Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/1-fYZvgUDi2yW95Vjpf8u7Az3Uxs.roa
File: 1-fYZvgUDi2yW95Vjpf8u7Az3Uxs.roa (raw, json)
Hash identifier: siCWQdwEN2qoEWrRsv4K1OPtBMDUB2g1mRnxiCIxoRI=
Subject key identifier: F9:F6:19:BE:05:03:8B:6C:96:F7:95:63:A5:FF:2E:EC:0C:F7:53:1B
Certificate issuer: /CN=4b2b6d2a5d4130560f617963d9fbc93442dc1ccd
Certificate serial: 06814F5F
Authority key identifier: 4B:2B:6D:2A:5D:41:30:56:0F:61:79:63:D9:FB:C9:34:42:DC:1C:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyttKl1BMFYPYXlj2fvJNELcHM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/1-fYZvgUDi2yW95Vjpf8u7Az3Uxs.roa
Signing time: Sat 01 Jan 2022 08:04:35 +0000
ROA not before: Sat 01 Jan 2022 08:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 192.101.176.0/24 maxlen: 24
130.92.0.0/16 maxlen: 16
192.41.152.0/21 maxlen: 21
192.41.149.0/24 maxlen: 24
192.41.150.0/23 maxlen: 23
193.247.240.0/22 maxlen: 22
192.41.160.0/24 maxlen: 24
193.135.168.0/22 maxlen: 22
194.153.96.0/24 maxlen: 24
193.5.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109137759 (0x6814f5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b2b6d2a5d4130560f617963d9fbc93442dc1ccd
Validity
Not Before: Jan 1 08:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9f619be05038b6c96f79563a5ff2eec0cf7531b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:77:4a:81:9a:1e:03:72:62:2e:ff:75:f9:2d:
45:3c:6a:6d:72:c0:25:01:42:8f:c5:46:13:00:c8:
45:12:c6:49:76:66:60:b6:01:f8:22:d8:03:5d:b2:
59:e9:9a:7d:36:15:0e:47:07:de:f0:32:64:42:0f:
c3:c9:9e:a2:7a:0f:55:5f:ff:63:55:c2:6c:7a:a0:
b1:56:23:27:43:b4:fe:f8:eb:c8:d3:75:d9:96:5e:
9b:08:0c:05:ad:32:8a:5a:7f:d4:4f:f0:cf:a6:02:
94:c8:9b:78:83:c3:e7:d2:05:3c:d1:43:d1:50:fa:
36:66:75:75:04:a4:02:81:1c:0b:b8:b1:f7:41:b3:
ec:c5:b7:7f:d7:cd:2a:dd:bb:33:66:8d:9f:d5:48:
ee:17:66:bf:29:4b:3d:3a:8d:80:68:33:5c:72:38:
92:7d:65:23:f1:35:3f:b4:74:da:e4:d3:73:d7:13:
1c:c5:91:aa:49:06:17:03:af:52:b1:63:83:6b:0c:
4e:84:18:8f:80:2e:6b:50:c5:88:ae:9b:36:ca:93:
68:5a:a3:71:35:b5:81:2f:e8:cd:a0:18:9f:01:34:
6d:b1:ec:5b:5b:aa:f4:cb:dd:0b:fb:b1:b1:3e:7e:
e5:72:90:a1:4e:21:f9:0b:c3:f5:57:43:36:f6:a5:
d6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F6:19:BE:05:03:8B:6C:96:F7:95:63:A5:FF:2E:EC:0C:F7:53:1B
X509v3 Authority Key Identifier:
keyid:4B:2B:6D:2A:5D:41:30:56:0F:61:79:63:D9:FB:C9:34:42:DC:1C:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyttKl1BMFYPYXlj2fvJNELcHM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/1-fYZvgUDi2yW95Vjpf8u7Az3Uxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/SyttKl1BMFYPYXlj2fvJNELcHM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.92.0.0/16
192.41.149.0-192.41.160.255
