Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/yBywtnotJ-D5iTnvHxR3BsDBrAw.roa
File: yBywtnotJ-D5iTnvHxR3BsDBrAw.roa (raw, json)
Hash identifier: nUqJeW1dtqJ2TmHv9HV+QU6z/ZaU9HBH7aBkwLk1g7s=
Subject key identifier: C8:1C:B0:B6:7A:2D:27:E0:F9:89:39:EF:1F:14:77:06:C0:C1:AC:0C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018336230BC682441A83BE1B1457F02CB832
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/yBywtnotJ-D5iTnvHxR3BsDBrAw.roa
Signing time: Tue 13 Sep 2022 09:16:49 +0000
ROA not before: Tue 13 Sep 2022 09:16:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209243
IP address blocks: 195.22.156.0/24 maxlen: 24
195.22.157.0/24 maxlen: 24
194.146.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:36:23:0b:c6:82:44:1a:83:be:1b:14:57:f0:2c:b8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Sep 13 09:16:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c81cb0b67a2d27e0f98939ef1f147706c0c1ac0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a5:e1:f6:d4:f7:8e:bc:6b:65:11:29:28:b9:
58:24:be:cb:88:d9:96:aa:92:af:c0:ed:b7:92:cb:
7f:5e:69:06:09:a9:d9:9d:44:ef:07:8f:14:ba:4a:
0c:35:c8:8d:41:1a:b3:d0:a8:bf:57:f2:10:c3:05:
91:5a:14:a8:19:c3:de:77:55:8f:06:61:c0:98:92:
8c:6b:11:cc:06:bd:20:fc:3f:f5:ee:3c:d6:cc:84:
61:c0:bb:0a:c9:04:70:f6:31:2e:f1:06:44:9f:da:
d4:ba:9d:1e:dc:05:a6:bb:b7:50:1d:65:bd:45:d4:
87:78:9c:ef:c0:70:38:f9:40:c2:f2:96:06:27:9c:
41:d8:54:34:8f:5d:8f:d3:02:62:6c:09:6a:c8:46:
86:ef:c7:3e:16:37:b5:8a:1b:70:51:1f:cb:5d:7a:
65:5f:59:3c:b5:42:9f:17:2f:9e:c9:2a:42:b4:93:
42:d3:bb:59:70:84:d7:a9:4c:1f:ec:88:67:28:07:
d3:9d:a6:5a:ac:3f:25:40:1a:95:d6:f9:31:0f:d0:
e1:68:9f:6e:a7:e4:ec:01:20:69:21:d5:7c:39:60:
42:04:bb:c8:6c:d6:f7:70:4e:ad:c3:e3:56:6f:8e:
fe:9a:82:28:83:4c:70:88:6e:ae:53:cd:d6:e8:f9:
2d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:1C:B0:B6:7A:2D:27:E0:F9:89:39:EF:1F:14:77:06:C0:C1:AC:0C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/yBywtnotJ-D5iTnvHxR3BsDBrAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.49.0/24
195.22.156.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:a5:d0:8b:c4:07:df:0c:0b:58:31:36:4b:e9:b3:ec:b0:18:
9e:15:74:e6:1a:9d:ca:76:87:26:a4:0a:db:c7:6e:6e:19:50:
d4:0c:56:1b:39:cd:75:8f:af:fc:16:e4:5c:e5:ac:f8:a4:1c:
f2:66:4b:d4:53:52:b3:e3:7a:bb:7f:30:7f:d5:35:90:c8:51:
ff:3b:e0:55:3b:39:bc:14:67:fd:ef:f8:7f:75:14:01:f0:f9:
fa:99:d6:f6:aa:25:73:37:9c:94:7a:d7:4d:73:05:7e:15:5c:
c2:0f:62:f9:c4:48:cf:6d:1e:25:c8:22:3b:9a:1a:59:0d:ff:
88:ad:a7:bd:60:3f:79:1a:08:09:18:92:e2:77:06:f9:9e:e5:
39:65:7b:08:92:6b:52:37:13:cc:fc:33:40:d7:09:2e:a9:55:
d8:62:d0:16:7f:f8:c3:d2:f9:f1:27:62:88:d6:be:ec:58:b2:
01:1f:b8:fb:60:ee:ab:cb:3e:55:2e:92:35:d7:6f:1f:72:d7:
36:a5:49:7a:f5:5a:62:ba:08:81:6c:0b:f4:d9:4c:af:01:57:
54:48:9e:b4:97:63:0c:4c:1d:61:3a:30:47:93:0d:00:1b:3e:
d2:aa:b3:a5:aa:bf:af:3f:36:25:52:2c:4b:1b:db:e5:27:5a:
64:62:3c:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM2IwvGgkQag74bFFfwLLgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIwOTEzMDkxNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODFjYjBiNjdhMmQyN2UwZjk4OTM5ZWYxZjE0NzcwNmMwYzFhYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6Xh9tT3jrxrZREpKLlYJL7LiNmW
qpKvwO23kst/XmkGCanZnUTvB48UukoMNciNQRqz0Ki/V/IQwwWRWhSoGcPed1WP
BmHAmJKMaxHMBr0g/D/17jzWzIRhwLsKyQRw9jEu8QZEn9rUup0e3AWmu7dQHWW9
RdSHeJzvwHA4+UDC8pYGJ5xB2FQ0j12P0wJibAlqyEaG78c+Fje1ihtwUR/LXXpl
X1k8tUKfFy+eySpCtJNC07tZcITXqUwf7IhnKAfTnaZarD8lQBqV1vkxD9DhaJ9u
p+TsASBpIdV8OWBCBLvIbNb3cE6tw+NWb47+moIog0xwiG6uU83W6PktPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMgcsLZ6LSfg+Yk57x8UdwbAwawMMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEveUJ5d3Rub3RKLUQ1aVRudkh4UjNCc0RCckF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwpIxAwQB
wxacMA0GCSqGSIb3DQEBCwUAA4IBAQA8pdCLxAffDAtYMTZL6bPssBieFXTmGp3K
docmpArbx25uGVDUDFYbOc11j6/8FuRc5az4pBzyZkvUU1Kz43q7fzB/1TWQyFH/
O+BVOzm8FGf97/h/dRQB8Pn6mdb2qiVzN5yUetdNcwV+FVzCD2L5xEjPbR4lyCI7
mhpZDf+Irae9YD95GggJGJLidwb5nuU5ZXsIkmtSNxPM/DNA1wkuqVXYYtAWf/jD
0vnxJ2KI1r7sWLIBH7j7YO6ryz5VLpI1128fctc2pUl69VpiugiBbAv02UyvAVdU
SJ60l2MMTB1hOjBHkw0AGz7SqrOlqr+vPzYlUixLG9vlJ1pkYjw0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org