Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/y1s0HdOj3hPjuXNq5NcXWnX9HDE.roa
File: y1s0HdOj3hPjuXNq5NcXWnX9HDE.roa (raw, json)
Hash identifier: wurxOAunu/NeUoy7yfT6mL9mxlbaQkYGEWcvn7So5ks=
Subject key identifier: CB:5B:34:1D:D3:A3:DE:13:E3:B9:73:6A:E4:D7:17:5A:75:FD:1C:31
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 071E5D1D
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/y1s0HdOj3hPjuXNq5NcXWnX9HDE.roa
Signing time: Sat 01 Jan 2022 15:01:37 +0000
ROA not before: Sat 01 Jan 2022 15:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39519
IP address blocks: 194.107.165.0/24 maxlen: 24
2001:4ba2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119430429 (0x71e5d1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 1 15:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb5b341dd3a3de13e3b9736ae4d7175a75fd1c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6b:53:36:1e:54:c1:fe:80:73:65:6d:10:91:
59:d9:52:c0:31:34:bf:95:5a:c2:ad:bb:69:e3:86:
54:31:f0:cb:62:02:08:4f:ad:d0:c7:3f:3e:70:69:
72:25:d4:cd:1f:53:1e:6a:15:09:65:ec:65:c0:f8:
c6:b0:dd:28:aa:ee:13:e5:15:85:80:ed:7e:fa:56:
0d:8d:a9:bf:4a:f7:f9:d1:c5:eb:48:a3:91:f7:6c:
da:14:b5:ee:0d:2d:81:96:77:c2:ff:36:f1:38:85:
9e:a0:cb:31:47:6b:69:7e:ce:76:99:b8:a9:2c:7c:
95:c8:df:5a:f0:18:c8:7c:8e:cf:de:ff:80:cc:3b:
29:75:21:5f:4a:73:4a:ee:a4:df:2d:e6:90:0d:26:
83:69:86:a6:ee:38:9b:1b:9c:9c:17:eb:6f:48:bc:
e5:45:26:07:9e:40:15:e4:23:d1:4f:4c:d7:3a:5b:
e4:55:65:09:06:fa:00:82:b4:11:f1:bd:e3:e5:c2:
b0:10:b1:28:86:71:1f:e7:6a:03:36:7d:82:2b:0c:
02:96:8c:f1:0f:3c:85:f1:b4:e1:67:69:89:10:3c:
42:1c:6d:ff:5f:97:48:6f:6e:80:28:f4:8a:94:29:
80:55:5e:5a:dc:d7:b3:ec:34:8c:07:6b:cc:da:73:
7e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5B:34:1D:D3:A3:DE:13:E3:B9:73:6A:E4:D7:17:5A:75:FD:1C:31
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/y1s0HdOj3hPjuXNq5NcXWnX9HDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.165.0/24
IPv6:
2001:4ba2::/32
Signature Algorithm: sha256WithRSAEncryption
46:e5:98:33:40:2f:53:c2:1b:4f:c0:84:52:e1:3f:7c:4f:7c:
d3:94:b2:0f:67:2d:bb:1a:5f:9f:a0:06:ee:91:74:f7:cc:9e:
f9:a2:62:1d:58:58:d3:93:10:28:b0:b8:b0:25:57:95:07:ee:
58:ca:4b:0b:39:69:e3:2b:8f:ba:8e:be:27:2f:0f:1b:14:22:
7e:da:d3:dd:81:a4:c4:48:44:63:4c:fa:94:f1:d4:9c:23:c5:
db:8b:af:27:cc:bc:1e:d1:df:ad:fa:5b:00:07:53:d4:ed:9c:
d8:af:94:3d:d3:e1:77:0c:fd:21:29:be:19:52:cb:80:53:35:
e8:19:73:b4:84:c4:de:2e:b1:60:99:e6:ed:30:b7:b6:71:1a:
5f:00:26:b1:36:81:e0:38:7b:76:00:65:15:0a:7a:65:cd:5d:
47:92:6c:e7:53:1b:4f:09:1a:e3:f3:7b:d1:fb:1a:c3:fb:e7:
04:95:f5:95:8f:da:8a:ee:28:b8:56:bc:21:23:5b:8e:68:d2:
ea:d1:94:d8:ad:4a:6e:6d:3d:3a:c2:ce:9c:fb:fc:a9:43:23:
c0:e2:0c:32:d4:52:f8:8a:be:b7:82:7d:e7:a9:7a:28:12:12:
5d:f7:da:f0:5c:9d:c5:f4:db:b0:4a:75:48:bf:e5:c9:86:eb:
b0:b4:c8:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBx5dHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzZiNDIwMjE4ODZkOGVlZGJhZTkwZDllNmFiMWRlNTMzYzUwZDIwMB4XDTIyMDEw
MTE1MDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I1YjM0MWRkM2Ez
ZGUxM2UzYjk3MzZhZTRkNzE3NWE3NWZkMWMzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxrUzYeVMH+gHNlbRCRWdlSwDE0v5Vawq27aeOGVDHwy2IC
CE+t0Mc/PnBpciXUzR9THmoVCWXsZcD4xrDdKKruE+UVhYDtfvpWDY2pv0r3+dHF
60ijkfds2hS17g0tgZZ3wv828TiFnqDLMUdraX7Odpm4qSx8lcjfWvAYyHyOz97/
gMw7KXUhX0pzSu6k3y3mkA0mg2mGpu44mxucnBfrb0i85UUmB55AFeQj0U9M1zpb
5FVlCQb6AIK0EfG94+XCsBCxKIZxH+dqAzZ9gisMApaM8Q88hfG04WdpiRA8Qhxt
/1+XSG9ugCj0ipQpgFVeWtzXs+w0jAdrzNpzfukCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTLWzQd06PeE+O5c2rk1xdadf0cMTAfBgNVHSMEGDAWgBTsa0ICGIbY7tuu
kNnmqx3lM8UNIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdHdENBaGlHMk83YnJwRFo1cXNkNVRQRkRTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMjZjM2UxLTY0ODYtNGUwOS05OWE0LWE2ODczYjM3NGUyNi8x
L3kxczBIZE9qM2hQanVYTnE1TmNYV25YOUhERS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MjZjM2UxLTY0ODYtNGUwOS05OWE0LWE2ODczYjM3NGUyNi8xLzdHdENBaGlHMk83
YnJwRFo1cXNkNVRQRkRTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMJrpTANBAIAAjAHAwUAIAFLojAN
BgkqhkiG9w0BAQsFAAOCAQEARuWYM0AvU8IbT8CEUuE/fE9805SyD2ctuxpfn6AG
7pF098ye+aJiHVhY05MQKLC4sCVXlQfuWMpLCzlp4yuPuo6+Jy8PGxQiftrT3YGk
xEhEY0z6lPHUnCPF24uvJ8y8HtHfrfpbAAdT1O2c2K+UPdPhdwz9ISm+GVLLgFM1
6BlztITE3i6xYJnm7TC3tnEaXwAmsTaB4Dh7dgBlFQp6Zc1dR5Js51MbTwka4/N7
0fsaw/vnBJX1lY/aiu4ouFa8ISNbjmjS6tGU2K1Kbm09OsLOnPv8qUMjwOIMMtRS
+Iq+t4J956l6KBISXffa8FydxfTbsEp1SL/lyYbrsLTIBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org