Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zRuoQ0yrGAocegvzNEYrvtGlvjI.roa
File: zRuoQ0yrGAocegvzNEYrvtGlvjI.roa (raw, json)
Hash identifier: eBVuDsIRBrDYoU4tJzIWqdHJob4lu6B5GwOhwS8TuB4=
Subject key identifier: CD:1B:A8:43:4C:AB:18:0A:1C:7A:0B:F3:34:46:2B:BE:D1:A5:BE:32
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01852F2B04A7F5A8F8B3B7136D1EB7F6674A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zRuoQ0yrGAocegvzNEYrvtGlvjI.roa
Signing time: Tue 20 Dec 2022 10:53:46 +0000
ROA not before: Tue 20 Dec 2022 10:53:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
212.193.24.0/22 maxlen: 24
62.76.233.0/24 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.120.0/23 maxlen: 24
195.133.9.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:2b:04:a7:f5:a8:f8:b3:b7:13:6d:1e:b7:f6:67:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 10:53:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd1ba8434cab180a1c7a0bf334462bbed1a5be32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a4:d8:47:0e:51:c3:4c:a7:9e:9b:9b:b9:f0:
76:24:9c:6b:7e:55:18:0e:95:d4:dc:ff:94:0d:c4:
0d:f7:5a:d3:fb:90:a1:70:84:c6:d5:0a:ac:13:81:
24:51:f0:6b:3e:e2:90:e3:a7:d6:7e:ca:03:65:bc:
14:73:ea:f8:28:b7:a1:81:f1:35:73:77:08:87:45:
c0:7d:64:d2:a1:ee:fd:48:89:27:57:bb:c7:a3:d1:
65:1d:ea:38:f3:ad:54:19:bc:46:39:f5:2f:e9:2c:
46:32:08:09:bf:e9:cf:a7:58:36:1c:77:56:a5:9a:
16:fa:e8:40:21:19:a3:5e:d6:b8:4b:25:3a:52:b9:
57:f9:b3:b0:5e:ed:c5:c2:41:e3:e4:a1:41:ff:4f:
4a:25:d3:ab:03:11:36:2d:0b:04:3b:17:b1:f8:a5:
31:ad:f2:83:02:81:99:c1:92:54:3e:48:3a:de:43:
72:b6:98:c7:21:37:f1:f8:87:e6:4f:c0:4d:2d:bc:
2d:61:c8:6c:ca:72:02:35:a7:ff:e5:32:a3:6a:60:
e4:57:9d:f8:ab:14:7b:77:af:62:95:cd:74:05:1b:
b0:97:17:f3:5d:56:63:f2:98:84:0f:ae:c5:48:6b:
ce:79:ab:2c:25:54:fa:58:c2:f6:fc:1c:5c:f5:c5:
42:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1B:A8:43:4C:AB:18:0A:1C:7A:0B:F3:34:46:2B:BE:D1:A5:BE:32
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zRuoQ0yrGAocegvzNEYrvtGlvjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.233.0/24
194.87.120.0/23
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.25.0-195.133.27.255
195.133.59.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:5f:3d:06:12:f8:8c:72:57:ab:58:f4:1b:fd:66:b4:d8:6a:
76:ac:a4:ea:53:3c:46:3e:c7:3e:f2:b5:6b:89:58:aa:ba:f0:
1b:4a:fd:bb:d4:07:79:50:91:cb:64:51:df:4b:78:ab:fc:a8:
55:ff:0d:7d:a5:f8:f0:0c:79:e9:d7:75:93:07:95:53:80:d9:
59:f2:a7:aa:c2:fe:f1:1b:07:5a:bb:3c:ba:9d:84:1d:7c:f8:
6a:9c:f9:40:5e:b1:4f:f2:8e:40:70:f5:4e:fd:ff:8b:63:02:
1b:40:49:71:8f:ef:62:c1:28:29:7b:28:d9:e8:50:bd:c8:01:
43:c3:31:10:53:47:2b:72:de:57:bc:5c:9c:73:09:b4:e5:83:
d6:aa:2f:2c:1f:07:6d:39:8c:b7:36:39:a9:f3:b3:7b:59:30:
73:30:b6:ac:53:16:61:30:12:0f:ff:44:2c:29:13:10:b5:0c:
aa:49:8c:4e:87:75:c8:ab:70:8a:bb:16:e6:94:73:da:9a:60:
e5:1d:23:ae:99:54:49:7a:fb:df:24:8a:12:1e:75:b6:6e:a4:
10:e4:22:f3:4f:ff:0c:05:25:84:d4:1d:cf:f1:35:d6:49:0a:
64:8d:3c:ce:d5:76:80:f4:a5:d1:bd:15:97:69:f4:56:34:9e:
3e:b8:c0:f8
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYUvKwSn9aj4s7cTbR639mdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIwMTA1MzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDFiYTg0MzRjYWIxODBhMWM3YTBiZjMzNDQ2MmJiZWQxYTViZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraTYRw5Rw0ynnpubufB2JJxrflUY
DpXU3P+UDcQN91rT+5ChcITG1QqsE4EkUfBrPuKQ46fWfsoDZbwUc+r4KLehgfE1
c3cIh0XAfWTSoe79SIknV7vHo9FlHeo4861UGbxGOfUv6SxGMggJv+nPp1g2HHdW
pZoW+uhAIRmjXta4SyU6UrlX+bOwXu3FwkHj5KFB/09KJdOrAxE2LQsEOxex+KUx
rfKDAoGZwZJUPkg63kNytpjHITfx+IfmT8BNLbwtYchsynICNaf/5TKjamDkV534
qxR7d69ilc10BRuwlxfzXVZj8piED67FSGvOeassJVT6WML2/Bxc9cVCgwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFM0bqENMqxgKHHoL8zRGK77Rpb4yMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvelJ1b1EweXJHQW9jZWd2ek5FWXJ2dEdsdmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAPkzpAwQB
wld4AwQAwlfhAwQAwocgAwQAwocmAwQAwodoAwQAw4UJAwQAw4UVMAwDBADDhRkD
BALDhRgDBADDhTsDBALUwRgwDQYJKoZIhvcNAQELBQADggEBAE1fPQYS+IxyV6tY
9Bv9ZrTYanaspOpTPEY+xz7ytWuJWKq68BtK/bvUB3lQkctkUd9LeKv8qFX/DX2l
+PAMeenXdZMHlVOA2Vnyp6rC/vEbB1q7PLqdhB18+Gqc+UBesU/yjkBw9U79/4tj
AhtASXGP72LBKCl7KNnoUL3IAUPDMRBTRyty3le8XJxzCbTlg9aqLywfB205jLc2
Oanzs3tZMHMwtqxTFmEwEg//RCwpExC1DKpJjE6HdcircIq7FuaUc9qaYOUdI66Z
VEl6+98kihIedbZupBDkIvNP/wwFJYTUHc/xNdZJCmSNPM7VdoD0pdG9FZdp9FY0
nj64wPg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:15 2023 by rpki-client on console-fra.rpki-client.org