAMB80QMEAMFscAMEAMF8
AwMEAMF8CQMEAMF8EgMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6JgMEAcI6
KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlcgAwQAwlc4AwQA
wldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQAwld7AwQBwleIAwQAwleVAwQB
wlegMAwDBADCV6MDBAHCV6QwDAMEAcJXqgMEAMJXrAMEAMJXsAMEAcJXxgMEAMJX
yjAMAwQAwlfPAwQBwlfQAwQBwlfeAwQAwlfpAwQAwlf6AwQAwoceAwQAwzoyAwQD
wzo4AwQAw4UMAwQAw4UeAwQAw4U3AwQA1MAGAwQA1MAKMAwDBATUwNADBADUwNID
BADUwN4DBADUwQADBADUwQYDBADUwQwDBADUwQ4wDQYJKoZIhvcNAQELBQADggEB
AE53Dvz1YWSfzhINMG2jLS1Q4Jr1ZEHEHvqKwvYh1RVyWsHIS0fDGa7O+NvailTG
yHT7Ia11n++clgzq5JEIzUd3ggHbG+vdtOx4YAbHD2ew4Nxx9YqGzOjxZPXAmw3i
feQnQedBW3WhZna60R8MFagFXmUYSd9zSm+I92nPGadKFkGKuVsRcu1w0UQtPWLP
LpMjcvYQvX9bQ/XU42IMwdaOmsZ6+xfTP9R5IKHHnF1Lcn9POmkI16rddnehnT1i
6tHBfb4/5Ni4jDNSIuoAAziHisVfpX2Vrw+J4Ca+aNDvle+yy5ktKzIxm9eAb8ke
U8g5kmT9pwso0ZU9rVgowCA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org