Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aw1ANvCzCk1IBb_Ov1SLJDqDc9w.roa
File: aw1ANvCzCk1IBb_Ov1SLJDqDc9w.roa (raw, json)
Hash identifier: fjcB9pZjhQfsc8qm7UhMouOZLrCW6jXrDYzPPTkMmLc=
Subject key identifier: 6B:0D:40:36:F0:B3:0A:4D:48:05:BF:CE:BF:54:8B:24:3A:83:73:DC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184422686E4E311FF9E6949C3E213C0FE57
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aw1ANvCzCk1IBb_Ov1SLJDqDc9w.roa
Signing time: Fri 04 Nov 2022 10:18:51 +0000
ROA not before: Fri 04 Nov 2022 10:18:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:26:86:e4:e3:11:ff:9e:69:49:c3:e2:13:c0:fe:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 4 10:18:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b0d4036f0b30a4d4805bfcebf548b243a8373dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5e:25:0b:8a:9c:7b:5f:83:24:d8:ae:2b:98:
15:7b:92:94:1b:4e:7e:e4:9d:3e:6e:b3:89:6a:3d:
9b:3a:d1:3e:a3:5f:47:b6:ba:00:2c:cf:54:27:f0:
23:d9:aa:66:fb:b8:04:36:f4:fe:58:16:22:22:cb:
06:89:ca:6c:cc:1d:f9:37:8e:10:70:58:4e:3e:77:
59:1c:ca:09:1e:0e:39:db:e1:d9:c5:13:63:fb:ba:
cd:2b:ae:65:61:09:4a:27:10:48:70:94:08:de:4b:
65:26:f5:f0:8d:2d:39:e2:26:9e:64:e6:c5:17:ba:
99:a8:72:4a:1c:e9:98:93:29:84:0b:a0:11:e7:82:
eb:ea:59:a2:06:23:0b:48:f8:61:a0:3b:bd:73:59:
b1:12:43:d7:37:ba:5f:02:70:27:57:52:9d:bc:1a:
ce:9c:c5:14:97:00:96:fd:e4:eb:45:3f:e6:f2:25:
f8:c0:b1:59:69:1d:62:34:94:db:23:17:b2:3f:7f:
26:99:dc:81:d9:52:72:a4:20:6f:0a:b2:da:5b:6b:
47:5f:c8:0a:f9:55:6f:21:e3:6f:0b:d9:f2:59:42:
cd:c7:18:9a:4f:34:cf:eb:a5:12:fc:41:84:38:e2:
06:8c:cd:f7:eb:55:12:fa:5d:c8:35:85:e5:4a:61:
b0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:0D:40:36:F0:B3:0A:4D:48:05:BF:CE:BF:54:8B:24:3A:83:73:DC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aw1ANvCzCk1IBb_Ov1SLJDqDc9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.18.0/24
193.124.200.0/23
193.124.203.0/24
194.58.38.0/24
194.58.40.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.1.0/24
194.87.3.0/24
194.87.16.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.118.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.135.30.0/24
195.58.56.0/21
195.133.55.0/24
195.133.76.0/24
212.192.10.0/24
212.193.0.0/24
212.193.2.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a0:41:44:2b:f0:4e:42:1c:4f:07:6e:fd:a2:61:82:77:00:
11:d9:79:5b:c4:2b:f7:84:01:2c:72:81:36:67:70:44:42:2d:
9a:ae:19:5a:58:a0:6d:d0:c4:c9:67:e1:a0:1c:33:2e:37:67:
ea:32:c7:30:df:a6:03:3a:58:a3:10:9f:c9:6d:30:db:c1:0b:
bb:9d:8f:59:d2:07:31:3e:f3:07:dd:84:01:eb:0c:34:0b:df:
77:a9:c0:44:b0:f3:88:68:5d:f7:16:5d:39:25:bc:30:dd:ab:
8c:5e:ca:a5:7d:1d:4a:0a:bc:7e:1d:af:a4:a9:e0:0b:64:2e:
95:bc:e8:dd:48:a6:c4:ad:68:c1:88:d3:61:b5:c7:43:68:3b:
fb:79:e7:19:ba:8e:2d:88:3b:6f:3e:ba:0b:e1:35:9a:09:df:
bd:75:cf:d7:88:00:79:4a:16:c9:63:65:0e:08:d6:dd:39:42:
b4:d9:a8:06:02:a6:0d:6e:a2:b8:dc:7f:c0:9e:e8:d4:d6:a1:
99:db:12:3f:65:cc:75:e1:e3:26:53:0c:03:82:41:a4:16:56:
f4:c7:01:0c:cc:41:da:17:25:54:d8:25:0e:c8:c5:22:44:f7:
67:a7:86:be:83:f9:fc:f8:16:95:81:b5:a6:61:b8:a7:dc:ff:
21:ef:2d:00
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYRCJobk4xH/nmlJw+ITwP5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA0MTAxODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjBkNDAzNmYwYjMwYTRkNDgwNWJmY2ViZjU0OGIyNDNhODM3M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh14lC4qce1+DJNiuK5gVe5KUG05+
5J0+brOJaj2bOtE+o19HtroALM9UJ/Aj2apm+7gENvT+WBYiIssGicpszB35N44Q
cFhOPndZHMoJHg452+HZxRNj+7rNK65lYQlKJxBIcJQI3ktlJvXwjS054iaeZObF
F7qZqHJKHOmYkymEC6AR54Lr6lmiBiMLSPhhoDu9c1mxEkPXN7pfAnAnV1KdvBrO
nMUUlwCW/eTrRT/m8iX4wLFZaR1iNJTbIxeyP38mmdyB2VJypCBvCrLaW2tHX8gK
+VVvIeNvC9nyWULNxxiaTzTP66US/EGEOOIGjM3361US+l3INYXlSmGw8wIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFGsNQDbwswpNSAW/zr9UiyQ6g3PcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYXcxQU52Q3pDazFJQmJfT3YxU0xKRHFEYzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAD5M5wMEAMB8rQMEAsB8tAMEAMB80QMEAMFscAMEAMF8AwMEAMF8EgMEAcF8
yAMEAMF8ywMEAMI6JgMEAMI6KAMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQA
wlcBAwQAwlcDAwQAwlcQAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wld2AwQAwlejMAwDBADCV6UDBADCV6YDBADCV6oDBADCV7MDBADCV8YwDAMEAMJX
zwMEAcJX0AMEAcJX3gMEAMKHHgMEA8M6OAMEAMOFNwMEAMOFTAMEANTACgMEANTB
AAMEANTBAgMEANTBDAMEANTBDzANBgkqhkiG9w0BAQsFAAOCAQEAbKBBRCvwTkIc
Twdu/aJhgncAEdl5W8Qr94QBLHKBNmdwREItmq4ZWligbdDEyWfhoBwzLjdn6jLH
MN+mAzpYoxCfyW0w28ELu52PWdIHMT7zB92EAesMNAvfd6nARLDziGhd9xZdOSW8
MN2rjF7KpX0dSgq8fh2vpKngC2Qulbzo3UimxK1owYjTYbXHQ2g7+3nnGbqOLYg7
bz66C+E1mgnfvXXP14gAeUoWyWNlDgjW3TlCtNmoBgKmDW6iuNx/wJ7o1NahmdsS
P2XMdeHjJlMMA4JBpBZW9McBDMxB2hclVNglDsjFIkT3Z6eGvoP5/PgWlYG1pmG4
p9z/Ie8tAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org