Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o-udFK5d4jANScVE9dI4aOGMWg8.roa
File: o-udFK5d4jANScVE9dI4aOGMWg8.roa (raw, json)
Hash identifier: r4hRp9JaiWroyghftBKRBBIoKOmQa7yJBC/ljFw4cdg=
Subject key identifier: A3:EB:9D:14:AE:5D:E2:30:0D:49:C5:44:F5:D2:38:68:E1:8C:5A:0F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184CD7B4E2B7385312E914B2D2D2E6517EF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o-udFK5d4jANScVE9dI4aOGMWg8.roa
Signing time: Thu 01 Dec 2022 11:38:40 +0000
ROA not before: Thu 01 Dec 2022 11:38:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:7b:4e:2b:73:85:31:2e:91:4b:2d:2d:2e:65:17:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 1 11:38:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3eb9d14ae5de2300d49c544f5d23868e18c5a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:94:22:d6:c5:3b:13:84:a8:13:eb:c9:61:
79:38:ba:40:cb:1a:d4:d3:8d:c2:74:ee:9f:d6:d7:
fe:bb:70:65:05:12:55:f6:8c:23:2c:62:8a:29:40:
ff:85:8d:eb:84:b8:71:88:d6:e7:ca:d3:3a:e0:bf:
95:7d:91:7f:d9:0b:21:bb:f2:27:5d:a0:6d:ea:98:
5e:38:3c:f5:7b:94:84:7d:c8:1e:c5:47:b9:9a:6d:
94:51:44:c7:82:f1:05:46:5b:0e:62:2f:9d:53:b0:
51:3f:95:a9:a0:44:36:47:01:05:d5:d8:a3:1f:44:
18:4b:c5:96:44:10:18:0a:e5:31:88:ac:6a:a9:c8:
58:8b:af:7e:b4:27:63:a7:ec:9c:3c:98:ef:c3:83:
34:5d:2d:5e:03:8d:07:31:97:4a:58:73:18:ca:3b:
37:79:f4:3e:34:07:b2:f5:d4:2d:d5:17:48:08:20:
76:28:8c:fe:d6:65:15:4c:54:30:6f:3a:91:9e:05:
68:0a:fe:6a:67:61:4b:a7:c5:7a:e8:b4:ee:1b:4c:
07:86:b1:d7:54:e0:56:90:9e:eb:9c:d2:77:c2:0c:
76:d3:d2:ae:63:35:3b:63:0b:a0:e8:52:87:c0:0a:
aa:fa:59:af:b7:ba:65:62:02:51:d0:03:6e:cd:aa:
c2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EB:9D:14:AE:5D:E2:30:0D:49:C5:44:F5:D2:38:68:E1:8C:5A:0F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o-udFK5d4jANScVE9dI4aOGMWg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/23
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.45.0/24
193.124.201.0/24
193.124.203.0/24
193.124.205.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.32.0/24
194.87.36.0/24
194.87.56.0/24
194.87.64.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/23
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.170.0/23
194.87.176.0/24
194.87.191.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
212.192.6.0/24
212.192.10.0/24
212.192.208.0-212.192.210.255
212.192.222.0/24
212.193.0.0/24
212.193.6.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
73:fe:b5:ad:13:1a:51:cf:dc:16:2b:2e:27:23:a8:1f:26:3c:
40:4c:44:b5:1e:9b:e3:5b:09:38:d5:0f:95:9e:3f:24:c7:eb:
