Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l8FL90EfIrwh7Pi_tIg5HbILC58.roa
File: l8FL90EfIrwh7Pi_tIg5HbILC58.roa (raw, json)
Hash identifier: VYjGFckAkfq/XtX1OwFR1wuovejMFhGIdIrfuOys+mQ=
Subject key identifier: 97:C1:4B:F7:41:1F:22:BC:21:EC:F8:BF:B4:88:39:1D:B2:0B:0B:9F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184C8F2C588EAB30C617BBA811B8D053A19
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l8FL90EfIrwh7Pi_tIg5HbILC58.roa
Signing time: Wed 30 Nov 2022 14:31:04 +0000
ROA not before: Wed 30 Nov 2022 14:31:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 193.124.16.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:f2:c5:88:ea:b3:0c:61:7b:ba:81:1b:8d:05:3a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 30 14:31:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97c14bf7411f22bc21ecf8bfb488391db20b0b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b9:80:ab:b0:24:d9:a6:f6:c3:7a:de:04:12:
18:c7:cc:ad:3c:1b:33:60:29:71:30:2d:fb:1c:11:
16:eb:c9:3f:98:b5:66:bf:1a:22:af:de:bc:24:cd:
1f:2d:8d:67:15:ef:67:80:9f:05:fe:1d:58:9d:1c:
c2:1c:bf:17:8f:a1:05:e5:91:0c:35:bc:87:d7:90:
75:a6:b0:c0:a7:7f:47:da:c1:75:21:94:b0:33:23:
67:89:77:9e:36:e0:74:2d:c4:47:60:62:dc:95:67:
67:84:f5:d4:40:1b:a7:0a:b1:a4:87:41:1b:2b:af:
10:09:c6:75:bd:e0:01:4d:79:7a:be:7e:03:91:38:
d5:d1:94:78:2a:76:ee:32:55:3f:ee:a4:32:57:9a:
7e:7f:bf:50:d4:a1:79:54:02:08:68:c4:d0:1e:94:
e2:7b:f6:9b:c2:36:39:26:d9:cb:70:a2:60:fd:bb:
98:87:53:68:47:8d:27:d7:74:3d:39:7b:45:2b:29:
1a:73:59:da:6b:d5:6b:b5:72:66:8e:84:4e:40:4a:
67:dc:1c:8d:1b:0f:8d:09:66:47:df:f8:1b:52:23:
73:1b:27:28:9a:69:ac:64:c8:e8:02:b4:97:e8:0d:
02:9f:2e:a7:5e:66:4d:aa:68:b6:c5:5d:6c:8b:bf:
bf:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C1:4B:F7:41:1F:22:BC:21:EC:F8:BF:B4:88:39:1D:B2:0B:0B:9F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l8FL90EfIrwh7Pi_tIg5HbILC58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
192.124.190.0/24
193.124.16.0/24
193.124.202.0/24
194.58.39.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.37.0/24
194.87.83.0/24
194.87.177.0/24
194.87.190.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:27:27:81:59:54:9d:ec:ae:dd:a0:70:6a:f3:66:81:b8:a7:
86:50:51:16:ff:78:d3:c6:2f:d8:19:26:98:2a:07:3b:33:fd:
3a:35:b4:a5:df:bd:d6:68:b8:e4:75:c5:8c:a3:44:19:66:69:
5c:90:b1:1d:1e:d3:93:30:47:0f:38:0d:4f:f0:ec:d6:ff:c7:
f5:f6:7e:1b:7a:6e:c3:ec:45:68:bd:b7:2f:17:55:1c:66:ef:
e0:5b:cf:e5:53:38:f8:be:ec:0e:2e:d5:93:41:6e:99:08:7a:
86:df:1b:a8:9d:02:ca:4b:ff:ad:cb:92:b2:ac:2e:f1:47:cd:
0c:46:2b:22:85:b9:ea:99:7d:33:37:e5:83:32:e8:3b:d9:4a:
6d:d7:f0:e8:8a:18:3d:d3:ba:1c:df:f7:c0:c1:f3:64:de:82:
67:05:23:7c:07:80:7a:c7:df:da:c0:63:b3:44:bd:0e:87:fc:
dd:e5:9e:2d:cf:22:2c:37:f5:79:98:05:a9:d0:91:a9:11:2c:
a9:b8:57:ad:31:af:db:bc:44:ae:ff:14:2f:3c:93:75:c6:b2:
91:3d:58:fa:75:7f:6e:e2:43:d9:98:c3:06:32:d3:83:e9:2d:
ab:ca:41:2a:46:d5:c7:47:d4:53:d2:e3:6b:ee:d0:e7:df:c2:
02:c2:16:57
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYTI8sWI6rMMYXu6gRuNBToZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTMwMTQzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2MxNGJmNzQxMWYyMmJjMjFlY2Y4YmZiNDg4MzkxZGIyMGIwYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLmAq7Ak2ab2w3reBBIYx8ytPBsz
YClxMC37HBEW68k/mLVmvxoir968JM0fLY1nFe9ngJ8F/h1YnRzCHL8Xj6EF5ZEM
NbyH15B1prDAp39H2sF1IZSwMyNniXeeNuB0LcRHYGLclWdnhPXUQBunCrGkh0Eb
K68QCcZ1veABTXl6vn4DkTjV0ZR4KnbuMlU/7qQyV5p+f79Q1KF5VAIIaMTQHpTi
e/abwjY5JtnLcKJg/buYh1NoR40n13Q9OXtFKykac1naa9VrtXJmjoROQEpn3ByN
Gw+NCWZH3/gbUiNzGycommmsZMjoArSX6A0Cny6nXmZNqmi2xV1si7+/awIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJfBS/dBHyK8Iez4v7SIOR2yCwufMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbDhGTDkwRWZJcndoN1BpX3RJZzVIYklMQzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAD5M6AME
AD5M6wMEAMB8vgMEAMF8EAMEAMF8ygMEAMI6JwMEAMI6LwMEAMJXAwMEAMJXEAME
AMJXFgMEAMJXJQMEAMJXUwMEAMJXsQMEAMJXvgMEAMM6OgMEAMOFVgMEAMOFwgME
ANTA0wMEANTBCDANBgkqhkiG9w0BAQsFAAOCAQEASicngVlUneyu3aBwavNmgbin
hlBRFv9408Yv2BkmmCoHOzP9OjW0pd+91mi45HXFjKNEGWZpXJCxHR7TkzBHDzgN
T/Ds1v/H9fZ+G3puw+xFaL23LxdVHGbv4FvP5VM4+L7sDi7Vk0FumQh6ht8bqJ0C
ykv/rcuSsqwu8UfNDEYrIoW56pl9MzflgzLoO9lKbdfw6IoYPdO6HN/3wMHzZN6C
ZwUjfAeAesff2sBjs0S9Dof83eWeLc8iLDf1eZgFqdCRqREsqbhXrTGv27xErv8U
LzyTdcaykT1Y+nV/buJD2ZjDBjLTg+ktq8pBKkbVx0fUU9Lja+7Q59/CAsIWVw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:10 2023 by rpki-client on console-fra.rpki-client.org