Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qz0rBBoBgcnkB_KsEm6WRCJhXYc.roa
File: qz0rBBoBgcnkB_KsEm6WRCJhXYc.roa (raw, json)
Hash identifier: br1E/ETRmQ/F5AxnUxi95Q7bt+YKL1IuZNt2cJJHjBE=
Subject key identifier: AB:3D:2B:04:1A:01:81:C9:E4:07:F2:AC:12:6E:96:44:22:61:5D:87
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018262E1864738021BFA7FFAD1986D19F79E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qz0rBBoBgcnkB_KsEm6WRCJhXYc.roa
Signing time: Wed 03 Aug 2022 08:45:23 +0000
ROA not before: Wed 03 Aug 2022 08:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
195.133.77.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.32.0/22 maxlen: 24
195.133.12.0/22 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/23 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.188.0/22 maxlen: 22
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
194.87.116.0/22 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:e1:86:47:38:02:1b:fa:7f:fa:d1:98:6d:19:f7:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 3 08:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab3d2b041a0181c9e407f2ac126e964422615d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0b:ba:fe:e2:9e:55:55:f7:18:1e:10:86:4d:
00:6f:17:c8:b4:d5:9f:73:6c:5c:9a:6e:3c:4d:ec:
f5:32:48:36:46:da:45:eb:ea:cd:39:d1:13:0b:44:
b1:38:88:d1:9f:e1:1d:b9:f3:eb:25:a8:8e:a4:b7:
bf:bb:1b:21:0a:3a:00:8b:fe:3f:38:83:25:db:58:
81:17:92:e9:c9:07:c6:6e:40:53:65:af:db:3a:fc:
d8:8b:59:72:2e:49:ac:cc:8e:3c:a5:5b:eb:07:68:
1b:6c:5f:78:eb:25:83:0d:9b:05:4a:d9:00:e8:81:
52:00:76:e7:fd:cb:7f:e7:e9:e1:8b:21:27:dd:c6:
e9:2b:1b:35:f8:e4:a2:48:b3:fd:62:a9:b3:d8:34:
e8:30:e0:79:21:0e:ff:17:0f:8e:89:13:37:84:c1:
6d:05:76:fa:b4:78:52:2e:e2:bc:20:e8:e7:92:1f:
db:d0:96:e7:20:92:d8:0a:49:07:a0:b7:32:54:33:
a3:21:0e:5b:7a:3e:2d:77:73:92:8e:13:f2:43:e1:
05:7e:3f:49:cd:a8:43:ed:92:d6:af:98:53:b9:3d:
05:8d:84:2a:43:b0:d6:69:78:a3:65:83:83:65:02:
cc:62:07:2d:fb:c0:44:ae:90:4e:1f:08:bf:5d:11:
3a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3D:2B:04:1A:01:81:C9:E4:07:F2:AC:12:6E:96:44:22:61:5D:87
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qz0rBBoBgcnkB_KsEm6WRCJhXYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.188.0/22
192.124.209.0/24
193.124.3.0/24
193.124.203.0/24
194.87.1.0/24
194.87.24.0/22
194.87.32.0/22
194.87.64.0/24
194.87.116.0/22
194.87.179.0/24
194.87.187.0/24
194.87.219.0/24
194.87.222.0/23
194.135.23.0/24
195.133.12.0/22
195.133.77.0/24
195.133.80.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:91:3f:41:22:fa:64:ac:f9:5d:78:ca:dd:3e:df:a9:57:04:
b0:42:fd:45:b0:a6:ee:45:6b:49:03:58:ac:14:32:af:45:40:
cf:52:7e:12:3c:59:7e:ef:a6:0f:62:c7:f6:0a:3f:5a:52:dc:
f9:2e:b8:9d:09:8a:a0:04:04:18:27:ae:3d:ef:d3:a7:b5:44:
c1:3c:20:e9:ae:b8:23:e2:48:0c:e7:b9:3a:6c:9a:29:77:e8:
d2:39:76:94:ef:4b:4a:55:55:ae:6f:c0:3c:eb:b7:0b:8b:b8:
c3:77:aa:7b:cb:af:1b:bd:b3:7e:5e:44:28:c5:84:c3:f0:af:
99:11:52:7d:d6:85:51:d9:0d:6b:69:55:c3:8a:82:43:ef:5a:
cc:0f:a0:1b:a6:69:8a:b8:0e:4f:70:f0:28:6e:05:42:ad:6f:
5c:f6:78:5e:76:c9:14:27:97:8b:9b:48:3b:f5:79:a2:52:df:
ce:b5:54:45:97:14:3a:7b:70:31:4b:16:47:ca:0c:8b:92:ad:
b4:1b:84:f0:14:ce:ad:1d:c6:57:9e:86:89:52:10:bc:71:15:
fb:c2:a4:fd:0b:54:fc:10:05:dd:b6:eb:c9:87:ab:69:47:66:
fa:aa:62:40:a2:1b:f8:41:9f:54:fb:d2:28:59:fc:35:ff:5b:
77:86:f1:1f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYJi4YZHOAIb+n/60ZhtGfeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODAzMDg0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNkMmIwNDFhMDE4MWM5ZTQwN2YyYWMxMjZlOTY0NDIyNjE1ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQu6/uKeVVX3GB4Qhk0AbxfItNWf
c2xcmm48Tez1Mkg2RtpF6+rNOdETC0SxOIjRn+EdufPrJaiOpLe/uxshCjoAi/4/
OIMl21iBF5LpyQfGbkBTZa/bOvzYi1lyLkmszI48pVvrB2gbbF946yWDDZsFStkA
6IFSAHbn/ct/5+nhiyEn3cbpKxs1+OSiSLP9Yqmz2DToMOB5IQ7/Fw+OiRM3hMFt
BXb6tHhSLuK8IOjnkh/b0JbnIJLYCkkHoLcyVDOjIQ5bej4td3OSjhPyQ+EFfj9J
zahD7ZLWr5hTuT0FjYQqQ7DWaXijZYODZQLMYgct+8BErpBOHwi/XRE6VQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKs9KwQaAYHJ5AfyrBJulkQiYV2HMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcXowckJCb0JnY25rQl9Lc0VtNldSQ0poWFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAMB8
rQMEAMB8sgMEAsB8tAMEAsB8vAMEAMB80QMEAMF8AwMEAMF8ywMEAMJXAQMEAsJX
GAMEAsJXIAMEAMJXQAMEAsJXdAMEAMJXswMEAMJXuwMEAMJX2wMEAcJX3gMEAMKH
FwMEAsOFDAMEAMOFTQMEAMOFUAMEANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAWpE/
QSL6ZKz5XXjK3T7fqVcEsEL9RbCm7kVrSQNYrBQyr0VAz1J+EjxZfu+mD2LH9go/
WlLc+S64nQmKoAQEGCeuPe/Tp7VEwTwg6a64I+JIDOe5OmyaKXfo0jl2lO9LSlVV
rm/APOu3C4u4w3eqe8uvG72zfl5EKMWEw/CvmRFSfdaFUdkNa2lVw4qCQ+9azA+g
G6ZpirgOT3DwKG4FQq1vXPZ4XnbJFCeXi5tIO/V5olLfzrVURZcUOntwMUsWR8oM
i5KttBuE8BTOrR3GV56GiVIQvHEV+8Kk/QtU/BAF3bbryYeraUdm+qpiQKIb+EGf
VPvSKFn8Nf9bd4bxHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org