Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o1znizJqfRY27efHK1bjuvdPFGM.roa
File: o1znizJqfRY27efHK1bjuvdPFGM.roa (raw, json)
Hash identifier: 3uxOkDeI0t+zfKv7RHvY6dN37vXjONpdm+g5D1CGopg=
Subject key identifier: A3:5C:E7:8B:32:6A:7D:16:36:ED:E7:C7:2B:56:E3:BA:F7:4F:14:63
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01850BBCB3D3CC5FB15247E908C85BF48337
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o1znizJqfRY27efHK1bjuvdPFGM.roa
Signing time: Tue 13 Dec 2022 13:46:34 +0000
ROA not before: Tue 13 Dec 2022 13:46:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.164.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:bc:b3:d3:cc:5f:b1:52:47:e9:08:c8:5b:f4:83:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 13:46:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a35ce78b326a7d1636ede7c72b56e3baf74f1463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c1:48:07:4b:cb:fe:20:1f:32:fc:d3:d4:8a:
84:7c:16:39:df:1a:fd:95:84:7d:69:46:3c:cf:b6:
ec:25:8a:15:d9:05:a6:f1:6f:1e:b8:1f:01:54:b9:
f6:fb:f8:81:fe:47:cd:2c:4b:6e:73:c4:c8:62:ca:
f5:b7:3e:a2:08:de:f2:8e:27:ac:40:59:2a:47:4e:
81:d7:48:24:b1:02:ce:8d:b1:21:27:73:09:18:1d:
93:92:11:7b:be:46:16:35:39:22:82:09:61:56:70:
e1:dc:88:c4:3b:52:3d:05:ad:d4:4c:ae:ff:38:4f:
ea:11:74:fb:96:de:a5:45:51:12:2f:56:ba:2b:2a:
e6:6d:fd:02:52:3b:d6:24:16:8e:ae:06:e0:76:5d:
79:8f:90:9d:a5:55:66:26:cf:07:50:2f:19:23:a4:
46:ba:42:54:22:37:3e:17:c1:4f:0c:0e:48:1e:8c:
8e:10:62:1b:d7:4c:bc:43:58:dd:9d:06:92:8a:be:
82:13:cc:f2:d5:5e:38:19:c9:39:28:ad:6d:63:62:
14:cf:bb:46:1d:81:80:5e:a8:08:1a:6b:f2:d9:a0:
d0:1c:17:80:7e:42:20:b1:fa:84:a2:b2:4e:51:c9:
12:cd:cf:96:14:d7:9b:18:06:ae:3c:c3:8b:6c:fd:
2c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5C:E7:8B:32:6A:7D:16:36:ED:E7:C7:2B:56:E3:BA:F7:4F:14:63
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o1znizJqfRY27efHK1bjuvdPFGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.149.0/24
194.87.160.0/23
194.87.163.0-194.87.165.255
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.198.0/23
194.87.202.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.87.250.0/24
194.135.30.0/24
195.58.50.0/24
195.58.56.0/21
195.133.12.0/24
195.133.30.0/24
195.133.55.0/24
195.133.195.0/24
212.192.10.0/24
212.192.210.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:0d:b5:95:0c:71:d2:b9:8b:8a:a3:55:71:6f:cb:ca:96:7a:
ea:a4:59:7f:aa:c7:51:a8:b5:d3:0e:e0:06:d2:fd:99:a7:db:
