Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/y2V_GtxSPK3tNHO62QdI6eFlylI.roa
File: y2V_GtxSPK3tNHO62QdI6eFlylI.roa (raw, json)
Hash identifier: DSB0NF1Podx/7EGJxXdq8dKKGGTkdAnWbMpQ8zcF9SA=
Subject key identifier: CB:65:7F:1A:DC:52:3C:AD:ED:34:73:BA:D9:07:48:E9:E1:65:CA:52
Certificate issuer: /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial: 107AB502
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/y2V_GtxSPK3tNHO62QdI6eFlylI.roa
Signing time: Sat 01 Jan 2022 08:04:15 +0000
ROA not before: Sat 01 Jan 2022 08:04:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202765
IP address blocks: 193.39.222.0/24 maxlen: 24
193.39.220.0/22 maxlen: 22
193.39.221.0/24 maxlen: 24
193.39.220.0/24 maxlen: 24
193.39.223.0/24 maxlen: 24
2a0c:2980:13::/48 maxlen: 48
2a0d:1500:f::/48 maxlen: 48
2a0d:1500:12::/48 maxlen: 48
2a0c:2980:f::/48 maxlen: 48
2a0c:2980:12::/48 maxlen: 48
2a0d:1500:13::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 276477186 (0x107ab502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Validity
Not Before: Jan 1 08:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb657f1adc523caded3473bad90748e9e165ca52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7b:12:ea:b5:66:92:bf:04:31:60:fe:7c:ae:
b9:77:7d:19:aa:3a:c5:0c:0b:e4:1e:e7:62:4c:b0:
48:cf:cb:e3:c3:27:1c:fa:1f:07:67:ca:37:eb:4d:
78:54:0b:80:6f:8d:1a:07:aa:48:25:02:d4:c6:cf:
f2:02:c8:63:e2:10:cf:70:ed:54:97:a7:67:a1:ea:
1c:59:cc:f0:6c:af:2e:a4:ca:d9:16:e7:4f:d1:d2:
81:f8:b8:da:13:52:e6:4c:1d:4b:ae:f7:c7:11:7f:
ac:06:b9:7c:3d:84:70:55:f7:a7:8d:e5:f0:31:03:
59:28:80:30:c4:5f:49:21:6e:12:06:b7:f8:15:fe:
40:e8:1c:e4:e6:59:82:5d:f8:db:5b:d3:45:67:b2:
ec:77:19:18:19:16:6b:09:5c:e3:8d:47:f8:9f:04:
12:22:d2:e9:6b:fe:a1:fb:13:6b:d5:2c:d6:97:67:
c2:36:38:f8:c2:17:50:b6:41:fd:00:5b:30:74:c0:
2b:ef:4c:55:28:f4:1f:fb:e6:00:6a:fb:59:ce:68:
d4:0e:5d:00:8b:33:a2:de:5a:d1:8f:35:cb:7d:46:
02:ab:43:1e:18:bd:6a:4b:9e:d7:85:96:a5:6c:c5:
50:a6:d4:4d:5a:47:84:66:4a:1e:0e:8f:62:7b:ab:
12:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:65:7F:1A:DC:52:3C:AD:ED:34:73:BA:D9:07:48:E9:E1:65:CA:52
X509v3 Authority Key Identifier:
keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/y2V_GtxSPK3tNHO62QdI6eFlylI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.220.0/22
IPv6:
2a0c:2980:f::/48
2a0c:2980:12::/47
2a0d:1500:f::/48
2a0d:1500:12::/47
Signature Algorithm: sha256WithRSAEncryption
68:4d:ef:20:24:59:79:2e:89:07:90:27:54:85:ca:0c:0b:fd:
