Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ejhZ12c0AA750XvhX9kGZKEyQT0.roa
File: ejhZ12c0AA750XvhX9kGZKEyQT0.roa (raw, json)
Hash identifier: QuI+XPGV8G9zn6HhMLxOgFhor1a3fjOIX7DQbjJ8R/M=
Subject key identifier: 7A:38:59:D7:67:34:00:0E:F9:D1:7B:E1:5F:D9:06:64:A1:32:41:3D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852F9EBA6861A0FB8FEBD04072DCD27726
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ejhZ12c0AA750XvhX9kGZKEyQT0.roa
Signing time: Tue 20 Dec 2022 13:00:09 +0000
ROA not before: Tue 20 Dec 2022 13:00:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.133.39.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:9e:ba:68:61:a0:fb:8f:eb:d0:40:72:dc:d2:77:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 13:00:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a3859d76734000ef9d17be15fd90664a132413d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:96:95:af:d8:82:59:54:70:ab:fc:5c:ce:69:
8c:fd:b8:2a:a3:57:9f:04:1c:35:9f:d1:17:f4:c4:
fe:ff:eb:ce:4f:3c:c1:a7:00:0a:b1:2e:74:69:ea:
32:d5:4c:0c:bb:5c:80:e1:9d:59:b7:8a:d0:07:3d:
ba:20:82:6b:b5:01:96:88:21:13:33:ab:3b:84:00:
89:d2:56:fc:93:ad:00:cb:f7:6a:fa:3d:9f:43:b6:
14:86:c9:62:c2:44:b2:b9:01:94:e3:32:ee:a9:8d:
65:56:8c:97:63:94:57:47:85:49:eb:cd:8f:8d:a9:
34:6d:6b:83:1e:7e:80:c5:85:97:ac:bd:be:e2:76:
01:90:43:ec:ef:3b:42:2c:95:95:78:22:2a:eb:e0:
8e:5b:94:50:0a:7c:7b:a4:07:33:9f:da:f5:1f:c7:
02:b6:f3:73:2f:1d:d0:ac:f2:31:03:63:56:5b:5c:
03:ca:7c:13:68:7f:85:ef:08:09:70:79:82:c9:8f:
c6:ef:bf:c6:37:5b:b5:ff:33:d6:73:b3:34:c2:b8:
24:cf:be:7e:77:82:08:d0:69:7f:7f:a9:be:5c:c0:
a0:2d:d5:cc:57:d3:c6:e0:91:75:a6:fe:c2:79:2a:
e9:19:a3:10:ac:9b:c2:a0:b8:97:2e:4b:ae:aa:5d:
9b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:38:59:D7:67:34:00:0E:F9:D1:7B:E1:5F:D9:06:64:A1:32:41:3D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ejhZ12c0AA750XvhX9kGZKEyQT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
192.124.188.0/24
193.124.41.0/24
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.187.0/24
195.58.59.0/24
195.133.13.0-195.133.14.255
195.133.31.0/24
195.133.37.0/24
195.133.39.0-195.133.43.255
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:0b:02:07:37:38:2a:82:21:52:ef:fc:09:da:3c:0c:b0:6c:
49:63:ff:55:ae:02:4a:ff:e1:02:4e:4e:a8:af:04:01:cd:d9:
de:db:6c:2b:bc:42:eb:4f:ae:9b:a8:2c:ad:4b:f5:7d:a0:33:
0d:2d:3d:b4:87:05:cb:5e:0d:5a:f6:14:e4:09:f0:16:ac:a5:
d8:90:b3:cb:50:bf:72:7d:4a:7e:20:29:8b:11:74:b7:5a:2b:
28:0b:3c:57:ea:c8:05:d1:65:54:82:5d:91:ba:3c:fd:49:77:
1e:e3:00:66:a1:25:55:28:81:f1:fe:d4:eb:71:a8:c2:e3:0f:
e2:87:72:c6:16:f9:0c:00:9e:68:a3:80:40:62:7d:bf:6d:b4:
e6:ae:23:82:08:32:f6:da:ed:7e:6d:c9:5b:36:f5:93:07:bb:
5b:8d:27:6e:c3:f2:d3:63:5a:b7:b8:ed:11:ef:7d:f7:ab:39:
06:b6:94:21:f9:7f:4b:f6:8d:40:5e:73:48:71:61:b3:09:c5:
d8:64:15:03:53:f4:ef:38:7b:11:1e:8f:a2:91:ce:5b:85:13:
c4:14:44:d5:c9:f4:98:99:f5:9b:e4:2e:90:e5:9e:de:72:15:
cd:de:34:37:8a:56:62:68:41:a8:e1:02:66:27:31:5c:f4:4a:
f7:cb:f8:f7
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYUvnrpoYaD7j+vQQHLc0ncmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMTMwMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM4NTlkNzY3MzQwMDBlZjlkMTdiZTE1ZmQ5MDY2NGExMzI0MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZaVr9iCWVRwq/xczmmM/bgqo1ef
BBw1n9EX9MT+/+vOTzzBpwAKsS50aeoy1UwMu1yA4Z1Zt4rQBz26IIJrtQGWiCET
M6s7hACJ0lb8k60Ay/dq+j2fQ7YUhsliwkSyuQGU4zLuqY1lVoyXY5RXR4VJ682P
jak0bWuDHn6AxYWXrL2+4nYBkEPs7ztCLJWVeCIq6+COW5RQCnx7pAczn9r1H8cC
tvNzLx3QrPIxA2NWW1wDynwTaH+F7wgJcHmCyY/G77/GN1u1/zPWc7M0wrgkz75+
d4II0Gl/f6m+XMCgLdXMV9PG4JF1pv7CeSrpGaMQrJvCoLiXLkuuql2bEwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFHo4WddnNAAO+dF74V/ZBmShMkE9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZWpoWjEyYzBBQTc1MFh2aFg5a0daS0V5UVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAMB8tgME
AMB8vAMEAMF8KQMEAMF84wMEAMJV+QMEAMJV+wMEAMJXuwMEAMM6OzAMAwQAw4UN
AwQAw4UOAwQAw4UfAwQAw4UlMAwDBADDhScDBALDhSgDBADUwAQDBADUwPADBADU
wRwDBADUwR8wDQYJKoZIhvcNAQELBQADggEBAA8LAgc3OCqCIVLv/AnaPAywbElj
/1WuAkr/4QJOTqivBAHN2d7bbCu8QutPrpuoLK1L9X2gMw0tPbSHBcteDVr2FOQJ
8BaspdiQs8tQv3J9Sn4gKYsRdLdaKygLPFfqyAXRZVSCXZG6PP1Jdx7jAGahJVUo
gfH+1OtxqMLjD+KHcsYW+QwAnmijgEBifb9ttOauI4IIMvba7X5tyVs29ZMHu1uN
J27D8tNjWre47RHvfferOQa2lCH5f0v2jUBec0hxYbMJxdhkFQNT9O84exEej6KR
zluFE8QURNXJ9JiZ9ZvkLpDlnt5yFc3eNDeKVmJoQajhAmYnMVz0SvfL+Pc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org