Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/C35vdIMHnDd0hvpvJ1yhxsuCwso.roa
File: C35vdIMHnDd0hvpvJ1yhxsuCwso.roa (raw, json)
Hash identifier: 6VPhIz7HIDF79Dz2gfREBGjiRbSXcCnWCxF2WN7H9No=
Subject key identifier: 0B:7E:6F:74:83:07:9C:37:74:86:FA:6F:27:5C:A1:C6:CB:82:C2:CA
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 01838DAF22A544D7511239C8831D1B3CAFDD
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/C35vdIMHnDd0hvpvJ1yhxsuCwso.roa
Signing time: Fri 30 Sep 2022 09:16:48 +0000
ROA not before: Fri 30 Sep 2022 09:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43915
IP address blocks: 193.35.146.0/23 maxlen: 23
87.117.68.0/23 maxlen: 23
194.145.242.0/23 maxlen: 24
195.206.172.0/22 maxlen: 24
185.147.184.0/22 maxlen: 22
217.14.184.0/21 maxlen: 21
109.224.226.0/23 maxlen: 24
109.224.240.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
147.189.156.0/22 maxlen: 24
185.161.4.0/22 maxlen: 22
87.117.64.0/22 maxlen: 22
213.225.224.0/22 maxlen: 24
217.20.244.0/22 maxlen: 24
79.135.122.0/23 maxlen: 24
185.23.254.0/23 maxlen: 24
45.66.36.0/22 maxlen: 22
2a07:5940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:af:22:a5:44:d7:51:12:39:c8:83:1d:1b:3c:af:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Sep 30 09:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b7e6f7483079c377486fa6f275ca1c6cb82c2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:51:e8:69:d4:ff:26:9a:0e:5e:ec:51:4d:de:
8f:4a:7f:8f:a2:bb:ab:53:dd:91:9c:83:ac:be:7f:
a2:dd:ce:9a:52:86:57:bb:7e:3e:7c:45:5d:8f:2e:
fb:1d:80:37:2b:76:87:d4:fc:4b:1b:9b:b7:ed:2d:
be:b5:75:e0:c1:45:83:8d:75:ad:59:70:94:23:21:
2c:9c:87:59:b7:94:b6:6a:ad:9d:b8:ec:68:b0:26:
8c:e6:c8:63:c7:c0:87:87:a7:80:01:1d:16:4d:60:
81:cb:9b:c5:2d:5c:16:9d:78:9b:f2:71:4d:35:21:
63:9c:7d:24:51:50:4f:a8:60:9d:a8:8b:ba:bc:0a:
d9:d8:de:8a:96:f2:35:a7:ba:85:bd:32:54:c8:a4:
32:9d:20:e4:2d:09:90:40:a4:9d:3b:98:7a:32:18:
b8:2a:a4:c8:fe:a4:cc:c3:dd:8f:71:6c:ad:19:1e:
c3:4f:b1:ce:cf:a1:f9:6f:fe:c6:34:b9:fa:c9:13:
17:23:a4:11:a6:48:a8:c7:33:d0:7b:e9:dd:8f:06:
a6:8a:f1:41:a3:36:9b:48:0e:86:e3:5c:bc:d1:0f:
16:89:d2:74:00:ba:fb:bd:55:82:2e:00:dd:74:3a:
a9:43:84:bc:ef:cf:a1:fd:29:f4:35:ef:10:d2:b9:
95:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7E:6F:74:83:07:9C:37:74:86:FA:6F:27:5C:A1:C6:CB:82:C2:CA
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/C35vdIMHnDd0hvpvJ1yhxsuCwso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.36.0/22
79.135.122.0/23
87.117.64.0-87.117.69.255
109.224.226.0/23
109.224.234.0/23
