Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jgkWKLiCZ9X4yAviKFAObka0QNM.roa
File: jgkWKLiCZ9X4yAviKFAObka0QNM.roa (raw, json)
Hash identifier: hy5vSauatQNqbh5SERhBX2Y2D56vGoDc/YQDxCdNPMg=
Subject key identifier: 8E:09:16:28:B8:82:67:D5:F8:C8:0B:E2:28:50:0E:6E:46:B4:40:D3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852FB62E8CBE9A396257A34B5E8D9132A1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jgkWKLiCZ9X4yAviKFAObka0QNM.roa
Signing time: Tue 20 Dec 2022 13:25:46 +0000
ROA not before: Tue 20 Dec 2022 13:25:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.133.39.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:b6:2e:8c:be:9a:39:62:57:a3:4b:5e:8d:91:32:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 13:25:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e091628b88267d5f8c80be228500e6e46b440d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:09:92:89:b5:5f:33:4e:0e:51:4e:25:07:09:
b2:e0:92:25:b1:95:76:b9:c5:f8:d5:5d:8d:25:12:
9e:48:1f:e6:fa:34:50:f4:d4:ea:60:a8:68:7d:9d:
0d:0c:75:aa:bb:ce:f9:aa:06:c3:e1:7d:18:dc:e0:
31:a5:b8:aa:bd:1e:a5:79:67:3d:c7:b0:30:3d:f8:
1a:5d:93:c0:32:43:30:20:d9:53:ec:7c:0b:3c:53:
8a:2d:02:57:9f:6f:7a:59:16:59:fa:27:4d:a6:30:
38:39:8a:aa:6c:4d:4f:35:56:e6:da:63:d1:3d:60:
ed:f4:7b:93:50:2b:4e:61:05:d2:0f:b5:6e:c1:cb:
ef:2b:a8:d1:49:58:c9:c6:ee:cc:92:57:ad:db:32:
d2:13:b2:63:5b:5c:54:82:9d:5c:1a:5b:31:bc:18:
be:24:14:d8:16:b4:24:29:23:6f:da:e2:6e:8b:54:
ec:a3:0f:ea:b6:b9:35:2f:d7:e8:b3:f4:e1:b8:39:
42:0d:f9:90:9f:f4:63:ba:3f:af:e3:1b:24:d7:6d:
59:bb:fb:1b:20:ed:c9:b3:53:9a:48:14:14:f4:b0:
69:90:71:7d:c3:3d:38:50:58:c3:f7:21:ca:fb:45:
d1:6a:4a:0d:66:fc:40:2c:c7:26:19:38:1c:4e:89:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:09:16:28:B8:82:67:D5:F8:C8:0B:E2:28:50:0E:6E:46:B4:40:D3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jgkWKLiCZ9X4yAviKFAObka0QNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
192.124.188.0/24
193.124.41.0/24
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.187.0/24
195.58.59.0/24
195.133.13.0-195.133.14.255
195.133.37.0/24
195.133.39.0-195.133.43.255
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
28:67:c7:8e:87:1e:bc:12:74:d8:58:c6:ec:e2:01:8c:6f:0c:
6f:f9:f0:66:e3:17:1e:58:93:ba:ca:9f:3c:4d:2d:92:2a:0f:
e1:6d:de:d3:8e:35:e8:c3:a3:71:c4:3c:e9:0f:5b:cb:30:c6:
7d:f3:ef:b5:d5:29:e7:e4:2c:87:74:03:b5:dc:5e:a8:dc:bd:
4e:79:ad:28:82:bd:64:e6:51:1e:93:a6:13:eb:85:26:6b:2c:
0d:38:e4:fc:43:a2:43:ad:01:39:6a:4c:67:b9:35:77:3a:3e:
a9:9e:dc:c4:cc:e4:a9:3e:96:60:5b:a0:e6:a2:d4:de:a0:d7:
55:52:95:1f:e2:d0:50:29:b6:19:92:0f:7d:d3:78:58:8b:56:
02:ec:3b:d2:db:12:e8:02:2c:01:33:cc:1d:eb:d5:1f:4c:e3:
a2:cc:47:bc:bf:d6:3f:60:18:e2:8a:de:27:c5:d6:c3:cb:03:
4e:f6:e1:6b:f9:95:09:cd:b3:6b:c2:78:38:cd:6e:26:e3:05:
2f:c1:36:1f:6d:bc:9e:d0:0e:2b:f8:14:5f:2c:a5:20:dd:1d:
c7:ad:cd:83:a2:3c:ea:61:10:aa:30:32:63:ae:4e:60:fc:c8:
c7:73:0b:de:41:ac:ce:4f:e6:06:10:1c:38:cd:25:47:88:c9:
77:97:1e:23
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYUvti6Mvpo5YlejS16NkTKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMTMyNTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTA5MTYyOGI4ODI2N2Q1ZjhjODBiZTIyODUwMGU2ZTQ2YjQ0MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAmSibVfM04OUU4lBwmy4JIlsZV2
ucX41V2NJRKeSB/m+jRQ9NTqYKhofZ0NDHWqu875qgbD4X0Y3OAxpbiqvR6leWc9
x7AwPfgaXZPAMkMwINlT7HwLPFOKLQJXn296WRZZ+idNpjA4OYqqbE1PNVbm2mPR
PWDt9HuTUCtOYQXSD7VuwcvvK6jRSVjJxu7Mklet2zLSE7JjW1xUgp1cGlsxvBi+
JBTYFrQkKSNv2uJui1Tsow/qtrk1L9fos/ThuDlCDfmQn/Rjuj+v4xsk121Zu/sb
IO3Js1OaSBQU9LBpkHF9wz04UFjD9yHK+0XRakoNZvxALMcmGTgcTomuOQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFI4JFii4gmfV+MgL4ihQDm5GtEDTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvamdrV0tMaUNaOVg0eUF2aUtGQU9ia2EwUU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAMB8tgME
AMB8vAMEAMF8KQMEAMF84wMEAMJV+QMEAMJV+wMEAMJXuwMEAMM6OzAMAwQAw4UN
AwQAw4UOAwQAw4UlMAwDBADDhScDBALDhSgDBADUwAQDBADUwPADBADUwRwDBADU
wR8wDQYJKoZIhvcNAQELBQADggEBAChnx46HHrwSdNhYxuziAYxvDG/58GbjFx5Y
k7rKnzxNLZIqD+Ft3tOONejDo3HEPOkPW8swxn3z77XVKefkLId0A7XcXqjcvU55
rSiCvWTmUR6TphPrhSZrLA045PxDokOtATlqTGe5NXc6Pqme3MTM5Kk+lmBboOai
1N6g11VSlR/i0FApthmSD33TeFiLVgLsO9LbEugCLAEzzB3r1R9M46LMR7y/1j9g
GOKK3ifF1sPLA0724Wv5lQnNs2vCeDjNbibjBS/BNh9tvJ7QDiv4FF8spSDdHcet
zYOiPOphEKowMmOuTmD8yMdzC95BrM5P5gYQHDjNJUeIyXeXHiM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:04 2023 by rpki-client on console-ams.rpki-client.org