Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/txDhCyLGSZAMvw7HMe2We6noZto.roa
File: txDhCyLGSZAMvw7HMe2We6noZto.roa (raw, json)
Hash identifier: pkmbboXEm5mK4DEgqPIX1JomKrJmgFv9KpF8hDkIN0E=
Subject key identifier: B7:10:E1:0B:22:C6:49:90:0C:BF:0E:C7:31:ED:96:7B:A9:E8:66:DA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018475CA09505A629EEBC2F3D3E2077A7A5E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/txDhCyLGSZAMvw7HMe2We6noZto.roa
Signing time: Mon 14 Nov 2022 10:58:05 +0000
ROA not before: Mon 14 Nov 2022 10:58:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 194.87.3.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:ca:09:50:5a:62:9e:eb:c2:f3:d3:e2:07:7a:7a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 10:58:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b710e10b22c649900cbf0ec731ed967ba9e866da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5d:8b:87:c0:f9:92:b7:bb:60:9a:f1:e8:d0:
43:d3:d0:dd:b9:5b:12:ac:10:6a:43:3d:76:bc:c7:
fd:e2:ab:07:e9:91:98:7a:7a:24:0b:73:72:9d:68:
70:ba:78:6c:30:56:d7:15:d1:ba:4d:71:3e:c5:ae:
66:65:9a:61:07:c6:04:3b:26:da:1d:d4:17:aa:cc:
00:39:14:8b:7a:2a:6b:76:84:3e:35:0c:33:6e:22:
14:01:e3:dc:8c:29:77:ec:d9:00:41:be:12:a7:33:
65:1a:4a:90:bd:26:b6:37:ea:a9:79:ba:21:ca:4f:
92:db:bd:50:8b:8d:6b:20:aa:7b:1b:30:f8:cb:45:
f1:81:c3:23:33:9a:e7:3e:fa:3c:86:00:e2:23:41:
fe:40:1b:d2:24:21:73:a9:c5:83:02:9b:f4:27:43:
cd:c9:c7:7c:9f:bf:9f:20:35:d7:8a:4c:35:de:0f:
3a:8c:1f:42:aa:59:c2:cf:2e:b9:62:03:4e:02:61:
a5:2a:25:bc:94:4a:57:ed:a2:c5:b1:0f:20:8b:37:
d1:1b:9b:a0:6b:81:03:60:11:50:c6:21:73:2a:33:
b1:80:ec:84:fb:4b:d2:68:bc:dc:1d:8f:3b:37:8f:
fc:6b:f1:03:a3:d8:ed:2f:f2:e2:05:11:43:ef:66:
76:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:10:E1:0B:22:C6:49:90:0C:BF:0E:C7:31:ED:96:7B:A9:E8:66:DA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/txDhCyLGSZAMvw7HMe2We6noZto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
192.124.190.0/24
193.124.202.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.37.0/24
194.87.83.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d1:96:ad:6e:5b:36:9e:d0:af:2e:12:c2:bf:41:52:20:dd:
b7:52:32:6b:d9:7e:95:d2:19:6f:29:79:6e:4f:f6:7e:dc:68:
bd:d6:e5:10:99:69:6d:2e:55:bd:ff:6e:89:6f:5e:c8:2b:03:
c6:96:65:21:03:9e:ac:bc:85:a7:b4:5b:57:6a:24:d4:a3:1d:
46:de:f2:f2:a8:2e:81:38:0f:1d:16:dd:45:19:a0:07:ec:bb:
98:bd:c6:df:39:3c:68:42:61:81:61:0b:c0:93:dd:ba:8b:20:
bc:f5:06:85:72:ea:a6:9d:d3:c7:5e:a3:6c:3a:f7:61:ea:b7:
3c:b4:88:b2:39:35:bd:7b:c1:32:51:50:5c:81:02:f9:aa:e5:
ff:38:5f:92:80:76:17:54:1c:09:7f:3d:2a:1d:40:1c:81:cd:
89:8f:3d:29:dd:12:13:a1:de:b1:3f:4d:18:53:6f:df:76:b3:
99:d7:31:59:41:ae:6a:04:f7:7f:9f:8a:a2:38:1d:27:b6:8e:
fb:e4:15:79:bc:82:1f:04:29:33:cd:f2:9b:f9:68:c5:ff:a3:
9c:cc:6d:fa:fb:e4:a9:fa:06:22:50:8e:7a:2e:1b:c6:0f:a8:
a4:82:f9:13:fe:c9:b0:4c:90:61:f4:83:3f:7f:b3:d9:ae:40:
c9:04:19:96
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYR1yglQWmKe68Lz0+IHenpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE0MTA1ODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzEwZTEwYjIyYzY0OTkwMGNiZjBlYzczMWVkOTY3YmE5ZTg2NmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj12Lh8D5kre7YJrx6NBD09DduVsS
rBBqQz12vMf94qsH6ZGYenokC3NynWhwunhsMFbXFdG6TXE+xa5mZZphB8YEOyba
HdQXqswAORSLeiprdoQ+NQwzbiIUAePcjCl37NkAQb4SpzNlGkqQvSa2N+qpeboh
yk+S271Qi41rIKp7GzD4y0XxgcMjM5rnPvo8hgDiI0H+QBvSJCFzqcWDApv0J0PN
ycd8n7+fIDXXikw13g86jB9CqlnCzy65YgNOAmGlKiW8lEpX7aLFsQ8gizfRG5ug
a4EDYBFQxiFzKjOxgOyE+0vSaLzcHY87N4/8a/EDo9jtL/LiBRFD72Z2EQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLcQ4QsixkmQDL8OxzHtlnup6GbaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdHhEaEN5TEdTWkFNdnc3SE1lMldlNm5vWnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkzoAwQA
PkzrAwQAwHy+AwQAwXzKAwQAwjovAwQAwlcDAwQAwlcQAwQAwlcWAwQAwlclAwQA
wldTAwQAwzo6AwQAw4VWAwQAw4XCAwQA1MDTMA0GCSqGSIb3DQEBCwUAA4IBAQA7
0Zatbls2ntCvLhLCv0FSIN23UjJr2X6V0hlvKXluT/Z+3Gi91uUQmWltLlW9/26J
b17IKwPGlmUhA56svIWntFtXaiTUox1G3vLyqC6BOA8dFt1FGaAH7LuYvcbfOTxo
QmGBYQvAk926iyC89QaFcuqmndPHXqNsOvdh6rc8tIiyOTW9e8EyUVBcgQL5quX/
OF+SgHYXVBwJfz0qHUAcgc2Jjz0p3RITod6xP00YU2/fdrOZ1zFZQa5qBPd/n4qi
OB0nto775BV5vIIfBCkzzfKb+WjF/6OczG36++Sp+gYiUI56LhvGD6ikgvkT/smw
TJBh9IM/f7PZrkDJBBmW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org