Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tG0jJwm7MbpClZUKTn6lsJTkOng.roa
File: tG0jJwm7MbpClZUKTn6lsJTkOng.roa (raw, json)
Hash identifier: QuEohrjAaroh9Duq6SoHsHZyrZH4zdKx1pqVmn/0E0o=
Subject key identifier: B4:6D:23:27:09:BB:31:BA:42:95:95:0A:4E:7E:A5:B0:94:E4:3A:78
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01847B8772D656D6E09AB342E0228EE203F3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tG0jJwm7MbpClZUKTn6lsJTkOng.roa
Signing time: Tue 15 Nov 2022 13:43:05 +0000
ROA not before: Tue 15 Nov 2022 13:43:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
195.58.56.0/23 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:87:72:d6:56:d6:e0:9a:b3:42:e0:22:8e:e2:03:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 15 13:43:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b46d232709bb31ba4295950a4e7ea5b094e43a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b3:cf:d7:64:e1:ca:05:98:d6:c6:d6:c9:bf:
ce:b3:39:20:59:76:d9:93:1b:01:fa:09:af:a8:f2:
b7:ef:b2:13:ab:63:fe:fa:cf:2b:e9:43:01:c3:1e:
cd:3f:de:5e:00:83:b6:65:31:00:b5:2f:b7:af:81:
d6:f5:49:95:b7:58:fd:fd:a1:a8:f8:09:68:fe:50:
4f:47:cc:44:a2:44:89:7e:b4:14:ed:77:1a:e1:18:
24:a1:56:93:05:0e:a8:87:5a:69:99:82:f8:ad:e7:
10:9d:1f:30:f6:b2:f8:51:79:00:82:45:f6:66:32:
aa:20:53:75:9d:1d:26:f3:af:1c:2c:c0:3c:78:dd:
8e:44:b8:62:13:24:fd:6b:66:df:10:57:8b:02:c9:
fc:af:24:e0:68:b6:a8:10:d0:36:1c:18:11:57:02:
7e:3a:5e:e7:97:14:6d:2a:22:6d:f0:84:7b:c4:2f:
a3:87:9c:a4:ad:94:67:91:59:61:12:c1:b6:bd:40:
e9:7a:66:7a:6f:61:69:dc:17:06:6b:ad:91:b9:a6:
22:9b:39:3b:78:42:e7:ab:fc:ba:f8:ef:ae:e1:73:
1d:6c:af:4b:13:0c:55:ae:f7:ff:93:c5:a9:90:e2:
2b:8e:c1:ed:ec:2c:cd:13:0a:0e:b6:cf:7d:6f:0b:
70:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6D:23:27:09:BB:31:BA:42:95:95:0A:4E:7E:A5:B0:94:E4:3A:78
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tG0jJwm7MbpClZUKTn6lsJTkOng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.18.0/24
193.124.90.0/24
193.124.133.0/24
193.124.200.0/24
194.58.40.0/24
194.58.46.0/24
194.58.59.0/24
194.87.124.0/23
194.87.199.0-194.87.200.255
194.87.223.0/24
194.87.226.0/24
194.87.233.0/24
194.87.252.0/24
195.58.54.0/24
195.58.56.0/23
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0-212.192.10.255
Signature Algorithm: sha256WithRSAEncryption
87:b5:7d:19:d4:fc:bf:35:ff:99:63:fc:24:d3:14:be:22:50:
ea:b8:48:f7:20:ae:d8:ae:a0:3a:9c:22:f4:38:7d:3a:09:ad:
d5:b6:fc:10:02:72:c8:bc:b1:60:5e:96:9d:df:5c:71:73:49:
3a:29:db:5d:24:bd:22:21:ba:83:7c:f5:dd:76:23:b0:80:e5:
05:fa:25:c8:ef:46:6a:b1:d5:cf:be:71:de:b2:5e:91:35:b3:
57:f3:b1:cf:27:65:cc:38:37:f7:15:2e:3c:a3:59:ce:b2:b0:
76:18:5e:91:fe:f4:45:63:9c:e2:45:d1:de:9d:89:50:22:d9:
c1:13:23:eb:87:b2:d6:2e:c6:1e:0e:01:b6:c9:fd:f1:66:4c:
a3:9e:53:ca:2d:76:ac:43:71:6b:6a:0d:4a:b0:7f:bf:2c:97:
72:6e:93:02:ea:a4:27:65:4f:6e:43:64:d7:aa:8e:b9:a8:8f:
50:9e:72:b8:60:8a:cf:ed:4f:97:79:9a:a9:ed:68:27:40:05:
25:5d:2f:e7:68:8c:67:36:cb:86:c2:3a:f6:e9:02:ae:41:fc:
24:b9:53:90:e1:e7:0c:2b:48:4e:93:4f:a7:bc:df:c0:44:60:
ef:d4:61:69:81:17:b0:49:f0:19:c9:e4:fe:91:aa:e0:71:1b:
5c:b9:a9:56
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYR7h3LWVtbgmrNC4CKO4gPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE1MTM0MzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDZkMjMyNzA5YmIzMWJhNDI5NTk1MGE0ZTdlYTViMDk0ZTQzYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrPP12ThygWY1sbWyb/OszkgWXbZ
kxsB+gmvqPK377ITq2P++s8r6UMBwx7NP95eAIO2ZTEAtS+3r4HW9UmVt1j9/aGo
+Alo/lBPR8xEokSJfrQU7Xca4RgkoVaTBQ6oh1ppmYL4recQnR8w9rL4UXkAgkX2
ZjKqIFN1nR0m868cLMA8eN2ORLhiEyT9a2bfEFeLAsn8ryTgaLaoENA2HBgRVwJ+
Ol7nlxRtKiJt8IR7xC+jh5ykrZRnkVlhEsG2vUDpemZ6b2Fp3BcGa62RuaYimzk7
eELnq/y6+O+u4XMdbK9LEwxVrvf/k8WpkOIrjsHt7CzNEwoOts99bwtwNwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFLRtIycJuzG6QpWVCk5+pbCU5Dp4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdEcwakp3bTdNYnBDbFpVS1RuNmxzSlRrT25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwwDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EgMEAMF8WgMEAMF8hQMEAMF8yAME
AMI6KAMEAMI6LgMEAMI6OwMEAcJXfDAMAwQAwlfHAwQAwlfIAwQAwlffAwQAwlfi
AwQAwlfpAwQAwlf8AwQAwzo2AwQBwzo4AwQAw4VMAwQAw4XBAwQA1MAFMAwDBADU
wAkDBADUwAowDQYJKoZIhvcNAQELBQADggEBAIe1fRnU/L81/5lj/CTTFL4iUOq4
SPcgrtiuoDqcIvQ4fToJrdW2/BACcsi8sWBelp3fXHFzSTop210kvSIhuoN89d12
I7CA5QX6JcjvRmqx1c++cd6yXpE1s1fzsc8nZcw4N/cVLjyjWc6ysHYYXpH+9EVj
nOJF0d6diVAi2cETI+uHstYuxh4OAbbJ/fFmTKOeU8otdqxDcWtqDUqwf78sl3Ju
kwLqpCdlT25DZNeqjrmoj1Cecrhgis/tT5d5mqntaCdABSVdL+dojGc2y4bCOvbp
Aq5B/CS5U5Dh5wwrSE6TT6e838BEYO/UYWmBF7BJ8BnJ5P6RquBxG1y5qVY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org