ef:d8:56:3a:04:8e:c1:e6:40:61:f0:8d:7f:2a:d9:54:99:71:
82:04:09:e3:c0:b0:7c:f9:eb:0d:3d:d8:ed:f7:0f:6e:79:2b:
3b:1e:4c:52:37:ce:5c:ce:3f:e1:e2:c2:f9:87:2e:22:ac:ad:
71:cd:75:77:d2:bc:e4:3f:56:de:cf:82:fd:3a:51:1a:ce:85:
05:70:9d:d3:a7:49:e5:78:24:4f:96:b6:22:e0:87:eb:19:52:
67:fc:8b:53:e7:7b:53:ca:d4:0b:16:15:8b:25:82:21:fc:0a:
00:c3:b8:1b:28:60:53:fd:89:e1:de:52:0a:5b:29:80:81:01:
9f:11:0a:ca:55:84:45:5a:38:3e:44:5f:60:91:57:fc:6a:30:
bd:fc:29:bf:66:12:ae:bc:07:a7:81:c4:88:1c:8a:16:a9:2b:
c5:b1:0a:c4:3c:84:10:4d:1a:7d:d2:24:51:bf:0a:8b:c6:7d:
f7:00:de:fd:87:89:f4:68:ad:72:02:12:51:d5:dd:b3:a2:97:
8e:1e:85:88:c2:29:df:6b:76:87:f3:9b:00:11:08:b6:05:70:
84:1c:01:63
-----BEGIN CERTIFICATE-----
MIIGdzCCBV+gAwIBAgISAYTNe04rc4UxLpFLLS0uZRfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjAxMTEzODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ViOWQxNGFlNWRlMjMwMGQ0OWM1NDRmNWQyMzg2OGUxOGM1YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEOUItbFOxOEqBPryWF5OLpAyxrU
043CdO6f1tf+u3BlBRJV9owjLGKKKUD/hY3rhLhxiNbnytM64L+VfZF/2Qshu/In
XaBt6pheODz1e5SEfcgexUe5mm2UUUTHgvEFRlsOYi+dU7BRP5WpoEQ2RwEF1dij
H0QYS8WWRBAYCuUxiKxqqchYi69+tCdjp+ycPJjvw4M0XS1eA40HMZdKWHMYyjs3
efQ+NAey9dQt1RdICCB2KIz+1mUVTFQwbzqRngVoCv5qZ2FLp8V66LTuG0wHhrHX
VOBWkJ7rnNJ3wgx209KuYzU7Ywug6FKHwAqq+lmvt7plYgJR0ANuzarCcQIDAQAB
o4IDgzCCA38wHQYDVR0OBBYEFKPrnRSuXeIwDUnFRPXSOGjhjFoPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvby11ZEZLNWQ0akFOU2NWRTlkSTRhT0dNV2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlwYIKwYBBQUHAQcBAf8EggGGMIIBgjCCAX4EAgABMIIB
dgMEAD5M5wMEAcB8rAMEAMB8sgMEAsB8tAMEAMB80QMEAMFscAMEAMF8AwMEAMF8
CQMEAMF8EgMEAMF8LQMEAMF8yQMEAMF8ywMEAMF8zQMEAMF8zwMEAMI6JgMEAcI6
KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlcgAwQAwlckAwQA
wlc4AwQAwldAAwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQAwld7AwQB
wleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6QDBAHCV6oDBADCV7ADBADCV78D
BAHCV8YDBADCV8owDAMEAMJXzwMEAcJX0AMEAcJX3gMEAMJX6QMEAMJX+gMEAMKH
HgMEAMM6MgMEA8M6OAMEAMOFDAMEAMOFHgMEAMOFNwMEANTABgMEANTACjAMAwQE
1MDQAwQA1MDSAwQA1MDeAwQA1MEAAwQA1MEGAwQA1MEMAwQA1MEOMA0GCSqGSIb3
DQEBCwUAA4IBAQBz/rWtExpRz9wWKy4nI6gfJjxATES1HpvjWwk41Q+Vnj8kx+vv
2FY6BI7B5kBh8I1/KtlUmXGCBAnjwLB8+esNPdjt9w9ueSs7HkxSN85czj/h4sL5
hy4irK1xzXV30rzkP1bez4L9OlEazoUFcJ3Tp0nleCRPlrYi4IfrGVJn/ItT53tT
ytQLFhWLJYIh/AoAw7gbKGBT/Ynh3lIKWymAgQGfEQrKVYRFWjg+RF9gkVf8ajC9
/Cm/ZhKuvAengcSIHIoWqSvFsQrEPIQQTRp90iRRvwqLxn33AN79h4n0aK1yAhJR
1d2zopeOHoWIwinfa3aH85sAEQi2BXCEHAFj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org