Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/y5y7uYo1q6jd8weiBZmZTw5Hnuk.roa
File: y5y7uYo1q6jd8weiBZmZTw5Hnuk.roa (raw, json)
Hash identifier: 75Ij0wdv6201EBiJP2+AzbEeK3Pep69rSBwNO6zY+xM=
Subject key identifier: CB:9C:BB:B9:8A:35:AB:A8:DD:F3:07:A2:05:99:99:4F:0E:47:9E:E9
Certificate issuer: /CN=ebf72bcf5b992e2858fb5dcfddf4a94321824acb
Certificate serial: 0184E1F8
Authority key identifier: EB:F7:2B:CF:5B:99:2E:28:58:FB:5D:CF:DD:F4:A9:43:21:82:4A:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_crz1uZLihY-13P3fSpQyGCSss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/y5y7uYo1q6jd8weiBZmZTw5Hnuk.roa
Signing time: Sat 01 Jan 2022 04:57:20 +0000
ROA not before: Sat 01 Jan 2022 04:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207324
IP address blocks: 195.88.181.0/24 maxlen: 24
195.95.128.0/24 maxlen: 24
195.95.130.0/24 maxlen: 24
195.85.248.0/24 maxlen: 24
2a10:6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25485816 (0x184e1f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf72bcf5b992e2858fb5dcfddf4a94321824acb
Validity
Not Before: Jan 1 04:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb9cbbb98a35aba8ddf307a20599994f0e479ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:55:2b:4f:94:ef:13:67:c7:2d:51:81:ef:
0e:32:3d:a7:48:c5:e8:1a:f1:22:76:61:fc:72:95:
3b:35:06:68:c2:1b:1e:bf:e7:ce:32:69:08:69:cc:
5d:ed:d3:69:6e:fa:86:af:7e:cb:bc:0d:3c:a8:a3:
c1:78:5b:f6:04:80:a3:99:7c:78:01:1d:b8:6b:46:
46:dc:57:fd:48:14:4d:56:c2:d2:2f:e9:54:f9:cc:
30:98:5d:65:50:b5:3b:f6:2c:ba:21:9b:0b:c8:dc:
35:8d:35:5d:ee:60:72:18:a5:c7:77:9f:5b:7d:3e:
5c:0d:a0:9b:ed:be:7a:3b:51:1d:e2:e6:0a:44:f5:
d8:d0:6f:94:b1:18:be:64:7a:ec:d6:6e:f5:bf:69:
cb:78:32:61:7f:f3:d0:8d:6e:b0:47:a0:76:ea:65:
65:e6:e1:07:67:70:4c:0d:cc:88:af:dc:61:e0:e0:
8c:29:c0:53:04:c1:b6:f9:7e:ed:64:17:33:47:e0:
e8:98:6c:3e:44:3b:11:f8:01:66:a1:cd:46:ce:d2:
9b:ea:ae:c3:32:c5:98:bd:5c:cb:36:a0:17:4e:21:
dd:b2:88:d4:95:77:a7:dc:28:5c:c1:2f:55:ed:d4:
b4:e1:44:2d:74:2c:5b:75:f9:56:db:d3:e5:c4:46:
93:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9C:BB:B9:8A:35:AB:A8:DD:F3:07:A2:05:99:99:4F:0E:47:9E:E9
X509v3 Authority Key Identifier:
keyid:EB:F7:2B:CF:5B:99:2E:28:58:FB:5D:CF:DD:F4:A9:43:21:82:4A:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_crz1uZLihY-13P3fSpQyGCSss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/y5y7uYo1q6jd8weiBZmZTw5Hnuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/6_crz1uZLihY-13P3fSpQyGCSss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.248.0/24
195.88.181.0/24
195.95.128.0/24
195.95.130.0/24
IPv6:
