Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o-J-yhtVzSF6tw_Qmyqw0PpVboA.roa
File: o-J-yhtVzSF6tw_Qmyqw0PpVboA.roa (raw, json)
Hash identifier: KJ4+Bh9kIIwKbSNiw1OIDdJ+7TSG+t/mxmknCdWnydo=
Subject key identifier: A3:E2:7E:CA:1B:55:CD:21:7A:B7:0F:D0:9B:2A:B0:D0:FA:55:6E:80
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184321E311961C350035F6D6BC597574442
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o-J-yhtVzSF6tw_Qmyqw0PpVboA.roa
Signing time: Tue 01 Nov 2022 07:35:50 +0000
ROA not before: Tue 01 Nov 2022 07:35:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:1e:31:19:61:c3:50:03:5f:6d:6b:c5:97:57:44:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 07:35:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3e27eca1b55cd217ab70fd09b2ab0d0fa556e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:70:60:01:21:fe:9e:bc:61:ad:f5:86:da:
64:cc:2f:94:53:e5:ab:6c:14:47:21:88:82:56:cf:
6e:22:b1:16:87:14:9d:82:74:2c:cb:1d:f7:77:0a:
b5:bd:e0:65:7d:5a:4c:e0:3d:6a:17:e2:4a:62:02:
93:89:75:b1:86:fc:00:36:2d:64:19:0c:a4:05:14:
07:ce:0f:90:06:5c:a9:75:5e:6a:83:2c:b0:76:0c:
06:9b:cc:78:3e:01:68:9f:e6:e4:79:b2:bf:2d:87:
c8:6e:f0:0d:a9:e4:3b:e5:b5:3c:93:12:e3:cd:b3:
3f:97:bb:a7:ae:69:91:ea:10:5d:e0:24:31:b6:be:
0a:f7:db:53:e4:f5:d2:86:94:8b:c1:a4:79:52:aa:
06:ea:4f:4e:32:b8:df:0a:36:be:73:0b:2e:32:64:
fe:2e:08:4d:16:46:98:c1:f3:ba:03:69:3e:87:74:
9b:30:f2:06:aa:61:c3:78:76:0f:52:e8:1c:21:17:
0e:15:26:2a:67:19:8e:55:72:62:8f:b2:4f:62:fd:
d7:99:c5:7b:37:fc:28:61:4b:1f:cf:cf:7b:ad:a2:
66:c9:75:5b:02:53:8e:bd:89:77:7d:38:22:3c:c5:
28:28:2c:9f:51:a7:ce:5f:05:3c:5d:97:70:bb:bf:
59:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E2:7E:CA:1B:55:CD:21:7A:B7:0F:D0:9B:2A:B0:D0:FA:55:6E:80
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o-J-yhtVzSF6tw_Qmyqw0PpVboA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.203.0/24
194.58.45.0/24
194.87.1.0/24
194.87.3.0/24
194.87.16.0/24
194.87.24.0/22
194.87.104.0/24
194.87.118.0/24
194.87.165.0-194.87.166.255
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.135.30.0/24
195.58.56.0/21
195.133.55.0/24
195.133.76.0/24
212.192.10.0/24
212.193.0.0/24
212.193.2.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
55:dc:41:01:e3:cf:21:de:bc:f0:6a:02:84:1f:9a:9d:d5:57:
5c:04:2c:da:8c:f0:c8:4f:02:d5:f7:df:7e:cb:4c:49:2d:1d:
de:84:fc:cd:44:3c:2e:cd:60:7f:e9:13:13:c8:a4:b3:9b:df:
58:1f:b8:e7:42:b3:12:bc:cc:5d:40:19:99:c8:63:75:66:7f:
2c:42:de:7a:19:f7:b2:a2:d9:29:ee:79:a1:38:d9:d4:6e:bd:
6b:f5:79:6d:e9:c1:53:e8:bc:0a:14:84:14:3f:cd:2b:4d:03:
7d:4a:48:8d:2d:98:bb:9c:8c:ad:98:e9:6e:b4:be:ba:f7:b9:
c7:09:f3:84:f1:e2:cc:ab:d2:07:a3:02:48:80:1f:d6:0f:9b:
46:ce:8e:b6:48:87:d6:be:7c:e3:98:04:ef:e5:65:6e:46:27:
fd:4c:1b:ea:3c:2b:9c:59:7c:af:74:21:88:36:b8:87:a0:8b:
c9:4b:ae:aa:06:58:98:c5:c6:90:42:e4:c0:78:dc:43:77:53:
2e:00:9e:72:41:ff:2a:77:a3:24:01:65:a6:f6:19:44:81:95:
4e:82:44:4a:44:2e:af:9f:64:0a:91:51:dc:d7:1e:b3:0e:90:
dc:a1:74:49:83:23:28:51:69:fb:11:22:55:3b:5b:8e:bb:b1:
7d:5c:e5:91
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYQyHjEZYcNQA19ta8WXV0RCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAxMDczNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2UyN2VjYTFiNTVjZDIxN2FiNzBmZDA5YjJhYjBkMGZhNTU2ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidNwYAEh/p68Ya31htpkzC+UU+Wr
bBRHIYiCVs9uIrEWhxSdgnQsyx33dwq1veBlfVpM4D1qF+JKYgKTiXWxhvwANi1k
GQykBRQHzg+QBlypdV5qgyywdgwGm8x4PgFon+bkebK/LYfIbvANqeQ75bU8kxLj
zbM/l7unrmmR6hBd4CQxtr4K99tT5PXShpSLwaR5UqoG6k9OMrjfCja+cwsuMmT+
LghNFkaYwfO6A2k+h3SbMPIGqmHDeHYPUugcIRcOFSYqZxmOVXJij7JPYv3XmcV7
N/woYUsfz897raJmyXVbAlOOvYl3fTgiPMUoKCyfUafOXwU8XZdwu79ZXQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFKPifsobVc0hercP0JsqsND6VW6AMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvby1KLXlodFZ6U0Y2dHdfUW15cXcwUHBWYm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAA+
TOUDBAA+TOcDBADAfK0DBALAfLQDBADAfNEDBADBbHADBADBfAMDBADBfMsDBADC
Oi0DBADCVwEDBADCVwMDBADCVxADBALCVxgDBADCV2gDBADCV3YwDAMEAMJXpQME
AMJXpgMEAMJXqgMEAMJXswMEAMJXxjAMAwQAwlfPAwQBwlfQAwQBwlfeAwQAwoce
AwQDwzo4AwQAw4U3AwQAw4VMAwQA1MAKAwQA1MEAAwQA1MECAwQA1MEMAwQA1MEP
MA0GCSqGSIb3DQEBCwUAA4IBAQBV3EEB488h3rzwagKEH5qd1VdcBCzajPDITwLV
999+y0xJLR3ehPzNRDwuzWB/6RMTyKSzm99YH7jnQrMSvMxdQBmZyGN1Zn8sQt56
Gfeyotkp7nmhONnUbr1r9Xlt6cFT6LwKFIQUP80rTQN9SkiNLZi7nIytmOlutL66
97nHCfOE8eLMq9IHowJIgB/WD5tGzo62SIfWvnzjmATv5WVuRif9TBvqPCucWXyv
dCGINriHoIvJS66qBliYxcaQQuTAeNxDd1MuAJ5yQf8qd6MkAWWm9hlEgZVOgkRK
RC6vn2QKkVHc1x6zDpDcoXRJgyMoUWn7ESJVO1uOu7F9XOWR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org