Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/yTFvLfnNU7fywFTJ6SeD05mXPVc.roa
File: yTFvLfnNU7fywFTJ6SeD05mXPVc.roa (raw, json)
Hash identifier: c3PoAMX/GOkRPD2RcmiaYf5Y4O4AQWuEY/RFXK8b19I=
Subject key identifier: C9:31:6F:2D:F9:CD:53:B7:F2:C0:54:C9:E9:27:83:D3:99:97:3D:57
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 0182EF3411E0FCB417C115EB8779F5EBC857
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/yTFvLfnNU7fywFTJ6SeD05mXPVc.roa
Signing time: Tue 30 Aug 2022 14:42:23 +0000
ROA not before: Tue 30 Aug 2022 14:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209541
IP address blocks: 147.78.232.0/22 maxlen: 22
147.78.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:34:11:e0:fc:b4:17:c1:15:eb:87:79:f5:eb:c8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Aug 30 14:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9316f2df9cd53b7f2c054c9e92783d399973d57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cb:6c:b2:ac:ad:8f:28:c9:43:3b:44:0e:df:
68:af:a3:04:5c:21:55:4f:6f:c5:66:2e:f4:8f:8d:
05:c0:60:e5:f1:fe:c8:3c:9d:ab:68:c7:db:04:4e:
25:6f:62:38:d4:0a:34:66:de:83:54:ff:ee:0a:ff:
e6:d0:18:d7:b0:1e:5f:70:7d:6b:d5:c1:33:b2:ef:
30:d9:49:f3:81:cb:97:08:6b:41:77:e5:9b:fd:85:
35:43:3b:9a:7e:28:b7:c5:b6:9b:51:cb:74:24:a5:
c9:ed:bf:7e:48:9f:a0:39:ed:8b:17:8d:bb:6d:86:
83:30:ca:54:42:17:0a:c9:e7:59:f2:ed:2b:d3:f7:
7b:f9:70:f1:5f:2a:36:6f:27:8e:1e:3b:c3:31:b5:
22:9c:15:9c:07:b6:7e:e2:cc:ca:b5:1d:e2:9d:40:
5c:46:5f:49:a0:04:ac:fc:59:c7:65:11:ea:6e:f6:
61:7b:3e:5d:9f:16:b2:1a:6a:85:65:d1:a0:4f:f8:
48:9c:67:35:2f:dd:a1:0f:24:98:8a:7d:c6:9d:62:
58:00:36:02:62:db:78:e9:20:b8:00:5f:0f:17:82:
1d:e7:5a:9b:98:00:03:02:89:3c:0e:ed:b5:60:07:
6e:bf:9f:f0:d3:e9:4b:fb:86:07:37:8f:ec:6b:c6:
42:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:31:6F:2D:F9:CD:53:B7:F2:C0:54:C9:E9:27:83:D3:99:97:3D:57
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/yTFvLfnNU7fywFTJ6SeD05mXPVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.232.0/22
Signature Algorithm: sha256WithRSAEncryption
53:c5:18:51:6c:b3:f3:70:b6:b4:a2:15:ba:4d:53:4c:da:cf:
34:63:2f:5b:64:6c:f9:17:0a:df:63:c3:8f:bc:d3:65:1e:86:
fb:c4:8d:2a:97:98:32:fe:04:f3:5c:df:cb:9b:4c:17:30:d5:
1c:dc:f0:31:89:43:22:e0:3b:19:14:cd:75:0a:d0:8f:31:59:
06:25:ce:2c:3e:08:b1:a5:e2:73:f9:42:94:fc:df:01:81:6b:
25:68:d8:48:42:fd:0c:87:f5:03:7f:fb:b6:43:eb:4a:e4:2c:
6e:e6:b6:c4:22:42:88:49:1b:5e:db:ef:56:f8:c8:94:f2:e3:
4a:3f:ab:78:50:ee:31:9f:ca:6c:ff:bf:e7:a3:2b:f1:4c:0d:
64:63:7b:16:6e:32:e6:2d:d4:d7:f0:8a:33:7f:69:4a:30:60:
c3:b0:39:7a:74:af:7f:7d:d4:26:08:15:2b:da:be:5a:02:e1:
9a:19:26:26:fb:5c:8c:c2:7e:55:d1:14:76:49:1b:c9:92:62:
17:4c:dc:4f:c7:a1:2e:d3:1f:23:b8:6a:bd:01:de:b1:30:6e:
b7:af:50:cc:b6:82:9a:60:e5:f0:ea:fb:2f:00:03:e9:96:0b:
05:c5:6c:c2:6b:d5:f1:7f:4e:29:c1:c4:3b:51:62:39:a5:63:
36:77:ef:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLvNBHg/LQXwRXrh3n168hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjIwODMwMTQ0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTMxNmYyZGY5Y2Q1M2I3ZjJjMDU0YzllOTI3ODNkMzk5OTczZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8tssqytjyjJQztEDt9or6MEXCFV
T2/FZi70j40FwGDl8f7IPJ2raMfbBE4lb2I41Ao0Zt6DVP/uCv/m0BjXsB5fcH1r
1cEzsu8w2UnzgcuXCGtBd+Wb/YU1Qzuafii3xbabUct0JKXJ7b9+SJ+gOe2LF427
bYaDMMpUQhcKyedZ8u0r0/d7+XDxXyo2byeOHjvDMbUinBWcB7Z+4szKtR3inUBc
Rl9JoASs/FnHZRHqbvZhez5dnxayGmqFZdGgT/hInGc1L92hDySYin3GnWJYADYC
Ytt46SC4AF8PF4Id51qbmAADAok8Du21YAduv5/w0+lL+4YHN4/sa8ZC/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkxby35zVO38sBUyekng9OZlz1XMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEveVRGdkxmbk5VN2Z5d0ZUSjZTZUQwNW1YUFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk07oMA0G
CSqGSIb3DQEBCwUAA4IBAQBTxRhRbLPzcLa0ohW6TVNM2s80Yy9bZGz5FwrfY8OP
vNNlHob7xI0ql5gy/gTzXN/Lm0wXMNUc3PAxiUMi4DsZFM11CtCPMVkGJc4sPgix
peJz+UKU/N8BgWslaNhIQv0Mh/UDf/u2Q+tK5Cxu5rbEIkKISRte2+9W+MiU8uNK
P6t4UO4xn8ps/7/noyvxTA1kY3sWbjLmLdTX8Iozf2lKMGDDsDl6dK9/fdQmCBUr
2r5aAuGaGSYm+1yMwn5V0RR2SRvJkmIXTNxPx6Eu0x8juGq9Ad6xMG63r1DMtoKa
YOXw6vsvAAPplgsFxWzCa9Xxf04pwcQ7UWI5pWM2d+8i
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:46 2023 by rpki-client on console-fra.rpki-client.org