Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xeZPInhPuJbLttmNS9zeQzBaWqs.roa
File: xeZPInhPuJbLttmNS9zeQzBaWqs.roa (raw, json)
Hash identifier: GqFw2OAMKLQCpiwIaxOPXLidJe7UvYwGrpNP4yuKbXU=
Subject key identifier: C5:E6:4F:22:78:4F:B8:96:CB:B6:D9:8D:4B:DC:DE:43:30:5A:5A:AB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018461CFDF72C4B79FDDA9127BB926CE12B2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xeZPInhPuJbLttmNS9zeQzBaWqs.roa
Signing time: Thu 10 Nov 2022 13:52:03 +0000
ROA not before: Thu 10 Nov 2022 13:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.200.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
195.58.56.0/23 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:cf:df:72:c4:b7:9f:dd:a9:12:7b:b9:26:ce:12:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 10 13:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5e64f22784fb896cbb6d98d4bdcde43305a5aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:eb:9c:8b:5e:43:67:01:64:c6:b1:ee:2e:1b:
4d:4a:d1:e8:14:4c:14:7f:1b:78:94:87:6a:a4:e3:
14:4e:dd:ec:d4:60:90:c0:d7:0a:1d:f5:fb:56:86:
3a:87:da:08:e2:26:74:87:6e:89:10:fe:c4:08:65:
27:40:be:1b:5e:a2:c2:be:42:70:af:d2:b8:a9:a1:
25:08:05:2c:a7:39:e6:56:b6:f5:14:c8:92:04:44:
30:c6:d3:7d:dc:cf:07:17:ed:56:32:22:08:51:10:
16:20:f0:96:d7:8f:85:3c:ef:f4:cb:d1:30:87:40:
58:70:26:b3:a1:15:69:d1:61:27:05:34:77:f7:d5:
85:30:ea:ba:1b:b8:e9:83:bf:2c:c3:df:d3:c2:f3:
9a:40:ca:11:d6:f9:e7:7a:42:47:95:4e:fc:d9:ed:
75:5e:15:75:dd:8b:7f:88:ff:e8:f0:5b:bf:c4:24:
24:b9:fa:97:f3:c4:69:46:e1:4f:73:ad:3e:af:8a:
a8:0d:a8:08:36:80:7f:e5:83:21:92:a9:82:cd:d9:
80:6b:5e:0a:c7:2e:b0:a9:09:10:b9:94:c4:9c:b4:
f1:69:bf:9c:c8:3c:b3:06:38:5d:0e:fe:fc:9b:6b:
94:21:35:1e:15:26:bd:d4:97:01:f4:07:eb:62:04:
76:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E6:4F:22:78:4F:B8:96:CB:B6:D9:8D:4B:DC:DE:43:30:5A:5A:AB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xeZPInhPuJbLttmNS9zeQzBaWqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.90.0/24
193.124.133.0/24
194.58.46.0/24
194.87.125.0/24
194.87.199.0-194.87.200.255
194.87.223.0/24
194.87.226.0/24
194.87.252.0/24
195.58.54.0/24
195.58.56.0/23
195.133.76.0/24
195.133.193.0/24
212.192.5.0/24
212.192.9.0-212.192.10.255
Signature Algorithm: sha256WithRSAEncryption
3e:47:12:65:54:d7:c5:2a:a4:b1:4f:5c:e3:80:da:0a:f1:91:
b7:12:f9:2d:09:f6:ff:80:71:73:11:92:87:a4:c3:11:4e:3b:
2a:c1:f4:2b:bf:7d:d5:ec:b4:9d:a0:b8:28:31:d7:11:c4:84:
cb:66:46:c6:4e:0e:d2:09:20:52:a9:87:b9:63:97:08:60:97:
48:df:56:b1:20:1e:20:5f:33:c4:a2:cb:0e:01:e6:5f:a3:db:
56:2a:93:46:93:19:e9:3b:cf:92:c9:a3:6d:c1:7a:ae:db:e1:
3a:56:0f:10:c4:5b:d6:1c:17:dd:c8:99:b9:0d:8e:f5:b2:b3:
0e:21:89:1c:86:e3:86:15:eb:bd:d9:18:3f:e0:03:96:58:f2:
f6:8e:91:22:14:2f:6e:0b:1a:29:09:b7:a1:94:94:ad:13:50:
9a:d7:1b:c8:2f:5e:9f:d2:47:23:86:08:ac:19:a1:66:ea:09:
a8:bb:54:9c:5a:f1:8e:24:6f:ce:a6:dd:46:a3:d3:c5:56:67:
5d:e0:d3:89:a2:9f:ab:71:5b:d2:83:06:77:c8:1e:9d:e4:59:
9b:e6:2a:ad:32:5a:36:4c:72:c8:72:d7:e6:ca:5e:25:87:13:
a8:dd:9e:fa:bd:c9:d7:5c:cd:e7:0b:e9:00:ce:a0:1b:67:66:
ab:f9:9a:73
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYRhz99yxLef3akSe7kmzhKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTEwMTM1MjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU2NGYyMjc4NGZiODk2Y2JiNmQ5OGQ0YmRjZGU0MzMwNWE1YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+uci15DZwFkxrHuLhtNStHoFEwU
fxt4lIdqpOMUTt3s1GCQwNcKHfX7VoY6h9oI4iZ0h26JEP7ECGUnQL4bXqLCvkJw
r9K4qaElCAUspznmVrb1FMiSBEQwxtN93M8HF+1WMiIIURAWIPCW14+FPO/0y9Ew
h0BYcCazoRVp0WEnBTR399WFMOq6G7jpg78sw9/TwvOaQMoR1vnnekJHlU782e11
XhV13Yt/iP/o8Fu/xCQkufqX88RpRuFPc60+r4qoDagINoB/5YMhkqmCzdmAa14K
xy6wqQkQuZTEnLTxab+cyDyzBjhdDv78m2uUITUeFSa91JcB9AfrYgR2SwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFMXmTyJ4T7iWy7bZjUvc3kMwWlqrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveGVaUEluaFB1SmJMdHRtTlM5emVRekJhV3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjAMAwQA
PkzhAwQAPkziAwQAwHy0AwQAwHy3AwQAwXxaAwQAwXyFAwQAwjouAwQAwld9MAwD
BADCV8cDBADCV8gDBADCV98DBADCV+IDBADCV/wDBADDOjYDBAHDOjgDBADDhUwD
BADDhcEDBADUwAUwDAMEANTACQMEANTACjANBgkqhkiG9w0BAQsFAAOCAQEAPkcS
ZVTXxSqksU9c44DaCvGRtxL5LQn2/4BxcxGSh6TDEU47KsH0K7991ey0naC4KDHX
EcSEy2ZGxk4O0gkgUqmHuWOXCGCXSN9WsSAeIF8zxKLLDgHmX6PbViqTRpMZ6TvP
ksmjbcF6rtvhOlYPEMRb1hwX3ciZuQ2O9bKzDiGJHIbjhhXrvdkYP+ADlljy9o6R
IhQvbgsaKQm3oZSUrRNQmtcbyC9en9JHI4YIrBmhZuoJqLtUnFrxjiRvzqbdRqPT
xVZnXeDTiaKfq3Fb0oMGd8geneRZm+YqrTJaNkxyyHLX5speJYcTqN2e+r3J11zN
5wvpAM6gG2dmq/macw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:51 2024 by rpki-client on console-ams.rpki-client.org