Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b4328MGgl7YylXOwsUKYNQWzxL8.roa
File: b4328MGgl7YylXOwsUKYNQWzxL8.roa (raw, json)
Hash identifier: nK908b7yV1zet8zO7ClzpT9NULx8AUZmEqMv7xhA7Dg=
Subject key identifier: 6F:8D:F6:F0:C1:A0:97:B6:32:95:73:B0:B1:42:98:35:05:B3:C4:BF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185298E63CA807D671145C519AD837263C4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b4328MGgl7YylXOwsUKYNQWzxL8.roa
Signing time: Mon 19 Dec 2022 08:44:35 +0000
ROA not before: Mon 19 Dec 2022 08:44:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:8e:63:ca:80:7d:67:11:45:c5:19:ad:83:72:63:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 08:44:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f8df6f0c1a097b6329573b0b142983505b3c4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b6:b5:ee:85:d7:ac:0c:63:e0:a2:d6:21:7c:
54:b6:5e:c7:dc:ab:9a:8f:4e:d2:e0:8c:27:14:98:
c3:ef:f2:64:fe:d6:e0:3b:4d:a3:d5:d0:c3:03:e9:
d9:6a:49:08:34:e8:dd:0b:5e:6e:b8:6f:3e:4a:b0:
6b:eb:48:d6:10:03:36:30:ed:44:ed:e4:43:18:0d:
52:dd:df:d6:55:31:03:55:11:03:50:9c:75:7c:53:
cd:ac:97:63:b9:ec:33:d3:0a:ce:5e:84:ee:33:37:
ae:9a:97:4f:dd:30:86:92:c7:15:12:fd:53:f8:42:
39:dd:08:b5:2f:cd:ea:ba:77:dd:b7:a0:a5:50:ce:
35:f0:e2:89:ec:ed:bd:a7:d9:70:d2:29:b5:21:7f:
e1:7e:66:f7:e8:35:5d:d1:18:7e:c1:d9:27:4c:9e:
ba:60:42:60:ab:c2:ca:45:e1:08:47:04:1b:d0:6e:
55:8e:a8:14:ca:f6:2d:34:83:fd:9b:75:05:23:32:
f6:e5:95:37:55:1f:29:e8:27:ae:dd:1a:ed:f6:3c:
4b:fa:71:44:2f:e3:85:09:0f:59:52:53:9a:cb:28:
d4:1e:e3:c9:1c:6e:2b:e4:63:da:4a:8d:02:88:9c:
a8:c5:d9:c8:5c:ac:ce:54:50:4f:8d:fa:dd:bc:fe:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8D:F6:F0:C1:A0:97:B6:32:95:73:B0:B1:42:98:35:05:B3:C4:BF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b4328MGgl7YylXOwsUKYNQWzxL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.15.0/24
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
03:dc:54:d0:70:53:85:aa:e8:a9:0b:94:51:5e:bf:ba:e9:77:
6c:85:cd:6a:7a:28:80:d0:a4:dc:a1:fc:b0:ea:c8:aa:70:a4:
5f:a7:6c:4a:f9:7b:83:02:06:c9:e3:b0:e6:eb:91:66:61:42:
e5:08:86:e6:2c:8c:19:df:85:0d:2e:0c:d2:b2:53:aa:73:74:
9e:44:a8:e9:fb:1d:58:68:7e:88:00:96:9f:3a:0f:36:c8:83:
04:b4:08:69:16:9d:c1:9e:6f:36:3f:d8:95:15:13:47:7c:3b:
13:df:17:f4:51:fc:3a:d3:46:ce:2a:a3:f4:94:8c:24:63:66:
80:9a:f8:1e:49:ad:d5:28:14:07:9d:f0:96:45:a5:51:9c:62:
f8:a1:b0:8c:9e:96:dc:d8:85:5e:f6:c5:f3:a5:17:c3:df:18:
8e:40:80:f4:8b:51:7f:f4:7e:06:59:c4:8d:68:71:a8:63:96:
4b:54:97:0b:69:d9:b4:08:53:d8:79:89:e1:f4:b4:b6:c8:95:
eb:08:3e:9b:83:12:c0:98:81:8e:b7:23:b9:59:24:d6:d6:36:
22:90:8c:72:24:d6:29:6b:2a:27:58:98:23:59:0f:50:13:d7:
1c:c2:a0:fa:c8:1f:af:31:9c:63:99:03:25:60:dd:09:b0:09:
64:32:60:32
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgISAYUpjmPKgH1nEUXFGa2DcmPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE5MDg0NDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhkZjZmMGMxYTA5N2I2MzI5NTczYjBiMTQyOTgzNTA1YjNjNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLa17oXXrAxj4KLWIXxUtl7H3Kua
j07S4IwnFJjD7/Jk/tbgO02j1dDDA+nZakkINOjdC15uuG8+SrBr60jWEAM2MO1E
7eRDGA1S3d/WVTEDVREDUJx1fFPNrJdjuewz0wrOXoTuMzeumpdP3TCGkscVEv1T
+EI53Qi1L83qunfdt6ClUM418OKJ7O29p9lw0im1IX/hfmb36DVd0Rh+wdknTJ66
YEJgq8LKReEIRwQb0G5VjqgUyvYtNIP9m3UFIzL25ZU3VR8p6Ceu3Rrt9jxL+nFE
L+OFCQ9ZUlOayyjUHuPJHG4r5GPaSo0CiJyoxdnIXKzOVFBPjfrdvP7zAQIDAQAB
o4IDRTCCA0EwHQYDVR0OBBYEFG+N9vDBoJe2MpVzsLFCmDUFs8S/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYjQzMjhNR2dsN1l5bFhPd3NVS1lOUVd6eEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWQYIKwYBBQUHAQcBAf8EggFIMIIBRDCCAUAEAgABMIIB
OAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8CQMEAMF8EgMEAMF8
hQMEAMF8yQMEAMF8ywMEAMF8zwMEAMI6JgMEAcI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQA
wld2AwQAwld7AwQAwleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6QwDAMEAMJX
qwMEAMJXrAMEAMJXsAMEAMJXtgMEAcJXxgMEAMJXygMEAcJX0AMEAcJX3gMEAMJX
6QMEAMKHHgMEAMM6MgMEA8M6OAMEAMOFDAMEAMOFDwMEAMOFNwMEAMOFwwMEAdTA
AAMEANTACgMEANTA3gMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsFAAOCAQEAA9xU
0HBTharoqQuUUV6/uul3bIXNanoogNCk3KH8sOrIqnCkX6dsSvl7gwIGyeOw5uuR
ZmFC5QiG5iyMGd+FDS4M0rJTqnN0nkSo6fsdWGh+iACWnzoPNsiDBLQIaRadwZ5v
Nj/YlRUTR3w7E98X9FH8OtNGziqj9JSMJGNmgJr4Hkmt1SgUB53wlkWlUZxi+KGw
jJ6W3NiFXvbF86UXw98YjkCA9ItRf/R+BlnEjWhxqGOWS1SXC2nZtAhT2HmJ4fS0
tsiV6wg+m4MSwJiBjrcjuVkk1tY2IpCMciTWKWsqJ1iYI1kPUBPXHMKg+sgfrzGc
Y5kDJWDdCbAJZDJgMg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org