Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/Y_URbftDJEc1esh75idhlPmyaiE.roa
File: Y_URbftDJEc1esh75idhlPmyaiE.roa (raw, json)
Hash identifier: HjRtT7nPKvWm+D/me1bX1yzAiLrGvhXv4qaMkUTPzdQ=
Subject key identifier: 63:F5:11:6D:FB:43:24:47:35:7A:C8:7B:E6:27:61:94:F9:B2:6A:21
Certificate issuer: /CN=646579561eca5879a747025e5798487b19cd2a97
Certificate serial: 0184D2A3816F7A2C1142B6F29357341D730F
Authority key identifier: 64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/Y_URbftDJEc1esh75idhlPmyaiE.roa
Signing time: Fri 02 Dec 2022 11:40:41 +0000
ROA not before: Fri 02 Dec 2022 11:40:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51409
IP address blocks: 178.255.56.0/24 maxlen: 24
178.255.57.0/24 maxlen: 24
178.255.58.0/24 maxlen: 24
178.255.56.0/21 maxlen: 21
178.255.62.0/24 maxlen: 24
178.255.63.0/24 maxlen: 24
178.255.59.0/24 maxlen: 24
178.255.60.0/24 maxlen: 24
178.255.61.0/24 maxlen: 24
185.41.227.0/24 maxlen: 24
185.41.224.0/24 maxlen: 24
185.41.224.0/22 maxlen: 22
185.41.225.0/24 maxlen: 24
185.41.226.0/24 maxlen: 24
45.146.157.0/24 maxlen: 24
45.146.158.0/24 maxlen: 24
45.146.159.0/24 maxlen: 24
45.146.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:a3:81:6f:7a:2c:11:42:b6:f2:93:57:34:1d:73:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=646579561eca5879a747025e5798487b19cd2a97
Validity
Not Before: Dec 2 11:40:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63f5116dfb432447357ac87be6276194f9b26a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c7:3e:eb:ac:fa:f5:93:c5:41:1a:48:b3:15:
85:f1:fe:78:24:39:6e:ce:2f:39:5f:48:c8:ae:be:
df:f2:12:0b:1a:b1:79:93:1a:54:ee:b6:66:f9:e6:
16:80:5c:ea:e5:e4:87:ff:49:4d:5a:b9:70:d9:83:
d3:19:f2:f2:5f:30:55:eb:3b:65:ad:37:cc:70:e6:
5c:d9:ac:53:1f:03:bc:bb:c4:09:81:63:1d:a0:b3:
2b:2c:b0:17:db:a9:dc:3f:e8:fa:08:cf:d9:7c:ae:
b6:cb:65:3c:e5:a8:e7:cb:83:b6:7b:91:4d:56:b1:
e0:20:d4:94:dc:be:8e:96:37:ff:7f:66:a8:fd:d1:
0d:e7:57:84:25:47:3e:4c:24:a8:36:68:c4:1f:eb:
38:ee:11:71:45:f2:1c:ba:32:59:92:12:77:e0:f9:
a7:7c:71:cb:3a:94:76:aa:88:8b:c1:31:f4:7b:e9:
2c:f0:07:02:a6:59:3c:b9:83:e2:3e:1f:bd:8d:5f:
dc:4d:e7:04:64:54:a9:59:ab:5d:b8:84:b0:aa:6f:
fc:23:67:d7:0e:15:58:e9:74:db:8e:99:e3:5e:67:
5f:26:8c:7e:33:1f:cc:b0:97:25:96:61:a8:70:bc:
ed:c7:5e:2a:40:ee:85:75:6a:ce:99:a1:cc:ea:7b:
c8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F5:11:6D:FB:43:24:47:35:7A:C8:7B:E6:27:61:94:F9:B2:6A:21
X509v3 Authority Key Identifier:
