Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vkI2Zfjmi6uhNr11RE_1d4495Hs.roa
File: vkI2Zfjmi6uhNr11RE_1d4495Hs.roa (raw, json)
Hash identifier: p5VXQfUpJ+QaM2A9wJbQ1NjXHZNGbys0PYvhx1h/euQ=
Subject key identifier: BE:42:36:65:F8:E6:8B:AB:A1:36:BD:75:44:4F:F5:77:8E:3D:E4:7B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018475CE98292CED97C1BB2A09E2251BB20E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vkI2Zfjmi6uhNr11RE_1d4495Hs.roa
Signing time: Mon 14 Nov 2022 11:03:04 +0000
ROA not before: Mon 14 Nov 2022 11:03:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.200.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
195.58.56.0/23 maxlen: 24
195.58.54.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:ce:98:29:2c:ed:97:c1:bb:2a:09:e2:25:1b:b2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 11:03:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be423665f8e68baba136bd75444ff5778e3de47b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:dc:f2:51:6e:df:39:e0:d4:a8:26:ec:f8:bd:
a8:98:89:95:b9:84:bb:1d:09:61:87:11:ed:1c:82:
1a:02:75:34:83:8d:76:33:ab:12:e4:06:b3:b7:0b:
f7:8a:28:03:16:0b:f1:07:9f:31:da:63:e2:57:96:
5c:d4:ad:91:68:ab:a7:b7:a9:89:94:e5:69:53:2b:
89:93:bd:04:b7:79:4e:ac:44:d1:9e:cd:6c:19:aa:
b7:13:e4:35:99:73:65:e2:3e:de:ff:c1:57:c4:b2:
5a:1b:bb:a1:1a:f7:9a:d2:15:3f:7e:47:7a:b7:85:
30:37:d3:1c:f0:68:36:16:15:d0:f9:bd:12:ea:cc:
ac:6a:eb:bf:c1:12:9c:55:dc:76:cf:4c:d1:89:e0:
04:1a:4e:2e:f1:16:04:2f:8d:fe:b0:bf:01:29:23:
9d:9a:d7:80:19:97:01:43:dd:20:22:9c:0b:32:13:
55:1a:56:41:3a:e2:1d:4b:6f:5a:d4:3d:b2:35:0d:
fb:12:e6:48:fe:96:9f:2d:47:8e:fc:10:6e:bc:9e:
8d:00:ae:c2:a5:9c:b8:e3:b5:2c:2c:99:a1:d4:20:
f5:e9:2c:ad:f1:4a:4c:66:bb:2b:74:7b:18:38:03:
38:a0:86:9c:ec:59:99:96:5a:0c:94:e0:59:2b:7f:
4e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:42:36:65:F8:E6:8B:AB:A1:36:BD:75:44:4F:F5:77:8E:3D:E4:7B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vkI2Zfjmi6uhNr11RE_1d4495Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.90.0/24
193.124.133.0/24
193.124.200.0/24
194.58.40.0/24
194.58.46.0/24
194.87.124.0/23
194.87.199.0-194.87.200.255
194.87.223.0/24
194.87.226.0/24
194.87.252.0/24
195.58.54.0/24
195.58.56.0/23
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0-212.192.10.255
Signature Algorithm: sha256WithRSAEncryption
7d:4a:2d:cc:c8:08:8d:81:52:8c:7b:30:22:40:23:2a:8c:bb:
aa:a9:13:c1:11:4a:e2:ef:25:d0:a1:82:7d:c0:35:cb:a2:97:
24:d6:a5:c0:41:97:ad:dd:73:07:d9:79:65:b9:77:e6:e3:8a:
44:8c:8f:70:a8:9f:ea:96:7c:bc:de:e0:85:cb:18:e2:80:2d:
7e:2c:56:b8:0d:e6:c6:b0:0d:d4:9f:73:37:8f:05:15:4b:87:
e6:57:3f:55:98:e0:c1:bf:ba:2e:e4:6a:ba:c1:b7:df:e5:ca:
81:35:36:7f:18:0d:6e:b3:3d:91:a9:cf:71:8e:a3:cb:30:ef:
cf:f9:f6:89:ad:77:30:c9:43:5e:d3:06:58:bb:77:04:83:66:
9d:d2:ea:bc:fc:f7:e2:3a:bb:21:7e:aa:d1:31:01:f3:42:b3:
6d:a3:72:ea:e5:c3:8c:32:d3:88:3e:65:7c:60:4a:31:f8:62:
42:be:f3:3c:75:96:89:9e:dd:07:bb:1d:d8:17:f5:18:37:37:
30:69:1f:8f:8e:8c:83:fd:64:d1:4a:f0:0e:74:4a:1f:74:63:
d9:86:21:55:76:f1:23:01:8c:eb:05:9c:6a:f7:1a:69:8b:24:
7a:09:8d:c1:95:87:20:7c:05:19:6c:4a:74:d7:ca:a7:8f:5d:
3d:9d:c9:d0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYR1zpgpLO2XwbsqCeIlG7IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE0MTEwMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQyMzY2NWY4ZTY4YmFiYTEzNmJkNzU0NDRmZjU3NzhlM2RlNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNzyUW7fOeDUqCbs+L2omImVuYS7
HQlhhxHtHIIaAnU0g412M6sS5Aaztwv3iigDFgvxB58x2mPiV5Zc1K2RaKunt6mJ
lOVpUyuJk70Et3lOrETRns1sGaq3E+Q1mXNl4j7e/8FXxLJaG7uhGvea0hU/fkd6
t4UwN9Mc8Gg2FhXQ+b0S6sysauu/wRKcVdx2z0zRieAEGk4u8RYEL43+sL8BKSOd
mteAGZcBQ90gIpwLMhNVGlZBOuIdS29a1D2yNQ37EuZI/pafLUeO/BBuvJ6NAK7C
pZy447UsLJmh1CD16Syt8UpMZrsrdHsYOAM4oIac7FmZlloMlOBZK39OXQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFL5CNmX45ouroTa9dURP9XeOPeR7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdmtJMlpmam1pNnVoTnIxMVJFXzFkNDQ5NUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYowDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8WgMEAMF8hQMEAMF8yAMEAMI6KAME
AMI6LgMEAcJXfDAMAwQAwlfHAwQAwlfIAwQAwlffAwQAwlfiAwQAwlf8AwQAwzo2
AwQBwzo4AwQAw4VMAwQAw4XBAwQA1MAFMAwDBADUwAkDBADUwAowDQYJKoZIhvcN
AQELBQADggEBAH1KLczICI2BUox7MCJAIyqMu6qpE8ERSuLvJdChgn3ANcuilyTW
pcBBl63dcwfZeWW5d+bjikSMj3Con+qWfLze4IXLGOKALX4sVrgN5sawDdSfczeP
BRVLh+ZXP1WY4MG/ui7karrBt9/lyoE1Nn8YDW6zPZGpz3GOo8sw78/59omtdzDJ
Q17TBli7dwSDZp3S6rz89+I6uyF+qtExAfNCs22jcurlw4wy04g+ZXxgSjH4YkK+
8zx1lome3Qe7HdgX9Rg3NzBpH4+OjIP9ZNFK8A50Sh90Y9mGIVV28SMBjOsFnGr3
GmmLJHoJjcGVhyB8BRlsSnTXyqePXT2dydA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:13 2023 by rpki-client on console-fra.rpki-client.org