Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ygaM5uZHAomLSd_EcAhWNs5l99k.roa
File: ygaM5uZHAomLSd_EcAhWNs5l99k.roa (raw, json)
Hash identifier: 15R3cGq/D3BNXh+BM7P04MHmf+RY6VmseeZk91FpP0M=
Subject key identifier: CA:06:8C:E6:E6:47:02:89:8B:49:DF:C4:70:08:56:36:CE:65:F7:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01853028A2420F8672E05221E32CB66D708C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ygaM5uZHAomLSd_EcAhWNs5l99k.roa
Signing time: Tue 20 Dec 2022 15:30:47 +0000
ROA not before: Tue 20 Dec 2022 15:30:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:28:a2:42:0f:86:72:e0:52:21:e3:2c:b6:6d:70:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 15:30:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca068ce6e64702898b49dfc470085636ce65f7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ba:e3:9c:12:1e:be:55:e2:32:91:d0:f2:b4:
26:b8:a7:18:1f:22:7e:6e:60:51:3b:e3:50:60:75:
50:a3:42:9a:fa:03:95:89:62:99:42:76:94:8c:17:
5f:52:3b:21:74:63:b2:17:74:e7:d0:9a:12:98:be:
af:7c:f9:20:7f:7e:7e:33:e0:df:c1:c7:82:38:9b:
4e:66:72:3c:38:51:60:02:79:7d:a3:e7:82:6a:88:
8c:60:1a:46:e7:24:0c:1c:85:5b:8d:58:51:0b:3d:
d0:d6:d0:e5:35:9a:93:c1:18:5d:46:0e:2b:3a:1a:
de:d8:41:fb:7b:4e:dd:3a:2a:21:e1:9a:e2:59:ac:
19:5e:61:c7:0a:8d:0f:0d:97:7f:fb:78:30:3e:05:
cd:4f:15:4e:49:78:1d:20:13:56:8f:f8:84:8e:88:
01:81:59:94:bf:27:71:26:6a:93:1a:a1:45:66:f8:
a0:2e:a8:32:01:79:a8:7e:93:b9:ec:13:58:ec:88:
6e:cf:b1:ea:bb:12:52:0e:52:60:9a:e0:e3:96:af:
a5:d9:6f:82:76:20:5f:19:f1:0d:b3:bc:fb:23:f9:
23:66:e1:e9:8f:ef:97:81:1f:66:84:3b:da:d8:18:
02:66:a1:bb:c6:b8:aa:21:e7:c8:f9:ae:43:06:5d:
f3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:06:8C:E6:E6:47:02:89:8B:49:DF:C4:70:08:56:36:CE:65:F7:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ygaM5uZHAomLSd_EcAhWNs5l99k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
62.76.235.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.9.0/24
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/23
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.108.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.149.0/24
194.87.160.0/23
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
194.135.30.0/24
195.58.50.0/24
195.58.52.0/24
195.58.56.0/21
195.133.12.0/24
195.133.15.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.5.0/24
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
62:3a:07:82:b4:07:cb:5f:7d:b5:a6:2f:c5:f6:5e:0a:87:0b:
53:6b:df:e8:7e:98:d6:33:57:3e:7d:c4:e9:d8:59:2b:dd:32:
a5:94:99:b8:e5:7f:10:04:83:1b:27:09:6f:d8:10:b8:3c:4f:
67:82:00:d9:c6:59:57:09:c8:63:63:12:9d:04:72:e9:74:da:
b3:97:1d:64:15:c9:26:9e:6f:17:93:84:89:e3:92:87:04:ab:
32:73:b7:47:e6:d5:b8:72:46:99:c8:d5:6e:ca:fb:4a:0d:c9:
55:92:28:8b:55:b0:00:04:5c:5e:d0:52:fb:93:73:e7:b3:f2:
bc:6d:55:d7:d8:a0:1f:6b:4a:90:a2:14:84:d1:70:ed:87:de:
68:86:19:bc:a6:04:a0:b0:b0:b7:88:36:5e:a6:32:c8:c1:4c:
9c:94:9d:71:80:e3:5f:2a:a2:2b:b4:a6:4d:04:f7:ac:f9:ef:
7a:cb:32:ae:b7:9d:94:9c:ee:e7:89:4c:23:4d:6f:bb:1a:1f:
f4:20:70:87:e4:81:38:62:2b:71:a1:59:9f:55:dc:22:13:ea:
a6:96:50:fa:6c:3a:0b:f6:be:8e:c8:e7:21:4e:1a:94:9a:e0:
09:10:dc:3e:01:3e:45:0a:83:49:7f:b6:8c:0a:2c:65:ca:f5:
7b:d8:4d:19
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAYUwKKJCD4Zy4FIh4yy2bXCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMTUzMDQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTA2OGNlNmU2NDcwMjg5OGI0OWRmYzQ3MDA4NTYzNmNlNjVmN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbrjnBIevlXiMpHQ8rQmuKcYHyJ+
bmBRO+NQYHVQo0Ka+gOViWKZQnaUjBdfUjshdGOyF3Tn0JoSmL6vfPkgf35+M+Df
wceCOJtOZnI8OFFgAnl9o+eCaoiMYBpG5yQMHIVbjVhRCz3Q1tDlNZqTwRhdRg4r
Ohre2EH7e07dOioh4ZriWawZXmHHCo0PDZd/+3gwPgXNTxVOSXgdIBNWj/iEjogB
gVmUvydxJmqTGqFFZvigLqgyAXmofpO57BNY7Ihuz7HquxJSDlJgmuDjlq+l2W+C
diBfGfENs7z7I/kjZuHpj++XgR9mhDva2BgCZqG7xriqIefI+a5DBl3zQwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFMoGjObmRwKJi0nfxHAIVjbOZffZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWdhTTV1WkhBb21MU2RfRWNBaFdOczVsOTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAVYEAgABMIIB
TgMEAD5M5wMEAD5M6wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8CQMEAMF8
EgMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8zwMEAMI6JgMEAcI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wldsAwQAwld2AwQAwld7AwQAwleIAwQAwleVAwQBwlegAwQAwlejAwQAwlelMAwD
BADCV6sDBADCV6wDBADCV7ADBADCV7YDBAHCV8YDBADCV8oDBAHCV9ADBAHCV94D
BADCV+kDBADChx4DBADDOjIDBADDOjQDBAPDOjgDBADDhQwDBADDhQ8DBADDhTcD
BADDhV4DBADDhcMDBAHUwAADBADUwAUDBADUwAoDBADUwN4DBADUwQADBADUwQww
DQYJKoZIhvcNAQELBQADggEBAGI6B4K0B8tffbWmL8X2XgqHC1Nr3+h+mNYzVz59
xOnYWSvdMqWUmbjlfxAEgxsnCW/YELg8T2eCANnGWVcJyGNjEp0Ecul02rOXHWQV
ySaebxeThInjkocEqzJzt0fm1bhyRpnI1W7K+0oNyVWSKItVsAAEXF7QUvuTc+ez
8rxtVdfYoB9rSpCiFITRcO2H3miGGbymBKCwsLeINl6mMsjBTJyUnXGA418qoiu0
pk0E96z573rLMq63nZSc7ueJTCNNb7saH/QgcIfkgThiK3GhWZ9V3CIT6qaWUPps
Ogv2vo7I5yFOGpSa4AkQ3D4BPkUKg0l/towKLGXK9XvYTRk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:15 2023 by rpki-client on console-ams.rpki-client.org