Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k1EGcF2MDxEH6brv3VIouvNzXuM.roa
File: k1EGcF2MDxEH6brv3VIouvNzXuM.roa (raw, json)
Hash identifier: 5sa6kM8QIV0vHABa7MBcOj8nt4mBDYyttMLlL8EMg2A=
Subject key identifier: 93:51:06:70:5D:8C:0F:11:07:E9:BA:EF:DD:52:28:BA:F3:73:5E:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01843366DC8044372F2EDDD277F387ADF0C0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k1EGcF2MDxEH6brv3VIouvNzXuM.roa
Signing time: Tue 01 Nov 2022 13:34:49 +0000
ROA not before: Tue 01 Nov 2022 13:34:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:66:dc:80:44:37:2f:2e:dd:d2:77:f3:87:ad:f0:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 13:34:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=935106705d8c0f1107e9baefdd5228baf3735ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8f:14:5a:24:07:44:12:51:17:f7:b7:b6:7f:
ab:81:8c:09:ed:2f:b8:24:6d:14:3e:25:34:7c:af:
5b:67:1f:d8:42:25:bc:e8:02:68:45:0d:51:13:1e:
88:00:93:9b:5b:75:9b:b5:43:b8:2e:2e:6e:8b:ce:
66:96:1c:7e:e8:a2:d8:a2:47:da:b8:07:cb:e5:5a:
41:3f:e4:f0:c6:7c:86:5f:76:76:e2:bc:ca:15:b8:
3f:36:9a:58:b7:8c:d3:c0:96:bc:ac:af:db:fe:19:
1a:04:c7:6e:73:a6:69:41:f5:58:47:b6:ae:a8:29:
4f:4d:f9:c0:96:be:06:94:dd:53:ab:f9:8b:81:86:
6e:dc:d2:02:b9:f4:ea:de:31:33:45:03:75:92:52:
a9:3a:86:b5:5f:ff:1c:92:79:ec:73:15:10:e0:72:
f1:7f:66:93:cd:a9:c6:95:d1:97:75:b3:df:11:a7:
bd:7b:bf:c0:6f:8b:6a:e0:d5:ba:0e:d8:00:60:1e:
f6:c8:e8:f8:92:a7:17:12:ac:8a:76:b9:57:e9:36:
d8:ba:06:16:b3:af:da:e5:37:dd:b8:73:a3:21:77:
c0:c2:47:e3:69:37:ec:89:1b:ab:c4:5e:00:8d:c2:
e9:27:e1:71:81:14:1c:5e:82:d4:b3:7a:a7:46:55:
ba:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:51:06:70:5D:8C:0F:11:07:E9:BA:EF:DD:52:28:BA:F3:73:5E:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k1EGcF2MDxEH6brv3VIouvNzXuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.203.0/24
194.58.45.0/24
194.87.1.0/24
194.87.3.0/24
194.87.16.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.118.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.135.30.0/24
195.58.56.0/21
195.133.55.0/24
195.133.76.0/24
212.192.10.0/24
212.193.0.0/24
212.193.2.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
35:9a:70:69:00:6f:31:41:71:a7:90:d2:89:49:6a:b1:8d:52:
d3:84:80:58:f2:d4:2a:85:b9:c2:6a:5f:48:dd:b1:63:e9:8b:
60:5b:d3:a6:66:27:a0:1d:77:ac:92:af:db:df:d3:af:74:e0:
7e:95:0c:d9:af:6c:7a:c0:66:f2:21:07:9c:a9:ab:72:55:c6:
01:f2:a9:8e:f3:e5:e1:7f:10:52:5b:67:3d:18:f2:b1:c6:43:
1e:4d:21:2f:82:c0:df:bf:fe:6d:21:74:bd:77:18:20:bd:fd:
fb:9e:1a:7b:a8:f6:db:b6:7e:e4:27:aa:06:ac:6c:4d:45:e9:
cc:a1:cc:17:14:d4:47:4a:e9:4d:23:d8:56:a8:0d:60:4c:68:
28:ec:cc:81:64:ea:46:52:62:8d:fb:3e:c0:9f:e0:17:97:bb:
37:99:3e:b6:7e:a2:e2:16:15:50:2b:7f:0b:08:3a:a2:01:bf:
81:96:3a:a9:63:4d:b6:c1:d4:6b:91:d3:ca:cb:67:92:cb:c1:
28:37:29:44:dd:76:aa:bf:4c:d2:b9:aa:33:4c:86:f2:14:91:
a4:a7:77:54:32:fd:32:83:27:a3:3c:5c:05:08:f0:d8:12:fd:
05:27:5a:fe:80:06:27:b9:32:3d:0c:1b:b3:4e:4e:27:d5:75:
b0:df:32:6b
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAYQzZtyARDcvLt3Sd/OHrfDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAxMTMzNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzUxMDY3MDVkOGMwZjExMDdlOWJhZWZkZDUyMjhiYWYzNzM1ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI8UWiQHRBJRF/e3tn+rgYwJ7S+4
JG0UPiU0fK9bZx/YQiW86AJoRQ1REx6IAJObW3WbtUO4Li5ui85mlhx+6KLYokfa
uAfL5VpBP+TwxnyGX3Z24rzKFbg/NppYt4zTwJa8rK/b/hkaBMduc6ZpQfVYR7au
qClPTfnAlr4GlN1Tq/mLgYZu3NICufTq3jEzRQN1klKpOoa1X/8cknnscxUQ4HLx
f2aTzanGldGXdbPfEae9e7/Ab4tq4NW6DtgAYB72yOj4kqcXEqyKdrlX6TbYugYW
s6/a5TfduHOjIXfAwkfjaTfsiRurxF4AjcLpJ+FxgRQcXoLUs3qnRlW6cQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFJNRBnBdjA8RB+m6791SKLrzc17jMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvazFFR2NGMk1EeEVINmJydjNWSW91dk56WHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBAA+
TOUDBAA+TOcDBADAfK0DBALAfLQDBADAfNEDBADBbHADBADBfAMDBADBfMsDBADC
Oi0DBADCVwEDBADCVwMDBADCVxADBALCVxgDBADCVzgDBADCV0wDBAHCV1IDBADC
V2gDBADCV3YDBADCV6MwDAMEAMJXpQMEAMJXpgMEAMJXqgMEAMJXswMEAMJXxjAM
AwQAwlfPAwQBwlfQAwQBwlfeAwQAwoceAwQDwzo4AwQAw4U3AwQAw4VMAwQA1MAK
AwQA1MEAAwQA1MECAwQA1MEMAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQA1mnBp
AG8xQXGnkNKJSWqxjVLThIBY8tQqhbnCal9I3bFj6YtgW9OmZiegHXeskq/b39Ov
dOB+lQzZr2x6wGbyIQecqatyVcYB8qmO8+XhfxBSW2c9GPKxxkMeTSEvgsDfv/5t
IXS9dxggvf37nhp7qPbbtn7kJ6oGrGxNRenMocwXFNRHSulNI9hWqA1gTGgo7MyB
ZOpGUmKN+z7An+AXl7s3mT62fqLiFhVQK38LCDqiAb+BljqpY022wdRrkdPKy2eS
y8EoNylE3Xaqv0zSuaozTIbyFJGkp3dUMv0ygyejPFwFCPDYEv0FJ1r+gAYnuTI9
DBuzTk4n1XWw3zJr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:04 2023 by rpki-client on console-ams.rpki-client.org