Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xvMNQ3KgexYJZS7W9asEyxb8cnM.roa
File: xvMNQ3KgexYJZS7W9asEyxb8cnM.roa (raw, json)
Hash identifier: yNuRGYnqgFaxXv1qlFfR5whmDjuameY97yEG5VQ9nwQ=
Subject key identifier: C6:F3:0D:43:72:A0:7B:16:09:65:2E:D6:F5:AB:04:CB:16:FC:72:73
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183A815A3865684A7EDE12D3B2A2E63E30A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xvMNQ3KgexYJZS7W9asEyxb8cnM.roa
Signing time: Wed 05 Oct 2022 12:18:53 +0000
ROA not before: Wed 05 Oct 2022 12:18:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.124.226.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
193.124.49.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
212.192.16.0/21 maxlen: 24
195.58.56.0/21 maxlen: 24
194.87.192.0/22 maxlen: 22
212.193.4.0/22 maxlen: 24
212.193.8.0/22 maxlen: 24
194.87.124.0/22 maxlen: 24
194.87.120.0/22 maxlen: 24
212.192.208.0/22 maxlen: 24
194.87.41.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:15:a3:86:56:84:a7:ed:e1:2d:3b:2a:2e:63:e3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 5 12:18:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6f30d4372a07b1609652ed6f5ab04cb16fc7273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:28:21:d1:21:95:ca:32:3f:92:89:99:ba:e8:
13:84:9c:dc:71:71:2c:83:74:ee:02:1b:39:ff:f5:
3c:16:d2:26:ef:e2:0b:04:f2:00:26:cd:45:e6:36:
b0:e1:2a:60:86:28:f0:69:5d:e2:e7:c7:7a:c9:b6:
f3:9d:d5:12:44:7b:d9:8f:28:41:83:85:35:98:6d:
08:b7:e6:89:77:3a:fd:4f:4d:9a:e8:8b:49:4a:25:
5c:e8:18:2b:4a:b2:bb:61:da:bd:d7:9c:aa:e9:0e:
dc:07:d4:ed:52:19:19:e6:f4:bc:40:72:e4:82:d0:
3b:66:07:4f:29:c5:37:d1:7f:24:fb:3c:02:a0:0b:
4b:ff:ee:82:c6:45:b6:29:86:a5:26:98:ad:d0:66:
14:03:ee:de:34:22:5a:5f:a5:52:01:f6:9d:fb:87:
16:62:9b:74:b3:f3:c4:9e:b8:33:f2:df:bf:99:ac:
f5:77:07:fa:7e:b4:eb:0f:ef:a6:a0:02:10:39:d1:
8f:35:ee:89:9d:12:c7:74:c7:b7:fa:69:ca:70:ba:
77:82:16:f4:45:df:30:ec:e8:af:a4:01:d6:2a:f1:
2b:79:73:36:62:3b:7d:bc:ae:d7:56:2d:79:52:c2:
0a:98:eb:6f:7a:e7:b2:56:54:d0:48:8d:c9:fb:13:
18:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F3:0D:43:72:A0:7B:16:09:65:2E:D6:F5:AB:04:CB:16:FC:72:73
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xvMNQ3KgexYJZS7W9asEyxb8cnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
193.124.224.0-193.124.226.255
194.87.41.0/24
194.87.61.0/24
194.87.120.0/21
194.87.192.0/22
194.135.46.0/24
195.58.56.0/21
195.133.22.0/24
212.192.16.0/21
212.192.208.0/22
212.193.4.0-212.193.11.255
Signature Algorithm: sha256WithRSAEncryption
33:43:7f:64:19:18:94:2c:fa:78:2f:3a:ce:15:3b:41:c5:7a:
fa:b1:e5:a8:9d:46:5d:33:8e:da:92:dc:9f:28:9c:cc:63:bc:
25:8d:41:7d:47:d9:cc:36:d4:f9:a5:2f:4f:bb:b8:fe:d6:db:
dc:3d:d6:ad:5f:1e:57:2f:5e:3b:60:3f:22:6c:5c:f6:18:30:
61:ba:25:f3:3e:aa:de:db:6e:59:66:6e:fa:b1:31:b6:4d:16:
2a:d2:7c:e7:0e:48:26:91:fe:6f:4c:b5:9b:80:43:bd:a7:44:
ad:86:79:b1:5a:17:3a:5d:c7:f9:45:41:d6:1e:14:9e:31:21:
ca:62:b4:1d:f7:20:d4:60:b6:f9:c7:20:e2:58:91:11:f8:a3:
e1:82:e9:65:64:2e:3b:39:28:26:ea:f6:ed:32:0e:dc:ba:1c:
6a:36:29:17:c4:bf:55:24:1f:0e:33:57:b6:d9:75:b4:54:fa:
43:79:11:0a:be:cd:ba:f9:e8:7b:f0:b4:9b:2f:8b:88:31:07:
69:6b:27:a4:00:8c:c5:57:3b:fb:48:29:c6:85:7a:42:8a:57:
f1:c3:f6:d6:d7:5f:2a:b6:c1:57:0a:54:77:86:82:de:4b:15:
f4:bc:7a:5b:bb:29:7c:1d:82:11:ac:8c:0d:50:89:2e:82:95:
c8:e9:4b:93
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYOoFaOGVoSn7eEtOyouY+MKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDA1MTIxODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmYzMGQ0MzcyYTA3YjE2MDk2NTJlZDZmNWFiMDRjYjE2ZmM3MjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSgh0SGVyjI/komZuugThJzccXEs
g3TuAhs5//U8FtIm7+ILBPIAJs1F5jaw4SpghijwaV3i58d6ybbzndUSRHvZjyhB
g4U1mG0It+aJdzr9T02a6ItJSiVc6BgrSrK7Ydq915yq6Q7cB9TtUhkZ5vS8QHLk
gtA7ZgdPKcU30X8k+zwCoAtL/+6CxkW2KYalJpit0GYUA+7eNCJaX6VSAfad+4cW
Ypt0s/PEnrgz8t+/maz1dwf6frTrD++moAIQOdGPNe6JnRLHdMe3+mnKcLp3ghb0
Rd8w7OivpAHWKvEreXM2Yjt9vK7XVi15UsIKmOtveueyVlTQSI3J+xMYAQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMbzDUNyoHsWCWUu1vWrBMsW/HJzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveHZNTlEzS2dleFlKWlM3Vzlhc0V5eGI4Y25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAwXwxMAwD
BAXBfOADBADBfOIDBADCVykDBADCVz0DBAPCV3gDBALCV8ADBADChy4DBAPDOjgD
BADDhRYDBAPUwBADBALUwNAwDAMEAtTBBAMEAtTBCDANBgkqhkiG9w0BAQsFAAOC
AQEAM0N/ZBkYlCz6eC86zhU7QcV6+rHlqJ1GXTOO2pLcnyiczGO8JY1BfUfZzDbU
+aUvT7u4/tbb3D3WrV8eVy9eO2A/Imxc9hgwYbol8z6q3ttuWWZu+rExtk0WKtJ8
5w5IJpH+b0y1m4BDvadErYZ5sVoXOl3H+UVB1h4UnjEhymK0Hfcg1GC2+ccg4liR
Efij4YLpZWQuOzkoJur27TIO3LocajYpF8S/VSQfDjNXttl1tFT6Q3kRCr7Nuvno
e/C0my+LiDEHaWsnpACMxVc7+0gpxoV6QopX8cP21tdfKrbBVwpUd4aC3ksV9Lx6
W7spfB2CEayMDVCJLoKVyOlLkw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:14 2023 by rpki-client on console-fra.rpki-client.org