Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oRPLHmyX-nmsG16PUEfa61S9btM.roa
File: oRPLHmyX-nmsG16PUEfa61S9btM.roa (raw, json)
Hash identifier: YGJFE9WjFfrwhBZYB9x6IpzS7URBEQR5w1jMuOmgD8Y=
Subject key identifier: A1:13:CB:1E:6C:97:FA:79:AC:1B:5E:8F:50:47:DA:EB:54:BD:6E:D3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184C275A8C9F1E43F02BF939CC4240D0EE4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oRPLHmyX-nmsG16PUEfa61S9btM.roa
Signing time: Tue 29 Nov 2022 08:16:41 +0000
ROA not before: Tue 29 Nov 2022 08:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
195.58.56.0/23 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:75:a8:c9:f1:e4:3f:02:bf:93:9c:c4:24:0d:0e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 29 08:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a113cb1e6c97fa79ac1b5e8f5047daeb54bd6ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:11:f3:84:a9:7c:2c:f6:c6:39:79:0b:60:99:
4b:39:42:21:41:5c:8b:3c:2c:97:47:c0:fd:f7:aa:
23:d6:df:23:a6:45:93:11:34:d5:3f:0b:c7:21:a4:
22:38:da:33:d1:1e:62:f4:22:dc:c0:7c:bb:45:fa:
3b:1b:58:53:38:1b:04:ec:b8:c4:a8:e2:50:ea:a0:
c9:a8:fd:4c:cb:80:d5:b5:bd:98:fe:ac:41:9f:f7:
b9:8e:fd:dd:d0:e9:fa:17:17:56:b4:33:38:b1:16:
45:50:ce:fb:85:13:15:8f:fc:77:41:73:bd:49:70:
90:8b:c8:7e:eb:07:64:e4:e4:17:6d:74:b4:f6:76:
f1:13:9e:b8:67:ed:40:24:7c:a4:4a:73:f3:8a:fe:
63:c6:27:55:dc:64:d6:2f:93:7d:e8:4c:9d:7e:8c:
f4:22:83:4d:33:d5:14:2b:46:b6:7d:ae:23:18:de:
dc:ee:0c:0d:05:17:2c:87:94:25:fb:52:57:7c:83:
a4:f3:da:2a:ee:9f:00:39:d3:89:ee:f8:89:c5:e1:
27:7e:f5:5a:7e:64:c5:97:75:a6:ec:52:6a:77:40:
11:77:17:ab:15:82:84:a3:49:ea:3a:af:94:cc:bc:
2e:0b:09:0d:20:18:b0:74:16:9f:f0:e1:9e:b5:eb:
87:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:13:CB:1E:6C:97:FA:79:AC:1B:5E:8F:50:47:DA:EB:54:BD:6E:D3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oRPLHmyX-nmsG16PUEfa61S9btM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.18.0/24
193.124.90.0/24
193.124.133.0/24
193.124.200.0/24
194.58.40.0/24
194.58.46.0/24
194.58.59.0/24
194.87.122.0/24
194.87.124.0/23
194.87.200.0/24
194.87.223.0/24
194.87.226.0/24
194.87.233.0/24
194.87.252.0/24
195.58.54.0/24
195.58.56.0/23
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0-212.192.10.255
Signature Algorithm: sha256WithRSAEncryption
4b:80:7b:a1:9e:a0:8b:c1:d4:8a:2d:0b:8d:c6:b7:78:f0:09:
90:10:a8:10:23:f0:7c:e1:01:32:4f:53:7f:de:07:fe:e9:5d:
7f:c2:89:85:26:c6:3e:05:29:2c:c1:f9:84:a7:9b:12:24:d6:
8c:94:c6:84:81:ef:d8:e4:6e:cf:b7:8a:fc:0a:62:8d:c7:0a:
89:3c:6d:f7:f3:0d:8e:a3:ef:b2:28:f3:6e:3d:a4:14:0f:eb:
a5:cd:52:b4:18:3c:1d:b6:60:48:ee:ff:c3:a4:8c:8f:61:94:
65:8f:3d:d0:9e:8a:f9:48:24:de:3c:2e:5f:7d:26:e8:7a:d9:
50:88:86:1b:0f:e4:d4:10:a8:52:b5:44:56:b8:14:1e:8d:a9:
fb:3f:28:17:5f:15:39:b0:89:37:28:86:cb:57:d0:9c:fa:e9:
0f:d4:26:79:a8:cf:19:e9:57:f1:e7:81:9b:61:5a:d8:93:99:
5c:b7:1c:3c:3c:16:ee:ff:67:c2:4c:c6:d8:18:a1:1e:b6:99:
f5:83:79:77:aa:0c:26:56:b1:23:1d:43:51:ce:5e:fd:0d:cb:
0a:be:11:9a:85:2e:f3:7d:56:ba:4e:1d:d4:67:1d:14:1c:a9:
50:96:fb:50:47:4f:88:54:7b:6e:6d:6d:ad:25:7e:a6:41:9e:
d6:6a:5f:a1
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYTCdajJ8eQ/Ar+TnMQkDQ7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTI5MDgxNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTEzY2IxZTZjOTdmYTc5YWMxYjVlOGY1MDQ3ZGFlYjU0YmQ2ZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBHzhKl8LPbGOXkLYJlLOUIhQVyL
PCyXR8D996oj1t8jpkWTETTVPwvHIaQiONoz0R5i9CLcwHy7Rfo7G1hTOBsE7LjE
qOJQ6qDJqP1My4DVtb2Y/qxBn/e5jv3d0On6FxdWtDM4sRZFUM77hRMVj/x3QXO9
SXCQi8h+6wdk5OQXbXS09nbxE564Z+1AJHykSnPziv5jxidV3GTWL5N96Eydfoz0
IoNNM9UUK0a2fa4jGN7c7gwNBRcsh5Ql+1JXfIOk89oq7p8AOdOJ7viJxeEnfvVa
fmTFl3Wm7FJqd0ARdxerFYKEo0nqOq+UzLwuCwkNIBiwdBaf8OGeteuHuwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFKETyx5sl/p5rBtej1BH2utUvW7TMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb1JQTEhteVgtbm1zRzE2UFVFZmE2MVM5YnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EgMEAMF8WgMEAMF8hQMEAMF8yAME
AMI6KAMEAMI6LgMEAMI6OwMEAMJXegMEAcJXfAMEAMJXyAMEAMJX3wMEAMJX4gME
AMJX6QMEAMJX/AMEAMM6NgMEAcM6OAMEAMOFTAMEAMOFwQMEANTABTAMAwQA1MAJ
AwQA1MAKMA0GCSqGSIb3DQEBCwUAA4IBAQBLgHuhnqCLwdSKLQuNxrd48AmQEKgQ
I/B84QEyT1N/3gf+6V1/womFJsY+BSkswfmEp5sSJNaMlMaEge/Y5G7Pt4r8CmKN
xwqJPG338w2Oo++yKPNuPaQUD+ulzVK0GDwdtmBI7v/DpIyPYZRljz3Qnor5SCTe
PC5ffSboetlQiIYbD+TUEKhStURWuBQejan7PygXXxU5sIk3KIbLV9Cc+ukP1CZ5
qM8Z6Vfx54GbYVrYk5lctxw8PBbu/2fCTMbYGKEetpn1g3l3qgwmVrEjHUNRzl79
DcsKvhGahS7zfVa6Th3UZx0UHKlQlvtQR0+IVHtubW2tJX6mQZ7Wal+h
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org