192.101.176.0/24
193.5.168.0/22
193.135.168.0/22
193.247.240.0/22
194.153.96.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d2:28:b1:fe:09:0e:e2:24:db:13:cb:da:4a:ba:06:2e:09:
f6:6d:a2:da:6b:55:26:e2:5c:a7:f3:a1:81:3d:40:12:04:a4:
b4:fa:a5:03:ee:40:be:96:de:75:d4:59:a5:16:a9:08:ad:b7:
cf:30:74:37:65:59:5a:9b:29:a8:a2:45:fa:d2:84:cb:2a:b5:
b2:ff:8e:9f:3f:3d:ad:63:99:c9:78:de:62:38:f5:5b:45:cc:
22:8f:d9:13:14:25:07:95:0d:5b:a7:34:0f:04:22:85:a4:d2:
f7:9a:ea:33:99:60:78:c3:a9:ca:a9:69:45:5b:85:cb:e2:7d:
79:84:e4:45:7d:d9:20:8c:ff:6c:59:a0:c0:a8:7f:0b:3c:c2:
70:ab:82:62:cd:7b:ed:5a:48:69:3f:ef:00:50:71:15:1b:78:
3d:7e:b4:4e:da:d2:f8:a4:b0:12:0f:3b:64:de:07:6b:e5:a9:
49:87:60:8c:be:04:75:2c:c8:e4:55:f0:1a:09:85:06:a1:69:
22:1f:c0:d8:0e:04:85:ef:cb:1f:60:e0:79:a1:e3:78:23:5c:
08:e6:d9:95:21:df:7d:17:42:7d:ee:21:ec:b7:e1:c1:eb:3f:
bb:3e:fe:5f:c7:1d:66:21:83:be:0c:30:28:86:b6:6a:6a:f5:
83:94:73:49
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBoFPXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjJiNmQyYTVkNDEzMDU2MGY2MTc5NjNkOWZiYzkzNDQyZGMxY2NkMB4XDTIyMDEw
MTA4MDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlmNjE5YmUwNTAz
OGI2Yzk2Zjc5NTYzYTVmZjJlZWMwY2Y3NTMxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJp3SoGaHgNyYi7/dfktRTxqbXLAJQFCj8VGEwDIRRLGSXZm
YLYB+CLYA12yWemafTYVDkcH3vAyZEIPw8meonoPVV//Y1XCbHqgsVYjJ0O0/vjr
yNN12ZZemwgMBa0yilp/1E/wz6YClMibeIPD59IFPNFD0VD6NmZ1dQSkAoEcC7ix
90Gz7MW3f9fNKt27M2aNn9VI7hdmvylLPTqNgGgzXHI4kn1lI/E1P7R02uTTc9cT
HMWRqkkGFwOvUrFjg2sMToQYj4Aua1DFiK6bNsqTaFqjcTW1gS/ozaAYnwE0bbHs
W1uq9MvdC/uxsT5+5XKQoU4h+QvD9VdDNval1lUCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBT59hm+BQOLbJb3lWOl/y7sDPdTGzAfBgNVHSMEGDAWgBRLK20qXUEwVg9h
eWPZ+8k0QtwczTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N5dHRLbDFCTUZZUFlYbGoyZnZKTkVMY0hNMC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvNDBlZjQxLTMxZjQtNDIwZC1iYWRjLWM1NzQxNTg1MDJjOC8x
LzEtZlladmdVRGkyeVc5NVZqcGY4dTdBejNVeHMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M5
LzQwZWY0MS0zMWY0LTQyMGQtYmFkYy1jNTc0MTU4NTAyYzgvMS9TeXR0S2wxQk1G
WVBZWGxqMmZ2Sk5FTGNITTAuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
SgYIKwYBBQUHAQcBAf8EOzA5MDcEAgABMDEDAwCCXDAMAwQAwCmVAwQAwCmgAwQA
wGWwAwQCwQWoAwQCwYeoAwQCwffwAwQAwplgMA0GCSqGSIb3DQEBCwUAA4IBAQBn
0iix/gkO4iTbE8vaSroGLgn2baLaa1Um4lyn86GBPUASBKS0+qUD7kC+lt511Fml
FqkIrbfPMHQ3ZVlamymookX60oTLKrWy/46fPz2tY5nJeN5iOPVbRcwij9kTFCUH
lQ1bpzQPBCKFpNL3muozmWB4w6nKqWlFW4XL4n15hORFfdkgjP9sWaDAqH8LPMJw
q4JizXvtWkhpP+8AUHEVG3g9frRO2tL4pLASDztk3gdr5alJh2CMvgR1LMjkVfAa
CYUGoWkiH8DYDgSF78sfYOB5oeN4I1wI5tmVId99F0J97iHst+HB6z+7Pv5fxx1m
IYO+DDAohrZqavWDlHNJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org