Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eRT2RMU0SC1y5osbXc5H89qUDVs.roa
File: eRT2RMU0SC1y5osbXc5H89qUDVs.roa (raw, json)
Hash identifier: H5XgU+Fcajqo34PTxLokmYO+KUlz0m7vOjIdE97JGtQ=
Subject key identifier: 79:14:F6:44:C5:34:48:2D:72:E6:8B:1B:5D:CE:47:F3:DA:94:0D:5B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01850FD064309CF775509952218377D22608
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eRT2RMU0SC1y5osbXc5H89qUDVs.roa
Signing time: Wed 14 Dec 2022 08:46:33 +0000
ROA not before: Wed 14 Dec 2022 08:46:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:d0:64:30:9c:f7:75:50:99:52:21:83:77:d2:26:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 14 08:46:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7914f644c534482d72e68b1b5dce47f3da940d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:70:eb:ec:aa:f8:22:9c:65:dd:66:ab:1f:29:
c6:61:03:68:3c:cc:f8:e4:db:c8:b5:a1:27:2d:d8:
4c:ee:7d:8d:11:ee:17:59:ad:d4:fd:56:c4:7a:79:
29:0d:23:0d:34:26:fa:c1:f9:84:48:1c:59:9c:50:
ef:92:ed:6a:32:4a:12:b6:15:94:88:b4:14:e2:04:
bf:8e:18:21:01:27:51:5d:63:65:e7:ad:19:bf:10:
fc:5e:c6:c2:55:93:66:11:04:3d:a2:81:83:da:86:
b5:73:aa:b4:d7:c5:e6:49:c9:25:81:b3:b1:c4:9b:
c7:06:07:f3:cc:33:63:66:ee:23:f8:53:b7:a9:85:
c1:82:21:68:8b:7e:2c:d6:bd:0b:45:f6:72:72:f2:
c9:ee:39:06:71:07:49:59:45:96:0c:88:79:94:52:
12:65:c9:9a:c9:09:4f:c2:fc:18:da:54:d8:b1:01:
77:8b:6d:6d:cd:74:86:4c:13:63:c2:c4:17:04:22:
88:5f:f1:94:0d:58:e8:38:cd:05:9b:5c:f6:cc:2f:
48:e6:26:1a:fb:36:02:4d:fe:ff:a2:e3:8d:0c:56:
59:71:cb:46:2d:1b:28:16:f3:77:34:8c:14:3c:3b:
8a:a2:c8:b6:b0:86:71:01:fc:7e:46:7f:c0:2e:3e:
e9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:14:F6:44:C5:34:48:2D:72:E6:8B:1B:5D:CE:47:F3:DA:94:0D:5B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eRT2RMU0SC1y5osbXc5H89qUDVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.2.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
195.133.195.0/24
212.192.10.0/24
212.192.210.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
24:38:a4:0a:3d:55:45:6c:de:48:f2:8b:63:be:1d:e7:99:45:
1d:b8:7d:18:a6:34:dd:9a:5c:50:1f:4b:68:f3:b9:ff:c0:ff:
21:e9:ca:ae:1b:8b:a2:05:d3:66:04:5f:bb:23:7f:a0:a2:15:
75:a5:87:c4:34:1d:50:aa:ed:03:08:8f:69:d3:21:e5:3f:c2:
ef:8e:05:ff:fa:70:11:bc:1f:3f:bc:49:68:45:90:7c:08:81:
88:fd:60:83:93:3d:c1:52:28:08:4a:a4:15:0b:79:9d:4b:57:
82:62:3f:48:0b:cb:18:d4:2a:79:4b:39:2a:78:c9:c5:5e:fa:
0b:e1:5b:84:aa:4c:4c:7c:29:13:00:6b:8d:49:e1:98:ca:1f:
1d:39:91:a1:d4:da:7d:73:4f:bd:47:23:57:0e:87:5d:ed:30:
29:60:32:90:44:a5:c3:38:06:a3:72:3a:fc:01:7a:34:f6:8c:
41:ed:0c:08:68:0a:92:2b:02:8b:70:ae:5f:4b:bd:4a:5a:2b:
5f:4e:20:08:d3:6d:a6:46:31:37:7a:20:3a:0f:54:82:30:33:
02:43:37:39:5b:03:76:66:c4:38:b3:7f:ac:ec:0b:49:c7:3f:
5e:6c:e0:d5:98:29:33:2d:fd:2c:f9:78:89:f9:38:27:64:cd:
8b:21:7c:c2
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAYUP0GQwnPd1UJlSIYN30iYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE0MDg0NjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTE0ZjY0NGM1MzQ0ODJkNzJlNjhiMWI1ZGNlNDdmM2RhOTQwZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43Dr7Kr4Ipxl3WarHynGYQNoPMz4
5NvItaEnLdhM7n2NEe4XWa3U/VbEenkpDSMNNCb6wfmESBxZnFDvku1qMkoSthWU
iLQU4gS/jhghASdRXWNl560ZvxD8XsbCVZNmEQQ9ooGD2oa1c6q018XmScklgbOx
xJvHBgfzzDNjZu4j+FO3qYXBgiFoi34s1r0LRfZycvLJ7jkGcQdJWUWWDIh5lFIS
ZcmayQlPwvwY2lTYsQF3i21tzXSGTBNjwsQXBCKIX/GUDVjoOM0Fm1z2zC9I5iYa
+zYCTf7/ouONDFZZcctGLRsoFvN3NIwUPDuKosi2sIZxAfx+Rn/ALj7pOwIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFHkU9kTFNEgtcuaLG13OR/PalA1bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZVJUMlJNVTBTQzF5NW9zYlhjNUg4OXFVRFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8CQMEAMF8EgMEAMF8
yQMEAMF8ywMEAMF8zwMEAMI6JgMEAcI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQA
wlcCAwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQA
wld2AwQAwld7AwQAwleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6QwDAMEAMJX
qwMEAMJXrAMEAMJXsAMEAcJXxgMEAMJXyjAMAwQAwlfPAwQBwlfQAwQBwlfeAwQA
wlfpAwQAwlf6AwQAwoceAwQAwzoyAwQDwzo4AwQAw4UMAwQAw4UeAwQAw4U3AwQA
w4XDAwQA1MAKAwQA1MDSAwQA1MDeAwQA1MEAAwQA1MEMMA0GCSqGSIb3DQEBCwUA
A4IBAQAkOKQKPVVFbN5I8otjvh3nmUUduH0YpjTdmlxQH0to87n/wP8h6cquG4ui
BdNmBF+7I3+gohV1pYfENB1Qqu0DCI9p0yHlP8LvjgX/+nARvB8/vEloRZB8CIGI
/WCDkz3BUigISqQVC3mdS1eCYj9IC8sY1Cp5SzkqeMnFXvoL4VuEqkxMfCkTAGuN
SeGYyh8dOZGh1Np9c0+9RyNXDodd7TApYDKQRKXDOAajcjr8AXo09oxB7QwIaAqS
KwKLcK5fS71KWitfTiAI022mRjE3eiA6D1SCMDMCQzc5WwN2ZsQ4s3+s7AtJxz9e
bODVmCkzLf0s+XiJ+TgnZM2LIXzC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:08 2023 by rpki-client on console-fra.rpki-client.org