109.224.240.0/23
147.189.156.0/22
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
193.35.146.0/23
194.145.242.0/23
194.146.160.0/22
195.206.172.0/22
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
56:3a:fd:f4:80:e4:4d:64:9b:13:e6:1e:f8:c2:41:17:3a:df:
80:4c:5f:5a:d7:16:19:74:f7:e8:7b:1b:49:59:b0:a7:1a:40:
ad:04:9b:a8:77:a3:31:e0:23:e8:eb:bb:0e:ef:71:0a:f8:12:
92:22:e4:de:18:43:2b:a7:b7:51:74:71:cc:ef:c1:91:55:e0:
98:9e:10:2d:bd:0f:20:b9:50:c4:01:4d:78:57:87:8e:f7:c5:
9a:5d:c0:cc:ca:d5:84:db:29:c8:76:2b:4f:01:fd:6d:e7:51:
da:70:27:68:ed:7c:9d:33:ec:21:4e:69:9f:60:3c:95:86:24:
a4:f5:63:d0:e3:07:dd:38:d9:d6:6d:67:3b:cd:12:35:a4:57:
47:da:df:f8:0a:c3:8d:cf:ba:0c:22:75:b3:2b:53:2f:23:1e:
4e:c1:b6:cd:45:7b:45:6d:cc:5b:62:5b:3a:45:61:4e:14:82:
34:5f:b6:18:ab:74:20:dd:1e:c5:ba:95:36:d6:a2:9c:cd:5a:
7f:9e:fb:1c:77:08:6d:3c:17:56:92:3b:9d:18:5a:af:70:2c:
d0:66:ea:25:f8:6a:bb:db:1b:68:b6:06:bf:fe:6d:6c:b5:c8:
21:f6:6e:64:ab:7b:31:fc:c8:fd:00:09:de:06:35:e0:60:d7:
e4:21:d2:d0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYONryKlRNdREjnIgx0bPK/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjIwOTMwMDkxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjdlNmY3NDgzMDc5YzM3NzQ4NmZhNmYyNzVjYTFjNmNiODJjMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFHoadT/JpoOXuxRTd6PSn+Porur
U92RnIOsvn+i3c6aUoZXu34+fEVdjy77HYA3K3aH1PxLG5u37S2+tXXgwUWDjXWt
WXCUIyEsnIdZt5S2aq2duOxosCaM5shjx8CHh6eAAR0WTWCBy5vFLVwWnXib8nFN
NSFjnH0kUVBPqGCdqIu6vArZ2N6KlvI1p7qFvTJUyKQynSDkLQmQQKSdO5h6Mhi4
KqTI/qTMw92PcWytGR7DT7HOz6H5b/7GNLn6yRMXI6QRpkioxzPQe+ndjwamivFB
ozabSA6G41y80Q8WidJ0ALr7vVWCLgDddDqpQ4S878+h/Sn0Ne8Q0rmVxwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFAt+b3SDB5w3dIb6bydcocbLgsLKMB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvQzM1dmRJTUhuRGQwaHZwdkoxeWh4c3VDd3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQCLUIk
AwQBT4d6MAwDBAZXdUADBAFXdUQDBAFt4OIDBAFt4OoDBAFt4PADBAKTvZwDBAG5
F/4DBAK5k7gDBAK5oQQDBAHBI5IDBAHCkfIDBALCkqADBALDzqwDBALV4eADBAPZ
DrgDBALZFPQwDQQCAAIwBwMFACoHWUAwDQYJKoZIhvcNAQELBQADggEBAFY6/fSA
5E1kmxPmHvjCQRc634BMX1rXFhl09+h7G0lZsKcaQK0Em6h3ozHgI+jruw7vcQr4
EpIi5N4YQyunt1F0cczvwZFV4JieEC29DyC5UMQBTXhXh473xZpdwMzK1YTbKch2
K08B/W3nUdpwJ2jtfJ0z7CFOaZ9gPJWGJKT1Y9DjB9042dZtZzvNEjWkV0fa3/gK
w43PugwidbMrUy8jHk7Bts1Fe0VtzFtiWzpFYU4UgjRfthirdCDdHsW6lTbWopzN
Wn+e+xx3CG08F1aSO50YWq9wLNBm6iX4arvbG2i2Br/+bWy1yCH2bmSrezH8yP0A
Cd4GNeBg1+Qh0tA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:41 2023 by rpki-client on console-ams.rpki-client.org