d9:84:02:d0:a0:ba:f3:16:3b:ea:7d:ce:94:24:91:f2:9c:6b:
08:e9:68:0d:21:ad:2b:bd:3a:1e:63:0c:16:af:48:f9:e2:db:
63:87:9f:fa:4e:7a:a7:07:d3:df:3c:8a:22:bb:7a:39:52:6f:
63:1e:1e:bb:f6:40:69:40:5c:e3:6d:dd:c6:df:17:11:ca:8d:
35:59:b6:b2:eb:bc:ec:8c:49:73:e0:9b:52:7b:a3:36:4c:c9:
c9:81:eb:6a:e6:e1:9e:61:7d:35:54:3a:84:38:ae:65:d3:10:
a7:65:b4:96:7d:f2:03:a4:ff:5c:c6:4b:83:95:eb:b1:7b:e0:
2c:45:71:2a:a7:94:26:86:52:d3:9e:57:29:7d:b2:2b:c0:b0:
d3:01:57:47:2b:16:61:a4:e8:85:13:d0:da:a0:99:95:6f:78:
da:44:1b:b7:ad:67:1c:8a:9d:81:86:4f:67:b6:9a:9d:57:7d:
8e:60:a0:e9:12:65:42:c5:a4:1c:a1:fd:31:b1:c0:f3:74:50:
c7:b6:19:a8:d5:bd:70:ec:87:6f:e2:3d:6c:35:87:3f:41:dc:
79:5d:de:e6:58:92:2e:d2:38:e6:ed:0b:56:4f:0c:68:1a:5f:
72:48:3f:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEEHq1AjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2ZlODBhZWExMDBlOThjMGRhNWQxZmZlZjk4YjM3MWQxMWVkZGEyMB4XDTIyMDEw
MTA4MDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I2NTdmMWFkYzUy
M2NhZGVkMzQ3M2JhZDkwNzQ4ZTllMTY1Y2E1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANp7Euq1ZpK/BDFg/nyuuXd9Gao6xQwL5B7nYkywSM/L48Mn
HPofB2fKN+tNeFQLgG+NGgeqSCUC1MbP8gLIY+IQz3DtVJenZ6HqHFnM8GyvLqTK
2RbnT9HSgfi42hNS5kwdS673xxF/rAa5fD2EcFX3p43l8DEDWSiAMMRfSSFuEga3
+BX+QOgc5OZZgl3421vTRWey7HcZGBkWawlc441H+J8EEiLS6Wv+ofsTa9Us1pdn
wjY4+MIXULZB/QBbMHTAK+9MVSj0H/vmAGr7Wc5o1A5dAIszot5a0Y81y31GAqtD
Hhi9akue14WWpWzFUKbUTVpHhGZKHg6PYnurElMCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBTLZX8a3FI8re00c7rZB0jp4WXKUjAfBgNVHSMEGDAWgBQz/oCuoQDpjA2l
0f/vmLNx0R7dojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01fNkFycUVBNll3TnBkSF83NWl6Y2RFZTNhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8x
L3kyVl9HdHhTUEszdE5ITzYyUWRJNmVGbHlsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
ODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8xL01fNkFycUVBNll3
TnBkSF83NWl6Y2RFZTNhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowDAQCAAEwBgMEAsEn3DAqBAIAAjAkAwcAKgwpgAAP
AwcBKgwpgAASAwcAKg0VAAAPAwcBKg0VAAASMA0GCSqGSIb3DQEBCwUAA4IBAQBo
Te8gJFl5LokHkCdUhcoMC/3ZhALQoLrzFjvqfc6UJJHynGsI6WgNIa0rvToeYwwW
r0j54ttjh5/6TnqnB9PfPIoiu3o5Um9jHh679kBpQFzjbd3G3xcRyo01Wbay67zs
jElz4JtSe6M2TMnJgetq5uGeYX01VDqEOK5l0xCnZbSWffIDpP9cxkuDleuxe+As
RXEqp5QmhlLTnlcpfbIrwLDTAVdHKxZhpOiFE9DaoJmVb3jaRBu3rWccip2Bhk9n
tpqdV32OYKDpEmVCxaQcof0xscDzdFDHthmo1b1w7Idv4j1sNYc/Qdx5Xd7mWJIu
0jjm7QtWTwxoGl9ySD/a
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:01 2023 by rpki-client on console-ams.rpki-client.org