30:8d:34:5a:cb:6d:82:48:22:b2:12:8f:d6:15:35:c4:05:c1:
2c:e4:6a:b7:0a:0d:e9:9b:ae:7a:2d:6a:0d:de:4e:62:03:cc:
7a:8c:c2:88:45:f6:bf:4d:35:b9:3b:f2:84:80:31:41:5e:d7:
4a:ff:13:41:a1:7f:2e:e7:72:69:73:a4:1a:71:9f:e7:12:28:
dc:63:6a:0b:f8:70:39:b2:58:03:a7:37:f9:bc:6a:81:22:8d:
ae:27:e1:91:99:1e:85:e9:25:fd:f8:39:5a:1a:7a:eb:96:8e:
b1:d9:73:a9:b0:85:16:dd:37:02:f8:b5:fc:04:7c:80:5a:f3:
89:8d:30:11:2d:ae:fb:8c:6b:fe:4b:98:a1:b9:ea:9a:c1:d9:
1a:8c:16:6f:a1:f3:8b:a7:81:7d:0f:18:94:c8:01:98:4e:c4:
e6:3d:b4:40:d9:98:2f:25:6a:32:10:50:4d:ba:83:1b:5b:c8:
31:33:a6:37:a0:62:c4:f3:28:d5:c6:40:26:68:30:d2:df:b4:
a5:02:28:c9:8a:2e:ab:c2:e4:c3:f6:b4:cb:31:18:da:bc:40:
c3:2c:d9:7a
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAYULvLPTzF+xUkfpCMhb9IM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjEzMTM0NjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVjZTc4YjMyNmE3ZDE2MzZlZGU3YzcyYjU2ZTNiYWY3NGYxNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMFIB0vL/iAfMvzT1IqEfBY53xr9
lYR9aUY8z7bsJYoV2QWm8W8euB8BVLn2+/iB/kfNLEtuc8TIYsr1tz6iCN7yjies
QFkqR06B10gksQLOjbEhJ3MJGB2TkhF7vkYWNTkigglhVnDh3IjEO1I9Ba3UTK7/
OE/qEXT7lt6lRVESL1a6Kyrmbf0CUjvWJBaOrgbgdl15j5CdpVVmJs8HUC8ZI6RG
ukJUIjc+F8FPDA5IHoyOEGIb10y8Q1jdnQaSir6CE8zy1V44Gck5KK1tY2IUz7tG
HYGAXqgIGmvy2aDQHBeAfkIgsfqEorJOUckSzc+WFNebGAauPMOLbP0s4QIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFKNc54syan0WNu3nxytW47r3TxRjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbzF6bml6SnFmUlkyN2VmSEsxYmp1dmRQRkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8CQMEAMF8EgMEAMF8
yQMEAMF8ywMEAMF8zwMEAMI6JgMEAcI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQA
wlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwldsAwQAwld2AwQA
wld7AwQAwleIAwQAwleVAwQBwlegMAwDBADCV6MDBAHCV6QwDAMEAMJXqwMEAMJX
rAMEAMJXsAMEAcJXxgMEAMJXyjAMAwQAwlfPAwQBwlfQAwQBwlfeAwQAwlfpAwQA
wlf6AwQAwoceAwQAwzoyAwQDwzo4AwQAw4UMAwQAw4UeAwQAw4U3AwQAw4XDAwQA
1MAKAwQA1MDSAwQA1MDeAwQA1MEAAwQA1MEMAwQA1MEOMA0GCSqGSIb3DQEBCwUA
A4IBAQBKDbWVDHHSuYuKo1Vxb8vKlnrqpFl/qsdRqLXTDuAG0v2Zp9swjTRay22C
SCKyEo/WFTXEBcEs5Gq3Cg3pm656LWoN3k5iA8x6jMKIRfa/TTW5O/KEgDFBXtdK
/xNBoX8u53Jpc6QacZ/nEijcY2oL+HA5slgDpzf5vGqBIo2uJ+GRmR6F6SX9+Dla
Gnrrlo6x2XOpsIUW3TcC+LX8BHyAWvOJjTARLa77jGv+S5ihueqawdkajBZvofOL
p4F9DxiUyAGYTsTmPbRA2ZgvJWoyEFBNuoMbW8gxM6Y3oGLE8yjVxkAmaDDS37Sl
AijJii6rwuTD9rTLMRjavEDDLNl6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org