Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dTgUZSSLzFZHomcuXGzNN8sT5u4.roa
File: dTgUZSSLzFZHomcuXGzNN8sT5u4.roa (raw, json)
Hash identifier: wMS5QWPsMl2WnK/O7XDVwRXORe0y7jin+2vi7Q9tjzk=
Subject key identifier: 75:38:14:65:24:8B:CC:56:47:A2:67:2E:5C:6C:CD:37:CB:13:E6:EE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840FE7FC5E57FB05EABAB71555F0D5AE01
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dTgUZSSLzFZHomcuXGzNN8sT5u4.roa
Signing time: Tue 25 Oct 2022 16:09:32 +0000
ROA not before: Tue 25 Oct 2022 16:09:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 62.76.231.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:e7:fc:5e:57:fb:05:ea:ba:b7:15:55:f0:d5:ae:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 16:09:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75381465248bcc5647a2672e5c6ccd37cb13e6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f7:ea:2f:1f:a5:33:09:c5:76:54:2b:81:9a:
7e:30:ec:1f:88:39:18:c4:47:fe:ed:d7:78:fe:c8:
84:71:22:4b:2e:ac:08:d2:34:a7:71:fb:63:1a:94:
a7:8a:2c:fc:45:dd:cf:6c:37:64:96:c9:1c:7b:58:
ab:88:25:50:8b:bb:d1:fd:59:92:0c:b4:93:60:2f:
c6:89:63:48:7d:19:d8:74:bc:51:b3:f3:e6:03:2e:
73:a0:09:75:4a:0e:29:45:6a:ea:20:66:bc:b3:e1:
d6:55:3c:dd:bb:d4:30:e2:9e:65:1c:0b:1f:fc:e9:
be:84:9e:c7:97:61:a3:88:84:ac:0a:f3:d7:77:a3:
14:04:04:e6:b4:79:a3:69:f0:b9:48:32:14:50:2a:
87:9a:e5:e1:92:84:a5:0e:bb:1c:0a:0e:28:d0:33:
55:7f:d3:7c:73:ee:a9:86:d7:df:2b:b6:d9:78:18:
78:82:79:27:91:d1:22:3c:70:a3:fe:e4:8c:b9:c6:
b8:9e:5f:91:78:4b:ee:df:23:c5:9d:91:c0:34:b6:
c4:e6:ba:12:6b:e8:43:0f:d4:b7:ae:ff:c4:d7:a0:
8d:b7:11:d4:ce:c7:95:40:cf:96:46:34:33:76:7a:
fa:d1:1a:a3:a5:6a:bf:83:ec:36:49:c9:a0:63:20:
49:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:38:14:65:24:8B:CC:56:47:A2:67:2E:5C:6C:CD:37:CB:13:E6:EE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dTgUZSSLzFZHomcuXGzNN8sT5u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
193.124.205.0/24
194.87.22.0/24
194.87.26.0/24
194.135.18.0/24
195.133.12.0/24
195.133.15.0/24
212.192.208.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:bb:4b:a5:93:01:18:90:71:10:59:de:46:68:f3:20:8c:bf:
38:95:31:0e:65:af:a0:00:3b:2f:0c:77:bc:a4:2c:b4:17:cb:
90:9f:1f:cc:a2:53:23:3f:75:db:b9:dd:f5:fc:f8:52:af:25:
46:66:68:9c:21:76:d4:ea:2f:6d:02:1b:7f:07:f9:a5:58:df:
b1:b3:b3:ee:3b:b8:cd:8e:cf:e6:ee:11:b5:14:21:1f:b9:8e:
2d:69:5f:40:e8:8d:a8:39:be:dc:2f:ff:c5:1d:e8:f8:16:bd:
b0:0f:e9:47:c3:3d:05:19:27:54:d7:8a:00:95:ae:cd:60:d9:
fb:71:a8:5f:33:d8:d8:c0:78:b7:cb:59:f1:d6:b1:21:38:3a:
ac:93:d0:a5:82:c3:51:11:8a:9c:b2:46:38:32:1e:a4:1a:22:
3e:46:2b:45:c1:2c:7d:ce:dc:dc:0a:d4:99:30:8b:63:33:0a:
11:34:25:9d:ce:3f:b2:05:00:eb:d9:97:b4:76:2b:d7:71:c9:
b1:a0:47:e4:e9:50:8e:82:f5:eb:09:07:0f:35:91:e2:62:c3:
23:1b:b1:f0:a2:9c:60:fc:bb:5e:01:a2:5a:8c:68:68:56:9d:
23:ec:7f:75:1d:c6:7d:f5:18:b4:1e:39:db:ed:65:d8:31:bf:
bd:7d:9e:d0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYQP5/xeV/sF6rq3FVXw1a4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MTYwOTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM4MTQ2NTI0OGJjYzU2NDdhMjY3MmU1YzZjY2QzN2NiMTNlNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvfqLx+lMwnFdlQrgZp+MOwfiDkY
xEf+7dd4/siEcSJLLqwI0jSncftjGpSniiz8Rd3PbDdklskce1iriCVQi7vR/VmS
DLSTYC/GiWNIfRnYdLxRs/PmAy5zoAl1Sg4pRWrqIGa8s+HWVTzdu9Qw4p5lHAsf
/Om+hJ7Hl2GjiISsCvPXd6MUBATmtHmjafC5SDIUUCqHmuXhkoSlDrscCg4o0DNV
f9N8c+6phtffK7bZeBh4gnknkdEiPHCj/uSMuca4nl+ReEvu3yPFnZHANLbE5roS
a+hDD9S3rv/E16CNtxHUzseVQM+WRjQzdnr60RqjpWq/g+w2ScmgYyBJjQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHU4FGUki8xWR6JnLlxszTfLE+buMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZFRnVVpTU0x6RlpIb21jdVhHek5OOHNUNXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAPkznAwQA
wHysAwQAwXzNAwQAwlcWAwQAwlcaAwQAwocSAwQAw4UMAwQAw4UPAwQA1MDQAwQA
1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQBuu0ulkwEYkHEQWd5GaPMgjL84lTEOZa+g
ADsvDHe8pCy0F8uQnx/MolMjP3Xbud31/PhSryVGZmicIXbU6i9tAht/B/mlWN+x
s7PuO7jNjs/m7hG1FCEfuY4taV9A6I2oOb7cL//FHej4Fr2wD+lHwz0FGSdU14oA
la7NYNn7cahfM9jYwHi3y1nx1rEhODqsk9ClgsNREYqcskY4Mh6kGiI+RitFwSx9
ztzcCtSZMItjMwoRNCWdzj+yBQDr2Ze0divXccmxoEfk6VCOgvXrCQcPNZHiYsMj
G7Hwopxg/LteAaJajGhoVp0j7H91HcZ99Ri0Hjnb7WXYMb+9fZ7Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org