Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zG1qewaBqiFcv4tB_TQYjp3oEP8.roa
File: zG1qewaBqiFcv4tB_TQYjp3oEP8.roa (raw, json)
Hash identifier: j1/i3QIAY8Wo7tDKaCCjByC3/jnDvFWJpZ0kIilkOZk=
Subject key identifier: CC:6D:6A:7B:06:81:AA:21:5C:BF:8B:41:FD:34:18:8E:9D:E8:10:FF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E27D082
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zG1qewaBqiFcv4tB_TQYjp3oEP8.roa
Signing time: Sat 01 Jan 2022 01:58:26 +0000
ROA not before: Sat 01 Jan 2022 01:58:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
195.133.16.0/22 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.242.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 237490306 (0xe27d082)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc6d6a7b0681aa215cbf8b41fd34188e9de810ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:64:d0:5f:52:be:10:6d:94:d3:52:b8:de:
08:5d:c2:ef:44:d3:dc:a3:86:89:80:37:7b:9c:59:
ae:3c:30:dc:82:a8:0a:03:9f:da:a7:6b:52:8a:90:
73:c8:ea:f0:4c:f7:1d:04:5f:10:25:08:c1:66:e9:
1b:06:e0:99:cd:a6:87:a8:49:67:ab:d0:71:1d:f7:
07:93:c0:21:a7:1a:9c:b1:ca:01:60:4e:e3:2d:c4:
6c:ed:94:af:dc:3e:eb:a4:b1:0b:d3:ec:14:e2:c1:
9f:d3:55:ca:ef:6c:9b:3e:bc:2c:a9:41:b8:25:b6:
86:12:1d:b8:0a:61:78:7b:e7:02:a0:3a:a2:f0:33:
e6:19:2a:e4:e6:37:f4:96:fe:59:b6:4d:58:32:bc:
bb:13:19:d9:3d:76:bc:fd:9c:b7:3f:53:0e:2e:10:
2d:81:74:95:38:d2:bb:34:dc:90:fb:e2:91:94:5b:
92:92:20:30:5e:25:88:11:2e:11:ea:96:89:7c:e1:
46:66:4e:ab:b6:52:db:38:8e:7a:3f:02:1b:d0:6d:
64:20:99:6e:70:4b:39:e6:f2:06:30:4e:88:8e:82:
99:61:31:6d:ae:3a:84:21:05:c7:44:02:b1:15:41:
7e:23:25:fa:a7:51:28:d5:4e:5d:a2:f3:76:d7:61:
d2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6D:6A:7B:06:81:AA:21:5C:BF:8B:41:FD:34:18:8E:9D:E8:10:FF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zG1qewaBqiFcv4tB_TQYjp3oEP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.24.0/22
195.133.16.0/22
195.133.37.0-195.133.43.255
212.192.240.0/24
212.192.242.0/23
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
92:12:2b:d6:37:b5:d3:37:15:42:c0:73:bd:b0:70:15:ec:9c:
de:4e:f7:be:a8:44:1a:23:92:2b:5f:96:48:d3:38:f1:ad:17:
07:6c:7d:20:6c:eb:b5:3c:3e:5c:46:b6:a7:6a:29:fa:fb:68:
49:a7:e6:82:a4:a8:7c:66:17:c9:35:12:97:f4:0c:25:a3:1c:
a6:97:e5:d5:d1:44:ba:38:c0:e8:a2:72:3a:1a:9f:48:4c:87:
17:cc:81:dd:0f:b7:c6:66:ae:b0:d8:cf:76:18:2b:68:cb:4f:
75:b4:01:e3:3a:b1:ed:88:8e:c5:1f:c7:95:59:9f:6a:fd:22:
31:d3:dc:83:1f:6f:18:9e:f9:20:4a:21:b5:ca:fa:39:75:d8:
36:a3:92:5c:a2:1b:60:0e:af:7a:aa:4f:06:22:79:41:bd:fa:
a3:fc:0f:84:af:7e:bc:1d:cc:15:ce:14:fc:2a:13:9e:36:5c:
84:4e:8e:cc:46:6d:86:cf:5f:0d:09:7e:7b:16:ac:69:67:ab:
a6:1d:a6:24:47:50:0e:e2:38:c3:d8:c9:f7:28:38:3e:cb:fe:
7f:ee:3e:55:af:c3:dd:1e:26:71:a2:b9:f0:8c:48:c1:d7:39:
7f:21:5d:6a:d5:7b:25:e0:2c:92:03:da:4b:df:af:f4:bf:f0:
96:f8:88:e1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEDifQgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M2ZDZhN2IwNjgx
YWEyMTVjYmY4YjQxZmQzNDE4OGU5ZGU4MTBmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnGZNBfUr4QbZTTUrjeCF3C70TT3KOGiYA3e5xZrjww3IKo
CgOf2qdrUoqQc8jq8Ez3HQRfECUIwWbpGwbgmc2mh6hJZ6vQcR33B5PAIacanLHK
AWBO4y3EbO2Ur9w+66SxC9PsFOLBn9NVyu9smz68LKlBuCW2hhIduApheHvnAqA6
ovAz5hkq5OY39Jb+WbZNWDK8uxMZ2T12vP2ctz9TDi4QLYF0lTjSuzTckPvikZRb
kpIgMF4liBEuEeqWiXzhRmZOq7ZS2ziOej8CG9BtZCCZbnBLOebyBjBOiI6CmWEx
ba46hCEFx0QCsRVBfiMl+qdRKNVOXaLzdtdh0qECAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTMbWp7BoGqIVy/i0H9NBiOnegQ/zAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L3pHMXFld2FCcWlGY3Y0dEJfVFFZanAzb0VQOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAMF84wMEAMJV+QMEAMJV+wMEAsJX
GAMEAsOFEDAMAwQAw4UlAwQCw4UoAwQA1MDwAwQB1MDyAwQA1MEcAwQA1MEfMA0G
CSqGSIb3DQEBCwUAA4IBAQCSEivWN7XTNxVCwHO9sHAV7JzeTve+qEQaI5IrX5ZI
0zjxrRcHbH0gbOu1PD5cRranain6+2hJp+aCpKh8ZhfJNRKX9Awloxyml+XV0US6
OMDoonI6Gp9ITIcXzIHdD7fGZq6w2M92GCtoy091tAHjOrHtiI7FH8eVWZ9q/SIx
09yDH28YnvkgSiG1yvo5ddg2o5JcohtgDq96qk8GInlBvfqj/A+Er368HcwVzhT8
KhOeNlyETo7MRm2Gz18NCX57FqxpZ6umHaYkR1AO4jjD2Mn3KDg+y/5/7j5Vr8Pd
HiZxornwjEjB1zl/IV1q1Xsl4CySA9pL36/0v/CW+Ijh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org