Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vlgK_U-pTYDpefj1di2oJ-XzjJk.roa
File: vlgK_U-pTYDpefj1di2oJ-XzjJk.roa (raw, json)
Hash identifier: J2E5SlwKD3TVQhw8ijoyiIr0fYDGyoF0OU7NsxqbWJE=
Subject key identifier: BE:58:0A:FD:4F:A9:4D:80:E9:79:F8:F5:76:2D:A8:27:E5:F3:8C:99
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01841D640DA88DD6B06EDEDB457B4E42E972
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vlgK_U-pTYDpefj1di2oJ-XzjJk.roa
Signing time: Fri 28 Oct 2022 07:00:07 +0000
ROA not before: Fri 28 Oct 2022 07:00:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:64:0d:a8:8d:d6:b0:6e:de:db:45:7b:4e:42:e9:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 28 07:00:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be580afd4fa94d80e979f8f5762da827e5f38c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ee:3b:3f:ca:5f:7a:59:de:6d:23:04:0b:40:
85:ed:ac:dc:7c:60:ae:8b:1c:ff:28:48:fe:35:77:
5e:92:c5:95:a8:c1:36:64:ba:04:07:06:50:df:3f:
a1:96:f3:39:3c:08:13:1f:8e:fc:0f:f5:41:e8:da:
c6:61:b1:8f:67:c2:9d:4f:ec:28:99:32:e0:30:85:
2d:d0:d9:6e:17:5d:c1:ac:bb:ed:63:23:a3:c1:c5:
bd:96:fa:3c:71:03:a0:d3:60:f0:a1:18:35:20:b5:
13:63:08:88:47:bf:21:f2:0e:83:7e:4c:38:3a:e1:
33:e3:5b:ad:e6:97:b5:a8:cf:03:00:f9:0b:29:49:
a8:ff:47:84:22:d9:67:eb:bc:42:98:1c:15:8a:29:
10:52:49:71:00:67:e7:b2:c2:6f:62:26:92:49:30:
2c:d1:31:9d:bd:eb:42:56:4e:df:d4:8b:18:37:cd:
e5:20:1e:a3:a6:f1:2a:b5:5b:c1:ac:37:d2:f4:65:
05:fb:0e:86:a0:10:6c:b5:c0:64:4b:3c:2f:67:00:
af:24:87:b6:f7:5c:7b:00:80:41:a2:65:f7:d0:5a:
4e:8d:f8:b9:80:c8:d7:b5:53:ff:ab:47:74:87:74:
35:2d:6c:32:82:de:31:10:22:db:7f:9b:67:2a:35:
fd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:58:0A:FD:4F:A9:4D:80:E9:79:F8:F5:76:2D:A8:27:E5:F3:8C:99
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vlgK_U-pTYDpefj1di2oJ-XzjJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.203.0/24
194.58.45.0/24
194.87.1.0/24
194.87.3.0/24
194.87.16.0/24
194.87.24.0/22
194.87.118.0/24
194.87.165.0/24
194.87.170.0/24
194.87.178.0/23
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.135.30.0/24
195.58.56.0/21
195.133.55.0/24
195.133.76.0/24
212.193.0.0/24
212.193.2.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
29:53:ae:c2:05:1c:37:92:9d:c7:66:67:85:ff:e7:4e:27:8c:
bb:6c:32:d2:b0:42:4c:31:7e:0f:4f:30:7f:c1:c4:e5:41:a6:
5f:7d:7c:12:4f:9c:70:ba:46:0a:d8:68:66:59:9c:fa:a8:0d:
38:42:ac:40:8d:b3:c3:9d:dc:07:a9:c3:b5:db:73:68:f5:c8:
04:da:06:a5:34:11:5f:65:38:19:5b:04:28:e4:50:d3:10:40:
f2:65:4d:d9:10:27:3a:50:21:e4:38:fd:ab:db:29:5a:fe:c9:
ef:ba:ba:ca:3f:f2:3b:7b:6c:70:af:f3:e3:93:ef:1e:99:e6:
cf:80:64:fc:55:71:b7:da:68:86:5d:47:17:6d:72:89:d7:0c:
20:68:6c:5a:2b:53:87:56:cb:e3:64:d3:44:ef:c8:7a:e0:04:
98:f3:cb:52:97:d3:7c:61:6e:73:d3:fc:25:2c:08:d2:d5:ef:
4f:6a:ba:8e:59:78:3b:92:e1:86:a0:17:84:d3:4a:61:3a:89:
41:a3:46:72:2b:79:96:e6:39:6b:d0:53:20:95:c9:c6:2b:70:
be:92:67:dd:bc:03:04:9e:8e:3a:5b:be:fe:cf:36:cf:c2:5e:
e6:b2:fe:4a:12:4f:d8:79:bd:6e:ca:5e:cc:26:eb:dd:e9:f6:
06:70:58:10
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYQdZA2ojdawbt7bRXtOQulyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI4MDcwMDA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTU4MGFmZDRmYTk0ZDgwZTk3OWY4ZjU3NjJkYTgyN2U1ZjM4Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+47P8pfelnebSMEC0CF7azcfGCu
ixz/KEj+NXdeksWVqME2ZLoEBwZQ3z+hlvM5PAgTH478D/VB6NrGYbGPZ8KdT+wo
mTLgMIUt0NluF13BrLvtYyOjwcW9lvo8cQOg02DwoRg1ILUTYwiIR78h8g6Dfkw4
OuEz41ut5pe1qM8DAPkLKUmo/0eEItln67xCmBwViikQUklxAGfnssJvYiaSSTAs
0TGdvetCVk7f1IsYN83lIB6jpvEqtVvBrDfS9GUF+w6GoBBstcBkSzwvZwCvJIe2
91x7AIBBomX30FpOjfi5gMjXtVP/q0d0h3Q1LWwygt4xECLbf5tnKjX9cwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFL5YCv1PqU2A6Xn49XYtqCfl84yZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdmxnS19VLXBUWURwZWZqMWRpMm9KLVh6akprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAA+
TOUDBAA+TOcDBADAfK0DBALAfLQDBADAfNEDBADBbHADBADBfAMDBADBfMsDBADC
Oi0DBADCVwEDBADCVwMDBADCVxADBALCVxgDBADCV3YDBADCV6UDBADCV6oDBAHC
V7IDBADCV8YwDAMEAMJXzwMEAcJX0AMEAcJX3gMEAMKHHgMEA8M6OAMEAMOFNwME
AMOFTAMEANTBAAMEANTBAgMEANTBDAMEANTBDzANBgkqhkiG9w0BAQsFAAOCAQEA
KVOuwgUcN5Kdx2Znhf/nTieMu2wy0rBCTDF+D08wf8HE5UGmX318Ek+ccLpGCtho
Zlmc+qgNOEKsQI2zw53cB6nDtdtzaPXIBNoGpTQRX2U4GVsEKORQ0xBA8mVN2RAn
OlAh5Dj9q9spWv7J77q6yj/yO3tscK/z45PvHpnmz4Bk/FVxt9pohl1HF21yidcM
IGhsWitTh1bL42TTRO/IeuAEmPPLUpfTfGFuc9P8JSwI0tXvT2q6jll4O5LhhqAX
hNNKYTqJQaNGcit5luY5a9BTIJXJxitwvpJn3bwDBJ6OOlu+/s82z8Je5rL+ShJP
2Hm9bspezCbr3en2BnBYEA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-ams.rpki-client.org