Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mV4v1WxMeI_B2kjtLKF676oholE.roa
File: mV4v1WxMeI_B2kjtLKF676oholE.roa (raw, json)
Hash identifier: /qh19Warhg77ZoN0EZmobalbVWVYgqPlen6Gb9QAzus=
Subject key identifier: 99:5E:2F:D5:6C:4C:78:8F:C1:DA:48:ED:2C:A1:7A:EF:AA:21:A2:51
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C77D8961727DAFA5F716F96005029A89
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mV4v1WxMeI_B2kjtLKF676oholE.roa
Signing time: Tue 11 Oct 2022 14:40:36 +0000
ROA not before: Tue 11 Oct 2022 14:40:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:7d:89:61:72:7d:af:a5:f7:16:f9:60:05:02:9a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 14:40:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=995e2fd56c4c788fc1da48ed2ca17aefaa21a251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0d:19:78:92:f3:13:82:9e:d4:cb:c2:e2:fa:
6e:01:cf:32:92:46:17:2d:28:81:95:c5:79:c1:f0:
63:49:e8:50:3e:f5:80:dd:5d:b4:38:50:66:e2:0b:
65:5d:3f:e1:32:15:1d:2a:51:8e:2d:81:ae:51:6f:
38:9c:13:59:4f:9e:dd:9e:d4:43:62:a4:50:42:10:
85:67:cc:72:43:44:e4:1c:d5:27:3a:36:2f:8a:be:
5f:7a:49:f0:0d:d7:0b:5e:d6:b7:bd:54:4f:b9:2b:
a9:41:54:c0:51:04:38:6c:1e:14:4e:a6:0d:f3:4c:
5d:7c:bf:a1:4a:4b:a9:c7:04:32:61:67:a6:87:f9:
58:26:c8:ac:ae:c5:d3:a7:c6:a2:19:ce:4c:4e:2c:
6f:8e:b8:b1:ab:3b:79:ed:de:48:28:00:aa:28:e1:
f9:54:b5:4c:7b:28:cb:a7:f9:e6:21:a0:cd:48:4f:
72:f3:2a:ba:36:45:63:a1:f9:41:92:ae:c0:2d:0c:
cb:9e:be:9c:02:e6:94:31:b0:84:d5:1c:1a:9f:2a:
f7:43:f2:da:8a:e7:bb:dd:d0:97:4e:63:72:ab:3b:
a4:95:af:e3:8f:b5:4d:4f:f7:27:5b:86:43:c0:a7:
b8:9b:b8:0d:1e:54:09:ea:c1:6b:e0:06:d6:9c:2b:
a6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5E:2F:D5:6C:4C:78:8F:C1:DA:48:ED:2C:A1:7A:EF:AA:21:A2:51
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mV4v1WxMeI_B2kjtLKF676oholE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.45.0/24
193.124.90.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.24.0/22
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.191.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.135.23.0/24
195.58.54.0/24
195.133.76.0/24
195.133.82.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:a2:06:8e:fd:c0:c3:93:98:ea:cb:0e:9b:3f:3e:01:f3:9a:
47:0e:58:90:a6:f2:f1:bd:e4:dc:96:b6:7e:f0:70:6c:be:dc:
41:a4:61:9e:a1:d2:84:5e:e7:db:67:42:3e:70:87:98:4a:70:
c3:87:a3:a3:a6:d1:e2:41:b2:14:27:c8:a1:2d:b9:0e:32:24:
3d:3a:43:bd:58:80:21:ce:1b:80:11:6a:35:56:ba:50:e3:b1:
cd:f0:36:81:3e:da:9e:2a:31:ef:e3:bd:a2:2b:08:d3:01:34:
c6:11:97:4e:b8:53:19:28:28:d3:97:bf:d4:9a:52:04:de:26:
be:df:22:10:07:a3:09:39:1a:fa:f8:01:cd:b6:cd:ee:27:dd:
cc:b4:32:6e:f7:7c:89:f5:d7:80:cc:52:dd:a9:14:2e:7c:a9:
40:a0:a1:7b:fb:df:7e:c4:8e:c5:d4:49:5a:93:0a:2c:ad:87:
0f:c5:d7:cc:9a:b3:74:70:aa:8f:f7:55:c4:39:31:7e:29:67:
d6:b8:77:0f:d0:6f:1c:db:e3:04:04:d1:a5:ea:3d:e1:fa:b7:
f1:a1:4b:77:9b:dd:03:7b:50:df:84:8a:75:46:7f:48:04:c3:
b9:44:71:36:20:d0:83:77:0f:14:82:a0:78:b6:5d:cb:6c:42:
b0:48:10:e3
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYPHfYlhcn2vpfcW+WAFApqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDExMTQ0MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTVlMmZkNTZjNGM3ODhmYzFkYTQ4ZWQyY2ExN2FlZmFhMjFhMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg0ZeJLzE4Ke1MvC4vpuAc8ykkYX
LSiBlcV5wfBjSehQPvWA3V20OFBm4gtlXT/hMhUdKlGOLYGuUW84nBNZT57dntRD
YqRQQhCFZ8xyQ0TkHNUnOjYvir5feknwDdcLXta3vVRPuSupQVTAUQQ4bB4UTqYN
80xdfL+hSkupxwQyYWemh/lYJsisrsXTp8aiGc5MTixvjrixqzt57d5IKACqKOH5
VLVMeyjLp/nmIaDNSE9y8yq6NkVjoflBkq7ALQzLnr6cAuaUMbCE1Rwanyr3Q/La
iue73dCXTmNyqzukla/jj7VNT/cnW4ZDwKe4m7gNHlQJ6sFr4AbWnCumnQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFJleL9VsTHiPwdpI7Syheu+qIaJRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbVY0djFXeE1lSV9CMmtqdExLRjY3Nm9ob2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBfAMDBADB
fC0DBADBfFoDBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBALCVxgDBADC
V6UDBADCV6oDBADCV7MDBADCV78DBADCV8YwDAMEAMJXzwMEAcJX0AMEAcJX3gME
AMJX4gMEAMKHFwMEAMM6NgMEAMOFTAMEAMOFUgMEANTBDAMEANTBDzANBgkqhkiG
9w0BAQsFAAOCAQEAKqIGjv3Aw5OY6ssOmz8+AfOaRw5YkKby8b3k3Ja2fvBwbL7c
QaRhnqHShF7n22dCPnCHmEpww4ejo6bR4kGyFCfIoS25DjIkPTpDvViAIc4bgBFq
NVa6UOOxzfA2gT7aniox7+O9oisI0wE0xhGXTrhTGSgo05e/1JpSBN4mvt8iEAej
CTka+vgBzbbN7ifdzLQybvd8ifXXgMxS3akULnypQKChe/vffsSOxdRJWpMKLK2H
D8XXzJqzdHCqj/dVxDkxfiln1rh3D9BvHNvjBATRpeo94fq38aFLd5vdA3tQ34SK
dUZ/SATDuURxNiDQg3cPFIKgeLZdy2xCsEgQ4w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:11 2023 by rpki-client on console-fra.rpki-client.org