Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rqwtGU2q1mZBmuN4vPaKdFInEFw.roa
File: rqwtGU2q1mZBmuN4vPaKdFInEFw.roa (raw, json)
Hash identifier: x/Blj6DAz2v9Gyy1skOVW8+ZoicVbtKnG8q3nWPgGAM=
Subject key identifier: AE:AC:2D:19:4D:AA:D6:66:41:9A:E3:78:BC:F6:8A:74:52:27:10:5C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01854A295CBDAE7F9704E35E53A282F6BEEF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rqwtGU2q1mZBmuN4vPaKdFInEFw.roa
Signing time: Sun 25 Dec 2022 16:41:42 +0000
ROA not before: Sun 25 Dec 2022 16:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.52.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4a:29:5c:bd:ae:7f:97:04:e3:5e:53:a2:82:f6:be:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 25 16:41:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aeac2d194daad666419ae378bcf68a745227105c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b9:2b:d0:79:bd:a9:6b:10:f3:b4:e2:89:10:
d9:48:76:29:32:bb:c4:5d:0f:4b:14:85:d2:99:d4:
64:94:e2:17:fd:96:86:98:6f:56:a6:af:f6:7e:01:
5a:86:9c:1e:cf:48:64:81:ef:08:9f:a2:b6:04:56:
d3:14:85:85:b5:0a:7c:a8:e5:32:26:84:88:64:0f:
f6:4a:a6:9b:24:09:80:bb:c3:f0:b0:1a:bb:b3:34:
a3:59:79:f1:d8:2f:16:c8:12:67:f9:3f:53:1a:8a:
8e:64:e4:ef:af:ac:1e:90:05:cb:48:52:a1:c5:d2:
42:b3:98:4d:14:4e:7b:84:c7:a9:ca:cc:7b:ec:82:
63:d6:01:5a:8d:27:98:d2:9a:5c:e1:6d:97:91:99:
1d:e8:91:cc:8e:61:69:22:71:30:81:7a:7f:89:fa:
b5:ff:fa:81:9a:16:b8:7b:5a:2a:00:fe:e7:5b:7b:
b4:82:71:32:6e:3a:87:0a:39:81:59:71:23:22:c2:
be:13:94:4a:53:50:4c:47:96:72:cc:c2:6b:9b:13:
62:a3:86:14:5c:55:cc:81:3b:dc:b4:c8:5b:52:54:
bb:5d:f0:3c:78:28:f6:5f:fe:1c:68:72:e9:11:03:
4f:fb:ed:4c:04:ff:2a:00:af:6b:8b:db:a2:24:34:
84:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AC:2D:19:4D:AA:D6:66:41:9A:E3:78:BC:F6:8A:74:52:27:10:5C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rqwtGU2q1mZBmuN4vPaKdFInEFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:7b:75:fb:68:ca:39:dc:3f:94:46:83:f5:e9:bb:c1:59:d1:
21:8e:41:36:9d:50:49:ed:e9:7e:d4:53:5e:56:ad:14:ea:21:
ca:c2:2d:35:3b:1f:c4:38:0f:e5:95:f3:f2:22:a7:fc:f0:26:
7a:60:4c:0d:b6:98:e1:13:4b:4b:0f:c2:7e:de:b7:bc:6e:90:
68:24:4f:3b:95:b2:ce:87:b8:e5:a2:aa:97:c8:81:82:a8:87:
61:36:d2:78:80:6f:66:e1:13:9c:1a:ef:fb:d1:03:80:b4:e5:
b7:48:3e:7f:da:7c:ed:61:bb:99:53:82:73:33:32:6e:4a:9f:
7c:d8:eb:b6:00:23:9e:cb:45:86:83:17:f9:c5:41:1c:7a:df:
2b:bd:e0:1e:7d:0e:3d:54:3d:ed:5e:bb:b7:a1:85:0e:9f:40:
9d:8c:e0:76:e8:8c:26:51:b8:e3:e9:a9:8d:69:2a:75:49:c4:
aa:e0:e0:9c:fd:69:33:7c:07:ce:50:8e:b7:95:af:5e:68:22:
cf:50:ec:a1:de:9f:69:47:90:55:01:6f:a8:32:e2:f1:b1:31:
5c:1e:1d:88:4f:df:54:28:33:72:90:47:19:f4:5f:3e:55:70:
a2:5e:d8:b6:f1:12:41:f5:77:9a:7f:e3:66:a1:b8:0a:35:1a:
2f:8c:e5:fb
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYVKKVy9rn+XBONeU6KC9r7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjI1MTY0MTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWFjMmQxOTRkYWFkNjY2NDE5YWUzNzhiY2Y2OGE3NDUyMjcxMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrkr0Hm9qWsQ87TiiRDZSHYpMrvE
XQ9LFIXSmdRklOIX/ZaGmG9Wpq/2fgFahpwez0hkge8In6K2BFbTFIWFtQp8qOUy
JoSIZA/2SqabJAmAu8PwsBq7szSjWXnx2C8WyBJn+T9TGoqOZOTvr6wekAXLSFKh
xdJCs5hNFE57hMepysx77IJj1gFajSeY0ppc4W2XkZkd6JHMjmFpInEwgXp/ifq1
//qBmha4e1oqAP7nW3u0gnEybjqHCjmBWXEjIsK+E5RKU1BMR5ZyzMJrmxNio4YU
XFXMgTvctMhbUlS7XfA8eCj2X/4caHLpEQNP++1MBP8qAK9ri9uiJDSE6wIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFK6sLRlNqtZmQZrjeLz2inRSJxBcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcnF3dEdVMnExbVpCbXVONHZQYUtkRkluRUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8CAMEAMF8
EgMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wldsAwQAwld0AwQAwld2AwQAwld7AwQAwleIAwQBwleKAwQAwleVAwQAwlejAwQA
wlelMAwDBADCV6sDBADCV6wDBADCV7ADBADCV7YDBAHCV8YDBADCV8oDBAHCV9AD
BAHCV94DBADCV+kDBADDOjIwDAMEAsM6NAMEBsM6AAMEAMOFDAMEAMOFNwMEAMOF
XgMEAMOFwwMEAdTAAAMEANTACgMEANTA3gMEANTBAAMEANTBDDANBgkqhkiG9w0B
AQsFAAOCAQEAP3t1+2jKOdw/lEaD9em7wVnRIY5BNp1QSe3pftRTXlatFOohysIt
NTsfxDgP5ZXz8iKn/PAmemBMDbaY4RNLSw/Cft63vG6QaCRPO5Wyzoe45aKql8iB
gqiHYTbSeIBvZuETnBrv+9EDgLTlt0g+f9p87WG7mVOCczMybkqffNjrtgAjnstF
hoMX+cVBHHrfK73gHn0OPVQ97V67t6GFDp9AnYzgduiMJlG44+mpjWkqdUnEquDg
nP1pM3wHzlCOt5WvXmgiz1Dsod6faUeQVQFvqDLi8bExXB4diE/fVCgzcpBHGfRf
PlVwol7YtvESQfV3mn/jZqG4CjUaL4zl+w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-ams.rpki-client.org