2a10:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:79:16:2f:f3:14:a6:4b:dc:7e:05:86:6f:c3:66:5c:10:25:
80:17:73:d1:cd:10:d6:cb:5f:be:7c:0b:90:97:ef:6c:7b:f4:
c8:6f:40:b9:eb:5d:00:2c:b1:4f:1b:a7:a8:a7:aa:ab:8a:f1:
6d:84:9f:ce:bf:0b:ee:04:8f:60:8d:30:2f:e6:e5:1d:41:ec:
ed:bc:8a:70:ed:02:1e:d4:ab:38:e7:fd:77:a7:b4:22:42:5b:
9a:1b:95:7d:83:41:28:f5:17:bb:53:58:f6:6c:6f:39:8e:1f:
42:b4:19:b1:ca:5d:5d:2f:93:ef:4e:1e:e7:36:89:24:e4:b9:
86:d2:63:05:1b:e3:5a:e7:3a:b2:0c:1b:0b:54:35:d5:25:b8:
c1:fd:1e:5a:68:72:25:0d:10:8f:7d:3c:e5:4c:be:05:d3:03:
6f:7e:94:44:58:2c:2a:6a:f6:0b:76:cd:66:6a:75:61:ca:36:
38:ad:9d:3e:2b:ad:84:9a:9d:6a:fd:3c:23:16:99:34:7c:ba:
82:b9:ed:6c:2e:93:ac:6d:a4:ce:d0:ba:ba:06:bb:22:81:59:
1e:f8:db:c6:9b:9c:4f:94:7b:68:e5:ad:59:17:c3:f7:d9:ed:
e0:76:31:2f:87:c9:3e:2a:e1:28:cc:20:fe:cf:73:28:d3:d7:
07:77:8b:8a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAYTh+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmY3MmJjZjViOTkyZTI4NThmYjVkY2ZkZGY0YTk0MzIxODI0YWNiMB4XDTIyMDEw
MTA0NTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I5Y2JiYjk4YTM1
YWJhOGRkZjMwN2EyMDU5OTk5NGYwZTQ3OWVlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyMVStPlO8TZ8ctUYHvDjI9p0jF6BrxInZh/HKVOzUGaMIb
Hr/nzjJpCGnMXe3TaW76hq9+y7wNPKijwXhb9gSAo5l8eAEduGtGRtxX/UgUTVbC
0i/pVPnMMJhdZVC1O/YsuiGbC8jcNY01Xe5gchilx3efW30+XA2gm+2+ejtRHeLm
CkT12NBvlLEYvmR67NZu9b9py3gyYX/z0I1usEegduplZebhB2dwTA3MiK/cYeDg
jCnAUwTBtvl+7WQXM0fg6JhsPkQ7EfgBZqHNRs7Sm+quwzLFmL1cyzagF04h3bKI
1JV3p9woXMEvVe3UtOFELXQsW3X5VtvT5cRGk5kCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTLnLu5ijWrqN3zB6IFmZlPDkee6TAfBgNVHSMEGDAWgBTr9yvPW5kuKFj7
Xc/d9KlDIYJKyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZfY3J6MXVaTGloWS0xM1AzZlNwUXlHQ1Nzcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvNjAwN2QyLWM4ZTMtNDZkNy05ODM2LWQ0ZTVjMTFhZGFmNC8x
L3k1eTd1WW8xcTZqZDh3ZWlCWm1aVHc1SG51ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
NjAwN2QyLWM4ZTMtNDZkNy05ODM2LWQ0ZTVjMTFhZGFmNC8xLzZfY3J6MXVaTGlo
WS0xM1AzZlNwUXlHQ1Nzcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAMNV+AMEAMNYtQMEAMNfgAMEAMNf
gjANBAIAAjAHAwUDKhAGwDANBgkqhkiG9w0BAQsFAAOCAQEAFnkWL/MUpkvcfgWG
b8NmXBAlgBdz0c0Q1stfvnwLkJfvbHv0yG9AuetdACyxTxunqKeqq4rxbYSfzr8L
7gSPYI0wL+blHUHs7byKcO0CHtSrOOf9d6e0IkJbmhuVfYNBKPUXu1NY9mxvOY4f
QrQZscpdXS+T704e5zaJJOS5htJjBRvjWuc6sgwbC1Q11SW4wf0eWmhyJQ0Qj308
5Uy+BdMDb36URFgsKmr2C3bNZmp1Yco2OK2dPiuthJqdav08IxaZNHy6grntbC6T
rG2kztC6uga7IoFZHvjbxpucT5R7aOWtWRfD99nt4HYxL4fJPirhKMwg/s9zKNPX
B3eLig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:25 2023 by rpki-client on console-fra.rpki-client.org