Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mj9BkFLyiZMVzW9Q0sCMF2Htej4.roa
File: mj9BkFLyiZMVzW9Q0sCMF2Htej4.roa (raw, json)
Hash identifier: je7TR7gQgostQGtRUCBmgDzncjDL5ZsTF5A2eNzpfj0=
Subject key identifier: 9A:3F:41:90:52:F2:89:93:15:CD:6F:50:D2:C0:8C:17:61:ED:7A:3E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184EBA9BE457AB9889F586BF99489DFF051
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mj9BkFLyiZMVzW9Q0sCMF2Htej4.roa
Signing time: Wed 07 Dec 2022 08:18:00 +0000
ROA not before: Wed 07 Dec 2022 08:18:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53850
IP address blocks: 62.76.224.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:a9:be:45:7a:b9:88:9f:58:6b:f9:94:89:df:f0:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 08:18:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a3f419052f2899315cd6f50d2c08c1761ed7a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:51:ba:73:4c:0f:ed:34:59:b7:5b:10:45:d8:
04:09:cc:9d:56:ed:c3:a9:5b:2d:5d:60:3f:32:0f:
09:07:52:11:54:3e:49:2a:65:40:e0:88:fd:4b:14:
b8:2d:90:cb:79:5a:ba:35:88:eb:92:77:ea:51:0f:
75:f3:6f:05:12:2b:f1:3f:9d:aa:24:8d:9b:3e:b0:
d7:9a:a8:89:7f:6c:a7:51:b6:61:96:6a:66:c7:72:
a8:7b:51:9e:a1:04:73:f2:cc:b1:6f:1f:0c:1d:fc:
2a:3e:50:8d:c2:4d:ad:42:27:6c:90:93:0b:c1:10:
e6:ea:b0:65:27:02:cc:65:c9:0d:d3:f0:27:44:ff:
5a:01:28:71:5f:9e:27:34:3e:f1:64:5a:ab:13:8d:
d7:30:b0:88:ea:86:5c:c6:de:95:c5:a0:6e:4e:d5:
d0:53:7d:7c:35:7b:58:af:81:ab:1a:89:d6:d1:4f:
77:bf:70:a8:16:d5:c0:76:2c:e3:b9:95:d8:4f:c7:
f5:c6:e7:dc:fb:bd:c3:a6:29:20:b3:27:31:be:9d:
0f:02:fa:65:d0:22:a1:d4:5e:f3:19:3a:29:c1:84:
be:1d:e9:ec:c5:b7:64:5b:14:de:ed:0d:64:b2:35:
07:17:78:e8:c4:45:e2:0f:81:ce:c0:52:a5:0e:36:
a4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3F:41:90:52:F2:89:93:15:CD:6F:50:D2:C0:8C:17:61:ED:7A:3E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mj9BkFLyiZMVzW9Q0sCMF2Htej4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
194.87.32.0/23
194.87.39.0/24
194.87.117.0-194.87.118.255
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
79:68:53:1e:55:65:e4:58:c5:40:aa:cc:1b:9b:88:88:4f:b3:
d7:ad:6a:3e:c3:3a:86:75:91:76:d7:ef:4a:d8:2f:24:24:67:
2f:13:dc:51:4f:ac:ff:12:f5:0f:f3:0a:ad:86:b9:56:02:1e:
69:9e:d7:62:95:41:23:5c:16:b2:5c:0d:8c:47:4c:de:8a:a1:
58:4b:57:b9:52:08:2b:c6:ea:14:63:3f:cd:cf:01:1a:58:fe:
46:11:8a:e0:ce:c8:27:41:8a:98:fc:81:29:2c:3b:4b:9b:ca:
a6:51:0e:97:1c:88:9a:aa:d2:9f:af:69:b5:67:a0:92:42:4d:
7a:7c:a2:4d:cf:f8:6c:55:a7:8d:7d:bc:f2:1b:4b:89:ff:f3:
3d:61:cb:52:d6:fb:e1:f9:db:71:06:62:3f:d7:3e:34:bb:0e:
32:a9:91:e3:5d:1f:62:eb:d5:fd:67:4f:a9:08:a0:b0:b3:75:
87:09:22:52:64:d9:51:8e:84:4f:2b:b0:cb:c8:95:55:46:90:
56:df:22:51:29:3d:f3:c1:84:42:c0:c7:28:78:4f:5d:a0:3c:
5a:0c:3b:a5:52:c3:33:ec:a3:ce:b6:6d:d3:7a:bd:eb:52:6a:
2d:d9:3b:ef:f5:a3:b9:5e:82:3a:64:79:3a:c2:76:f2:e5:01:
e6:41:24:7e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYTrqb5FermIn1hr+ZSJ3/BRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA3MDgxODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNmNDE5MDUyZjI4OTkzMTVjZDZmNTBkMmMwOGMxNzYxZWQ3YTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolG6c0wP7TRZt1sQRdgECcydVu3D
qVstXWA/Mg8JB1IRVD5JKmVA4Ij9SxS4LZDLeVq6NYjrknfqUQ91828FEivxP52q
JI2bPrDXmqiJf2ynUbZhlmpmx3Koe1GeoQRz8syxbx8MHfwqPlCNwk2tQidskJML
wRDm6rBlJwLMZckN0/AnRP9aAShxX54nND7xZFqrE43XMLCI6oZcxt6VxaBuTtXQ
U318NXtYr4GrGonW0U93v3CoFtXAdizjuZXYT8f1xufc+73Dpikgsycxvp0PAvpl
0CKh1F7zGTopwYS+HensxbdkWxTe7Q1ksjUHF3joxEXiD4HOwFKlDjak3QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJo/QZBS8omTFc1vUNLAjBdh7Xo+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbWo5QmtGTHlpWk1Welc5UTBzQ01GMkh0ZWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAPkzgAwQB
wlcgAwQAwlcnMAwDBADCV3UDBADCV3YDBADUwQswDQYJKoZIhvcNAQELBQADggEB
AHloUx5VZeRYxUCqzBubiIhPs9etaj7DOoZ1kXbX70rYLyQkZy8T3FFPrP8S9Q/z
Cq2GuVYCHmme12KVQSNcFrJcDYxHTN6KoVhLV7lSCCvG6hRjP83PARpY/kYRiuDO
yCdBipj8gSksO0ubyqZRDpcciJqq0p+vabVnoJJCTXp8ok3P+GxVp419vPIbS4n/
8z1hy1LW++H523EGYj/XPjS7DjKpkeNdH2Lr1f1nT6kIoLCzdYcJIlJk2VGOhE8r
sMvIlVVGkFbfIlEpPfPBhELAxyh4T12gPFoMO6VSwzPso862bdN6vetSai3ZO+/1
o7legjpkeTrCdvLlAeZBJH4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org