Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pjbiidtqh1fW8xRsxNFnZU42t8A.roa
File: pjbiidtqh1fW8xRsxNFnZU42t8A.roa (raw, json)
Hash identifier: yaojLxUTzR7qRjZaDKr3nnZxSUUo2XlQidjITDVvly8=
Subject key identifier: A6:36:E2:89:DB:6A:87:57:D6:F3:14:6C:C4:D1:67:65:4E:36:B7:C0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184762592CD5A991D87C42094AE2A906787
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pjbiidtqh1fW8xRsxNFnZU42t8A.roa
Signing time: Mon 14 Nov 2022 12:38:04 +0000
ROA not before: Mon 14 Nov 2022 12:38:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:25:92:cd:5a:99:1d:87:c4:20:94:ae:2a:90:67:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 12:38:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a636e289db6a8757d6f3146cc4d167654e36b7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7d:08:cb:69:c2:5d:e0:b0:3a:f3:bb:fc:cc:
54:32:6b:4e:6b:bb:2d:21:4b:f1:db:a1:29:5e:f6:
98:cf:53:df:ae:f9:e8:88:c0:e5:14:8a:78:8e:0e:
0a:eb:ec:76:8e:d5:d5:bc:6f:ca:8b:53:af:ff:82:
0e:0a:c5:7d:6a:c3:5f:ae:8c:1b:79:06:90:8d:18:
2d:9a:e3:06:08:e6:8f:fe:bf:86:e2:ea:95:7e:c0:
3d:e5:65:32:28:c7:cc:af:90:92:0b:e4:3d:67:d9:
96:06:1d:14:5c:27:26:4b:8c:49:0b:e4:33:77:9a:
35:81:e7:d9:4c:d9:e2:f4:8d:ae:56:16:48:d1:fa:
d3:83:15:99:63:c1:dc:23:34:29:65:58:a3:42:ca:
6e:98:0b:d9:22:4a:62:ae:b0:35:8b:a1:b2:cb:e1:
e1:58:04:7d:9f:50:fd:d5:18:55:12:4d:42:9d:87:
b4:7b:da:dc:30:fe:1b:80:86:37:a3:e8:41:e3:3b:
d3:0c:0c:f3:80:93:cb:2c:6c:30:15:2d:ee:52:1c:
ed:41:02:dc:cb:09:96:4d:70:01:0d:2f:3a:9f:73:
49:29:60:ee:51:22:a0:d3:e2:72:0c:db:06:34:c5:
4b:51:00:fb:db:dd:41:f6:58:a3:95:aa:71:7d:c0:
af:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:36:E2:89:DB:6A:87:57:D6:F3:14:6C:C4:D1:67:65:4E:36:B7:C0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pjbiidtqh1fW8xRsxNFnZU42t8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.201.0/24
193.124.203.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.1.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.118.0/24
194.87.160.0/24
194.87.163.0/24
194.87.165.0/24
194.87.170.0/24
194.87.179.0/24
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.56.0/21
195.133.30.0/24
195.133.55.0/24
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4d:f2:b0:a9:f3:bc:bc:88:6c:68:42:44:9b:e0:66:33:a7:
6b:6d:59:b3:85:f6:26:0f:8b:5e:5a:b2:c4:e4:48:95:b8:48:
fa:58:68:92:0b:1c:56:f4:af:0d:bf:0c:a4:8f:dd:13:c3:f7:
21:5b:3e:2a:09:50:bb:ab:5d:87:4d:79:cd:0e:a2:90:f8:de:
00:eb:82:e9:28:2b:13:c3:cd:ac:b0:56:b3:3a:d9:11:9c:a3:
26:bd:b9:d3:94:18:9e:2d:55:28:18:91:68:2d:91:52:bf:62:
af:cd:72:24:a9:df:62:a5:c9:1a:00:ed:8a:14:c0:60:cc:31:
13:fc:66:82:89:5d:86:ae:6a:69:2c:21:57:0a:4c:dc:c8:99:
24:bf:7d:83:15:3d:ae:34:1a:52:de:4e:88:2d:25:b5:03:7f:
02:f6:12:1a:55:4b:d8:ac:50:42:46:1d:ec:7a:4c:64:7c:0f:
7d:10:b4:5b:e1:ad:40:74:6b:d3:dc:f5:56:b3:d1:03:d3:85:
c4:e3:17:c9:19:c3:26:cb:87:ed:26:69:ff:d7:16:1a:ff:6d:
65:1a:dc:c5:bf:2e:76:cd:06:9d:7c:8e:a2:53:e7:98:ec:43:
29:70:0f:cb:07:ac:66:12:10:52:9d:c3:cc:0a:9d:58:51:3b:
d5:46:3c:0c
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAYR2JZLNWpkdh8QglK4qkGeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE0MTIzODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjM2ZTI4OWRiNmE4NzU3ZDZmMzE0NmNjNGQxNjc2NTRlMzZiN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX0Iy2nCXeCwOvO7/MxUMmtOa7st
IUvx26EpXvaYz1PfrvnoiMDlFIp4jg4K6+x2jtXVvG/Ki1Ov/4IOCsV9asNfrowb
eQaQjRgtmuMGCOaP/r+G4uqVfsA95WUyKMfMr5CSC+Q9Z9mWBh0UXCcmS4xJC+Qz
d5o1gefZTNni9I2uVhZI0frTgxWZY8HcIzQpZVijQspumAvZIkpirrA1i6Gyy+Hh
WAR9n1D91RhVEk1CnYe0e9rcMP4bgIY3o+hB4zvTDAzzgJPLLGwwFS3uUhztQQLc
ywmWTXABDS86n3NJKWDuUSKg0+JyDNsGNMVLUQD7291B9lijlapxfcCvLwIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFKY24onbaodX1vMUbMTRZ2VONrfAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcGpiaWlkdHFoMWZXOHhSc3hORm5aVTQydDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AD5M5wMEAMB8rQMEAsB8tAMEAMB80QMEAMF8AwMEAMF8CQMEAMF8EgMEAMF8yQME
AMF8ywMEAMI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcBAwQAwlcH
AwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQAwld2AwQAwlegAwQAwlej
AwQAwlelAwQAwleqAwQAwlezAwQAwlfGMAwDBADCV88DBAHCV9ADBAHCV94DBADC
V+kDBADChx4DBAPDOjgDBADDhR4DBADDhTcDBADUwAoDBADUwN4DBADUwQADBADU
wQwwDQYJKoZIhvcNAQELBQADggEBADRN8rCp87y8iGxoQkSb4GYzp2ttWbOF9iYP
i15assTkSJW4SPpYaJILHFb0rw2/DKSP3RPD9yFbPioJULurXYdNec0OopD43gDr
gukoKxPDzaywVrM62RGcoya9udOUGJ4tVSgYkWgtkVK/Yq/NciSp32KlyRoA7YoU
wGDMMRP8ZoKJXYauamksIVcKTNzImSS/fYMVPa40GlLeTogtJbUDfwL2EhpVS9is
UEJGHex6TGR8D30QtFvhrUB0a9Pc9Vaz0QPThcTjF8kZwybLh+0maf/XFhr/bWUa
3MW/LnbNBp18jqJT55jsQylwD8sHrGYSEFKdw8wKnVhRO9VGPAw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:12 2023 by rpki-client on console-fra.rpki-client.org