keyid:64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/Y_URbftDJEc1esh75idhlPmyaiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.156.0/22
178.255.56.0/21
185.41.224.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:2e:3f:c5:32:1b:f6:15:0c:b4:e0:47:62:31:35:3b:d6:2c:
11:3d:75:ec:7d:d8:9a:99:31:22:cc:88:8e:6f:c9:17:6a:1d:
90:b1:2b:d3:18:e1:06:2c:c2:e8:ee:4f:d5:93:21:54:cc:ce:
dd:c4:ac:f8:75:f0:85:37:44:73:ca:9f:53:f7:64:30:dd:5c:
b0:f3:f9:64:c6:38:b0:31:cd:39:ad:b2:11:f9:4a:74:cc:0e:
84:73:09:bd:92:18:8d:8a:ae:f7:94:37:85:09:00:9f:5f:d1:
bf:e9:a0:c6:41:e2:d5:b8:3f:63:f6:08:b2:1e:e8:05:f9:b1:
83:93:f9:59:90:f3:68:8a:90:e3:57:39:84:28:fd:2d:41:34:
aa:0a:51:dc:85:49:16:3c:a6:bc:f2:6c:2a:af:2e:e9:09:82:
1a:b2:10:d8:c3:ea:8c:21:b1:d3:f7:8f:03:b8:da:01:e9:17:
03:08:1e:ab:3b:43:11:43:69:aa:32:db:89:2e:2f:f5:f0:25:
d7:80:10:88:d7:32:ca:bb:c5:18:5c:e4:23:c8:2a:ee:be:06:
95:9b:29:b9:fa:a6:5b:cd:2e:43:4b:75:b2:1c:b3:ca:f3:e6:
32:1e:04:65:b9:ba:90:ce:4a:81:12:5c:ee:ea:90:ad:a9:43:
90:26:9b:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTSo4FveiwRQrbyk1c0HXMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NjU3OTU2MWVjYTU4NzlhNzQ3MDI1ZTU3OTg0ODdiMTlj
ZDJhOTcwHhcNMjIxMjAyMTE0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y1MTE2ZGZiNDMyNDQ3MzU3YWM4N2JlNjI3NjE5NGY5YjI2YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMc+66z69ZPFQRpIsxWF8f54JDlu
zi85X0jIrr7f8hILGrF5kxpU7rZm+eYWgFzq5eSH/0lNWrlw2YPTGfLyXzBV6ztl
rTfMcOZc2axTHwO8u8QJgWMdoLMrLLAX26ncP+j6CM/ZfK62y2U85ajny4O2e5FN
VrHgINSU3L6Oljf/f2ao/dEN51eEJUc+TCSoNmjEH+s47hFxRfIcujJZkhJ34Pmn
fHHLOpR2qoiLwTH0e+ks8AcCplk8uYPiPh+9jV/cTecEZFSpWatduISwqm/8I2fX
DhVY6XTbjpnjXmdfJox+Mx/MsJcllmGocLztx14qQO6FdWrOmaHM6nvIswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGP1EW37QyRHNXrIe+YnYZT5smohMB8GA1UdIwQY
MBaAFGRleVYeylh5p0cCXleYSHsZzSqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTct
NTVjM2QxMjllYzI4LzEvWV9VUmJmdERKRWMxZXNoNzVpZGhsUG15YWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTctNTVjM2QxMjllYzI4
LzEvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZKcAwQD
sv84AwQCuSngMA0GCSqGSIb3DQEBCwUAA4IBAQB6Lj/FMhv2FQy04EdiMTU71iwR
PXXsfdiamTEizIiOb8kXah2QsSvTGOEGLMLo7k/VkyFUzM7dxKz4dfCFN0Rzyp9T
92Qw3Vyw8/lkxjiwMc05rbIR+Up0zA6Ecwm9khiNiq73lDeFCQCfX9G/6aDGQeLV
uD9j9giyHugF+bGDk/lZkPNoipDjVzmEKP0tQTSqClHchUkWPKa88mwqry7pCYIa
shDYw+qMIbHT948DuNoB6RcDCB6rO0MRQ2mqMtuJLi/18CXXgBCI1zLKu8UYXOQj
yCruvgaVmym5+qZbzS5DS3WyHLPK8+YyHgRlubqQzkqBElzu6pCtqUOQJptG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:02 2024 by rpki-client on console-fra.rpki-client.org