Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mDRul89HJt8O9I-byohrSHpwHHk.roa
File: mDRul89HJt8O9I-byohrSHpwHHk.roa (raw, json)
Hash identifier: Gf9T0qbQomzjbJjSvvG9/vNzPD+hBP2F9pmD7I9CdxQ=
Subject key identifier: 98:34:6E:97:CF:47:26:DF:0E:F4:8F:9B:CA:88:6B:48:7A:70:1C:79
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184E281CDFBAC2F8A534149371F4FEC81B8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mDRul89HJt8O9I-byohrSHpwHHk.roa
Signing time: Mon 05 Dec 2022 13:37:48 +0000
ROA not before: Mon 05 Dec 2022 13:37:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.200.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:81:cd:fb:ac:2f:8a:53:41:49:37:1f:4f:ec:81:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 13:37:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98346e97cf4726df0ef48f9bca886b487a701c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:70:0b:43:cf:aa:81:95:b3:16:c0:97:b1:93:
c0:65:7a:d2:11:df:8a:46:21:ec:57:9b:f2:01:95:
4a:be:bc:dd:f9:51:76:5e:79:f2:ff:ce:b1:00:2f:
54:97:e1:a6:f1:15:3d:c5:4e:4e:0a:fa:03:b4:53:
c5:19:a3:73:0e:f3:9e:10:8c:6b:8f:64:8d:77:a2:
19:ea:ef:f0:b3:fb:5a:29:92:95:40:f3:9c:d3:e9:
7c:d5:b3:26:27:03:f0:87:fa:01:a6:0d:7c:51:fc:
f0:14:d2:48:a9:c3:02:cc:00:4a:f6:19:ee:d5:2a:
df:86:62:75:c8:cb:c1:d3:88:46:7f:f1:b4:de:eb:
af:84:c9:2f:8c:ff:40:3f:15:b4:bc:d7:a8:21:8f:
a8:8b:42:88:95:d8:77:cc:0a:65:75:86:9a:5b:2c:
ca:c2:98:97:38:dd:5c:93:18:15:18:1e:f6:33:a4:
2b:f1:f6:8b:0e:a1:80:3e:37:f1:01:7d:b4:a6:12:
6b:11:2b:42:f6:5e:07:2d:2c:a3:f3:c7:33:80:39:
3e:84:3c:2a:6c:f8:17:f6:5f:b5:5b:43:83:9b:2f:
ca:c5:b9:81:0e:ce:64:93:00:4d:d1:74:b3:93:06:
9b:fb:24:89:c4:0c:3e:77:37:3c:0d:87:42:e7:1f:
da:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:34:6E:97:CF:47:26:DF:0E:F4:8F:9B:CA:88:6B:48:7A:70:1C:79
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mDRul89HJt8O9I-byohrSHpwHHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.18.0/24
193.124.45.0/24
193.124.90.0/24
193.124.133.0/24
193.124.200.0/24
194.58.40.0/24
194.58.46.0/24
194.58.59.0/24
194.87.122.0/24
194.87.124.0/23
194.87.200.0/24
194.87.223.0/24
194.87.226.0/24
194.87.233.0/24
194.87.252.0/24
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:84:64:05:3e:f9:ad:57:ff:56:a9:68:21:14:a7:c9:29:93:
81:7d:f2:c8:08:b7:79:df:73:e1:98:46:50:5d:b6:35:04:51:
6f:f4:e1:5e:2a:62:0a:6a:d0:c4:ec:77:2c:b9:25:a3:90:70:
eb:52:98:d7:fc:79:4b:35:20:af:bd:f4:24:94:04:c1:66:51:
c8:dd:ec:11:77:d8:8a:e7:f1:b2:50:80:f0:97:8d:e2:1e:9b:
80:80:e7:0f:cf:7b:3e:9e:3c:62:2f:a6:82:bb:b8:0a:90:55:
5b:6e:e0:5d:3b:25:4b:83:48:72:93:68:4f:02:51:6c:a5:75:
e5:0e:0a:b1:fb:5c:0c:c9:68:61:a9:9b:bd:00:bb:8d:1d:92:
c7:37:72:f8:39:9f:2c:5c:a2:91:44:27:22:86:b9:5d:2e:2b:
b9:59:1c:b4:9f:53:9d:f3:7f:39:e6:d5:eb:de:f2:20:20:be:
7b:6f:9a:fb:02:23:51:4f:53:4b:6d:7d:ac:06:1a:06:0a:ef:
a4:54:ce:4c:b9:0f:bd:dd:c2:34:5f:cb:ca:31:34:62:a2:6d:
2d:b8:3d:52:ff:87:33:f8:39:15:25:58:fc:df:d0:3b:ad:f5:
3a:28:56:1b:f3:92:68:d0:0b:e5:3d:4d:06:ce:47:84:96:45:
87:9f:30:a3
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYTigc37rC+KU0FJNx9P7IG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA1MTMzNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM0NmU5N2NmNDcyNmRmMGVmNDhmOWJjYTg4NmI0ODdhNzAxYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXALQ8+qgZWzFsCXsZPAZXrSEd+K
RiHsV5vyAZVKvrzd+VF2Xnny/86xAC9Ul+Gm8RU9xU5OCvoDtFPFGaNzDvOeEIxr
j2SNd6IZ6u/ws/taKZKVQPOc0+l81bMmJwPwh/oBpg18UfzwFNJIqcMCzABK9hnu
1SrfhmJ1yMvB04hGf/G03uuvhMkvjP9APxW0vNeoIY+oi0KIldh3zApldYaaWyzK
wpiXON1ckxgVGB72M6Qr8faLDqGAPjfxAX20phJrEStC9l4HLSyj88czgDk+hDwq
bPgX9l+1W0ODmy/KxbmBDs5kkwBN0XSzkwab+ySJxAw+dzc8DYdC5x/a+QIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFJg0bpfPRybfDvSPm8qIa0h6cBx5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbURSdWw4OUhKdDhPOUktYnlvaHJTSHB3SEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EgMEAMF8LQMEAMF8WgMEAMF8hQME
AMF8yAMEAMI6KAMEAMI6LgMEAMI6OwMEAMJXegMEAcJXfAMEAMJXyAMEAMJX3wME
AMJX4gMEAMJX6QMEAMJX/AMEAMOFTAMEAMOFwQMEANTABQMEANTACTANBgkqhkiG
9w0BAQsFAAOCAQEACoRkBT75rVf/VqloIRSnySmTgX3yyAi3ed9z4ZhGUF22NQRR
b/ThXipiCmrQxOx3LLklo5Bw61KY1/x5SzUgr730JJQEwWZRyN3sEXfYiufxslCA
8JeN4h6bgIDnD897Pp48Yi+mgru4CpBVW27gXTslS4NIcpNoTwJRbKV15Q4Ksftc
DMloYambvQC7jR2Sxzdy+DmfLFyikUQnIoa5XS4ruVkctJ9TnfN/OebV697yICC+
e2+a+wIjUU9TS219rAYaBgrvpFTOTLkPvd3CNF/LyjE0YqJtLbg9Uv+HM/g5FSVY
/N/QO631OihWG/OSaNAL5T1NBs5HhJZFh58wow==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:10 2023 by rpki-client on console-fra.rpki-client.org