Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yO4S67fjeouWIAaRKovVi2YFXT8.roa
File: yO4S67fjeouWIAaRKovVi2YFXT8.roa (raw, json)
Hash identifier: P+Qs6f32JAfBbl5RJuFoacBDxAvls8ayRmDSg/N4oY4=
Subject key identifier: C8:EE:12:EB:B7:E3:7A:8B:96:20:06:91:2A:8B:D5:8B:66:05:5D:3F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852932D87F90F06A195738413F14EC9F7E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yO4S67fjeouWIAaRKovVi2YFXT8.roa
Signing time: Mon 19 Dec 2022 07:04:36 +0000
ROA not before: Mon 19 Dec 2022 07:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.58.59.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:32:d8:7f:90:f0:6a:19:57:38:41:3f:14:ec:9f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 07:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8ee12ebb7e37a8b962006912a8bd58b66055d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:08:4f:a9:c4:44:ae:88:8c:7e:5b:28:a7:4b:
27:6c:10:f1:a2:68:f9:cc:1d:a1:73:47:d5:fe:c1:
e4:c8:97:65:ef:5e:1e:ba:2a:c7:08:e8:35:4d:df:
51:65:fc:ab:65:6f:02:2b:1c:06:c6:f4:1e:2b:e8:
28:04:3c:dd:ca:dc:e5:e8:ba:26:f9:09:d0:c8:87:
61:4c:c3:85:72:3c:8f:57:b9:4b:6d:96:03:51:7b:
f3:84:16:8f:58:37:2e:5b:95:cb:06:57:9f:f7:a8:
c9:fd:66:70:31:43:96:cc:3f:1b:10:f1:61:59:e8:
b7:eb:df:95:2d:79:3d:f6:b1:bb:d9:4b:fe:f8:76:
70:7e:c1:c8:c7:24:da:32:c0:85:15:77:3c:5f:3a:
19:99:6c:02:14:84:23:1f:99:dd:8f:c1:a4:ce:c9:
e8:04:f5:a8:0d:2f:ce:49:98:6b:3d:2f:16:a0:2f:
a0:0f:6b:0f:70:66:01:40:b8:09:6b:06:70:7d:cd:
51:c1:b7:ec:64:90:61:44:70:7b:ee:63:b9:04:4d:
4b:e0:2c:a8:94:5a:46:de:cf:0c:e7:a3:94:f4:e7:
98:23:08:40:db:e4:52:f0:64:5f:4a:4f:86:c1:91:
c7:7f:9e:a6:cc:7c:fe:fa:ee:15:53:5c:c0:d1:41:
09:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EE:12:EB:B7:E3:7A:8B:96:20:06:91:2A:8B:D5:8B:66:05:5D:3F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yO4S67fjeouWIAaRKovVi2YFXT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
192.124.188.0/24
193.124.41.0/24
193.124.227.0/24
194.58.60.0/24
194.85.249.0/24
194.85.251.0/24
194.87.187.0/24
195.58.59.0/24
195.133.13.0-195.133.14.255
195.133.31.0/24
195.133.37.0/24
195.133.39.0-195.133.43.255
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
69:b2:2f:d1:64:9a:1d:cd:ae:f2:d9:e7:17:47:21:12:be:5e:
16:75:79:f4:dc:f1:55:5b:fc:d8:c8:55:f6:c3:90:54:c0:f8:
15:e8:f3:a8:0e:31:4b:9b:4b:1a:1d:c5:ef:a1:17:16:f3:77:
dc:27:78:82:11:f9:d4:d7:8d:b8:93:13:47:4f:fc:76:c4:fc:
8c:4b:e4:5f:07:75:e2:79:54:76:b3:63:d1:e6:a1:4d:7a:48:
b2:1d:95:c5:95:25:cf:21:3b:6f:0a:a7:ff:22:47:e8:8f:d3:
0a:9e:f2:c5:8f:75:e0:ea:2c:1e:0d:ee:4c:94:cf:8c:d1:3c:
5f:6a:52:8d:83:27:4b:ce:c5:48:f1:db:10:3a:2e:38:40:75:
6e:58:43:82:a4:3a:c6:bf:06:30:bd:d9:75:49:43:00:b3:ec:
86:55:f7:f0:b1:cf:af:41:ea:b7:7d:91:e5:6c:6b:aa:c0:3d:
57:3f:46:c2:0d:59:48:22:98:6f:b3:95:de:21:96:68:a3:3d:
72:b2:cd:5c:b0:fe:fa:2f:9f:fb:af:c5:08:06:ec:3c:74:89:
c8:77:b9:71:c6:2b:84:a1:d9:30:80:59:64:09:a4:8f:07:66:
ec:54:a8:9c:5b:34:9f:5a:e1:48:dd:4f:15:a7:10:d6:82:85:
aa:15:56:1b
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYUpMth/kPBqGVc4QT8U7J9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE5MDcwNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVlMTJlYmI3ZTM3YThiOTYyMDA2OTEyYThiZDU4YjY2MDU1ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwhPqcREroiMflsop0snbBDxomj5
zB2hc0fV/sHkyJdl714euirHCOg1Td9RZfyrZW8CKxwGxvQeK+goBDzdytzl6Lom
+QnQyIdhTMOFcjyPV7lLbZYDUXvzhBaPWDcuW5XLBlef96jJ/WZwMUOWzD8bEPFh
Wei369+VLXk99rG72Uv++HZwfsHIxyTaMsCFFXc8XzoZmWwCFIQjH5ndj8Gkzsno
BPWoDS/OSZhrPS8WoC+gD2sPcGYBQLgJawZwfc1RwbfsZJBhRHB77mO5BE1L4Cyo
lFpG3s8M56OU9OeYIwhA2+RS8GRfSk+GwZHHf56mzHz++u4VU1zA0UEJsQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFMjuEuu343qLliAGkSqL1YtmBV0/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveU80UzY3Zmplb3VXSUFhUktvdlZpMllGWFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBADAfLYD
BADAfLwDBADBfCkDBADBfOMDBADCOjwDBADCVfkDBADCVfsDBADCV7sDBADDOjsw
DAMEAMOFDQMEAMOFDgMEAMOFHwMEAMOFJTAMAwQAw4UnAwQCw4UoAwQA1MAEAwQA
1MDwAwQA1MEcAwQA1MEfMA0GCSqGSIb3DQEBCwUAA4IBAQBpsi/RZJodza7y2ecX
RyESvl4WdXn03PFVW/zYyFX2w5BUwPgV6POoDjFLm0saHcXvoRcW83fcJ3iCEfnU
1424kxNHT/x2xPyMS+RfB3XieVR2s2PR5qFNekiyHZXFlSXPITtvCqf/Ikfoj9MK
nvLFj3Xg6iweDe5MlM+M0TxfalKNgydLzsVI8dsQOi44QHVuWEOCpDrGvwYwvdl1
SUMAs+yGVffwsc+vQeq3fZHlbGuqwD1XP0bCDVlIIphvs5XeIZZooz1yss1csP76
L5/7r8UIBuw8dInId7lxxiuEodkwgFlkCaSPB2bsVKicWzSfWuFI3U8VpxDWgoWq
FVYb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:15 2023 by rpki-client on console-ams.rpki-client.org