Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_Mbd5L8bAq_zJePLkFKkrA_0jic.roa
File: _Mbd5L8bAq_zJePLkFKkrA_0jic.roa (raw, json)
Hash identifier: puSr3Kl2kOn/3/HupvmYeBJNvgxMZzP5wOoftagSJ3A=
Subject key identifier: FC:C6:DD:E4:BF:1B:02:AF:F3:25:E3:CB:90:52:A4:AC:0F:F4:8E:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C0E5FF5AE6DCB1E34B2C917777535232
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_Mbd5L8bAq_zJePLkFKkrA_0jic.roa
Signing time: Mon 10 Oct 2022 07:57:21 +0000
ROA not before: Mon 10 Oct 2022 07:57:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.200.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c0:e5:ff:5a:e6:dc:b1:e3:4b:2c:91:77:77:53:52:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 10 07:57:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcc6dde4bf1b02aff325e3cb9052a4ac0ff48e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ed:40:b1:5d:ff:f7:5c:10:e7:14:85:a0:3e:
29:2a:00:fd:d2:68:5a:56:0f:78:ba:00:35:bf:77:
71:2a:63:39:9d:d3:5d:dc:24:05:97:77:4c:a7:a9:
1f:60:5d:3c:0f:5a:53:6a:1b:ca:1b:a4:e2:6a:4e:
4a:19:6a:d5:8c:c9:ea:f7:c0:ca:47:62:92:de:af:
0e:fe:2a:c5:ae:a6:a2:5d:1c:61:9c:be:34:f5:f4:
9f:54:10:74:e6:a0:68:4f:73:bf:b2:a8:a2:b4:b4:
1d:d0:fc:23:0c:a0:62:d6:fd:1d:2b:ab:00:d0:3d:
b5:21:78:b4:09:0e:af:e4:0c:27:f8:07:c5:f4:94:
16:9c:12:b8:14:a7:0f:f8:6f:56:f5:89:92:02:7a:
aa:ac:1c:2c:20:78:67:a8:16:82:35:cd:7c:21:29:
8c:cd:58:e0:4b:7f:ca:2c:11:d2:44:b2:b2:0f:82:
a6:49:42:0c:5d:cf:5e:6a:7a:87:50:c1:e3:95:6a:
ab:24:dc:cf:da:b9:46:03:21:e7:6d:e3:0b:48:d6:
a9:ed:59:9d:fb:51:ca:16:6b:8c:2d:c2:b3:8d:90:
f6:d4:70:ac:8e:c1:c7:f1:ce:8b:ba:73:7e:1e:ea:
a1:a6:a2:07:32:2c:ef:2e:ea:86:0e:f2:61:51:4f:
9c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C6:DD:E4:BF:1B:02:AF:F3:25:E3:CB:90:52:A4:AC:0F:F4:8E:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_Mbd5L8bAq_zJePLkFKkrA_0jic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
193.124.91.0/24
193.124.205.0/24
193.124.207.0/24
194.87.73.0/24
194.87.130.0/24
194.87.168.0/24
194.87.200.0/24
195.58.35.0/24
195.58.50.0/24
195.133.0.0/24
195.133.31.0/24
195.133.86.0/24
212.192.9.0/24
212.192.31.0/24
212.193.1.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:55:af:8e:fd:31:81:12:47:19:38:4a:7c:e4:ee:a5:bd:5c:
2e:fb:02:08:e4:c0:dc:03:75:31:72:38:0f:db:d3:a1:c6:66:
bf:5b:2b:e3:b9:b4:0e:a6:a6:5f:1d:b0:9c:8e:62:46:35:e7:
69:b5:34:e0:bf:7b:78:aa:40:11:b4:38:d5:99:fa:c6:f5:12:
5e:4c:57:28:72:41:57:a6:bf:d1:a0:48:29:c1:d9:5a:d0:ba:
8c:99:fa:1e:3e:2f:8b:45:02:90:37:99:dc:f6:ac:54:bb:13:
ca:f1:6c:70:ba:7e:f1:bb:b9:dc:a7:b6:29:71:be:f9:d1:f4:
f9:83:7d:66:ca:e3:13:80:91:e4:e4:70:0e:ed:36:db:02:ec:
ab:e6:64:34:c8:5c:e7:83:42:fb:ad:1f:2e:a1:db:b5:74:31:
8d:f9:fe:e5:e7:b7:b3:22:20:1f:79:11:64:39:d0:39:aa:5b:
a0:ad:df:7a:c1:f3:8f:cf:a3:77:bf:7a:f1:42:cf:c8:5c:84:
66:db:e5:db:96:23:e8:6f:86:50:51:71:e8:ca:3e:41:31:84:
d5:8b:67:c1:0f:2e:4a:44:c7:0f:d2:6b:1d:cb:58:f9:c3:b6:
75:bc:d6:0c:e2:2a:c3:31:05:3e:de:9f:c3:74:a8:a9:9a:31:
02:0c:cd:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYPA5f9a5tyx40sskXd3U1IyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDEwMDc1NzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2M2ZGRlNGJmMWIwMmFmZjMyNWUzY2I5MDUyYTRhYzBmZjQ4ZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke1AsV3/91wQ5xSFoD4pKgD90mha
Vg94ugA1v3dxKmM5ndNd3CQFl3dMp6kfYF08D1pTahvKG6Tiak5KGWrVjMnq98DK
R2KS3q8O/irFrqaiXRxhnL409fSfVBB05qBoT3O/sqiitLQd0PwjDKBi1v0dK6sA
0D21IXi0CQ6v5Awn+AfF9JQWnBK4FKcP+G9W9YmSAnqqrBwsIHhnqBaCNc18ISmM
zVjgS3/KLBHSRLKyD4KmSUIMXc9eanqHUMHjlWqrJNzP2rlGAyHnbeMLSNap7Vmd
+1HKFmuMLcKzjZD21HCsjsHH8c6LunN+HuqhpqIHMizvLuqGDvJhUU+cbQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFPzG3eS/GwKv8yXjy5BSpKwP9I4nMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX01iZDVMOGJBcV96SmVQTGtGS2tyQV8wamljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAPkziAwQA
wXxbAwQAwXzNAwQAwXzPAwQAwldJAwQAwleCAwQAwleoAwQAwlfIAwQAwzojAwQA
wzoyAwQAw4UAAwQAw4UfAwQAw4VWAwQA1MAJAwQA1MAfAwQA1MEBAwQA1MEDMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Va+O/TGBEkcZOEp85O6lvVwu+wII5MDcA3UxcjgP
29Ohxma/WyvjubQOpqZfHbCcjmJGNedptTTgv3t4qkARtDjVmfrG9RJeTFcockFX
pr/RoEgpwdla0LqMmfoePi+LRQKQN5nc9qxUuxPK8Wxwun7xu7ncp7Ypcb750fT5
g31myuMTgJHk5HAO7TbbAuyr5mQ0yFzng0L7rR8uodu1dDGN+f7l57ezIiAfeRFk
OdA5qlugrd96wfOPz6N3v3rxQs/IXIRm2+XbliPob4ZQUXHoyj5BMYTVi2fBDy5K
RMcP0msdy1j5w7Z1vNYM4irDMQU+3p/DdKipmjECDM2m
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:06 2023 by rpki-client on console-fra.rpki-client.org