Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zy7NCMEXgOLpMVFkDGMPhgGOzzw.roa
File: Zy7NCMEXgOLpMVFkDGMPhgGOzzw.roa (raw, json)
Hash identifier: l35hPYy4gmc0ijy4tR34KvCd+OnnunK98CefYwWie6U=
Subject key identifier: 67:2E:CD:08:C1:17:80:E2:E9:31:51:64:0C:63:0F:86:01:8E:CF:3C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185292F2AA9C384A33DA40E615B0F6EF32F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zy7NCMEXgOLpMVFkDGMPhgGOzzw.roa
Signing time: Mon 19 Dec 2022 07:00:34 +0000
ROA not before: Mon 19 Dec 2022 07:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:2f:2a:a9:c3:84:a3:3d:a4:0e:61:5b:0f:6e:f3:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 07:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=672ecd08c11780e2e93151640c630f86018ecf3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:90:33:fc:84:1a:87:bc:e7:f5:b7:f9:f3:72:
fb:97:af:94:67:d8:df:7c:eb:0c:c9:26:5a:9b:5e:
fc:e1:0b:40:8f:79:93:a5:7a:3a:91:5a:20:1d:04:
6c:e1:ac:15:ca:8d:6c:aa:aa:bb:f9:27:98:38:98:
77:cd:d2:bd:6c:cb:5c:44:6e:7e:5c:b4:08:d0:07:
7a:53:c1:f0:de:4b:0a:87:15:9f:1a:26:8a:be:bb:
f1:9f:c7:ca:68:21:1d:88:00:b1:38:86:ec:71:46:
01:26:0f:dd:1f:7b:a6:4f:93:a7:6c:ac:f2:02:58:
b7:62:84:70:e2:8f:55:12:0e:68:c0:8e:59:53:50:
79:a6:ad:f0:f2:d1:54:be:2a:53:39:e4:e7:91:28:
d2:11:47:16:66:d2:5a:5c:3f:b8:72:e1:aa:51:c6:
d3:df:dd:37:7f:50:b8:00:a4:8f:07:27:6b:4e:30:
e4:1a:93:c5:53:19:65:08:c6:67:48:c3:2f:82:8b:
51:bd:76:22:9f:79:03:db:1c:97:fa:62:66:77:10:
61:7a:d2:61:29:0f:69:8f:5e:af:b9:88:dd:97:2f:
09:17:36:6f:d9:2e:29:96:f5:ab:1e:74:21:02:cc:
ae:02:5f:53:bf:e0:fa:0b:4d:32:7d:20:61:c6:57:
ce:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2E:CD:08:C1:17:80:E2:E9:31:51:64:0C:63:0F:86:01:8E:CF:3C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zy7NCMEXgOLpMVFkDGMPhgGOzzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.15.0/24
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
04:65:42:0a:ba:3b:cb:4e:35:5f:96:44:c8:ab:77:79:29:0e:
85:f0:da:c7:ae:14:ae:e6:2e:42:61:4d:f1:27:d7:59:ef:5f:
1a:2a:28:10:29:5c:bd:2e:d4:e1:d3:4d:ef:07:0f:f0:78:c0:
61:8e:7e:bd:34:73:d7:8d:10:e8:1b:3e:5c:97:5c:0b:e5:56:
39:13:1f:3c:95:02:99:41:03:88:84:9e:00:3b:66:8c:71:0a:
2e:73:21:e3:77:06:9b:ef:f9:c1:49:ca:57:19:2e:d4:f4:5c:
9c:03:07:66:d1:7a:70:1b:08:40:58:bd:1b:21:63:5c:b7:cc:
a8:98:18:3d:6c:15:a2:a0:01:84:27:11:8d:40:86:e7:58:7c:
7e:85:dc:ab:89:f1:21:fa:c0:45:33:88:9f:b8:e7:63:8f:58:
bb:35:50:e3:3c:47:e8:fe:94:35:0c:79:96:74:67:61:85:7c:
9c:d1:86:35:52:76:99:23:bd:3e:b4:c7:a5:3a:72:44:8d:7c:
29:38:23:51:31:3e:a4:f3:5c:d1:54:25:57:f8:c5:f2:21:48:
97:97:c2:6d:1b:52:f0:b0:ef:be:a2:a2:c7:e8:7e:b4:78:ce:
3e:b4:17:d1:35:97:89:8a:64:70:dd:8e:d7:d5:40:1e:64:4d:
8e:17:99:01
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAYUpLyqpw4SjPaQOYVsPbvMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE5MDcwMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzJlY2QwOGMxMTc4MGUyZTkzMTUxNjQwYzYzMGY4NjAxOGVjZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpAz/IQah7zn9bf583L7l6+UZ9jf
fOsMySZam1784QtAj3mTpXo6kVogHQRs4awVyo1sqqq7+SeYOJh3zdK9bMtcRG5+
XLQI0Ad6U8Hw3ksKhxWfGiaKvrvxn8fKaCEdiACxOIbscUYBJg/dH3umT5OnbKzy
Ali3YoRw4o9VEg5owI5ZU1B5pq3w8tFUvipTOeTnkSjSEUcWZtJaXD+4cuGqUcbT
3903f1C4AKSPBydrTjDkGpPFUxllCMZnSMMvgotRvXYin3kD2xyX+mJmdxBhetJh
KQ9pj16vuYjdly8JFzZv2S4plvWrHnQhAsyuAl9Tv+D6C00yfSBhxlfOzwIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFGcuzQjBF4Di6TFRZAxjD4YBjs88MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWnk3TkNNRVhnT0xwTVZGa0RHTVBoZ0dPenp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCCAToEAgABMIIB
MgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8CQMEAMF8EgMEAMF8
yQMEAMF8ywMEAMF8zwMEAMI6JgMEAcI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQA
wlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQA
wld7AwQAwleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6QwDAMEAMJXqwMEAMJX
rAMEAMJXsAMEAMJXtgMEAcJXxgMEAMJXygMEAcJX0AMEAcJX3gMEAMJX6QMEAMKH
HgMEAMM6MgMEA8M6OAMEAMOFDAMEAMOFDwMEAMOFNwMEAMOFwwMEAdTAAAMEANTA
CgMEANTA3gMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsFAAOCAQEABGVCCro7y041
X5ZEyKt3eSkOhfDax64UruYuQmFN8SfXWe9fGiooEClcvS7U4dNN7wcP8HjAYY5+
vTRz140Q6Bs+XJdcC+VWORMfPJUCmUEDiISeADtmjHEKLnMh43cGm+/5wUnKVxku
1PRcnAMHZtF6cBsIQFi9GyFjXLfMqJgYPWwVoqABhCcRjUCG51h8foXcq4nxIfrA
RTOIn7jnY49YuzVQ4zxH6P6UNQx5lnRnYYV8nNGGNVJ2mSO9PrTHpTpyRI18KTgj
UTE+pPNc0VQlV/jF8iFIl5fCbRtS8LDvvqKix+h+tHjOPrQX0TWXiYpkcN2O19VA
HmRNjheZAQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:06 2023 by rpki-client on console-fra.rpki-client.org