Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y1vqGW6USliRSj6UWRzrvrbUyoU.roa
File: Y1vqGW6USliRSj6UWRzrvrbUyoU.roa (raw, json)
Hash identifier: CB62pKf51ahtvL7s5e+23VH1HVaAeYTMcAyrRS4DtfM=
Subject key identifier: 63:5B:EA:19:6E:94:4A:58:91:4A:3E:94:59:1C:EB:BE:B6:D4:CA:85
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0183831EADF37966ADED8EE0D2A890904478
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y1vqGW6USliRSj6UWRzrvrbUyoU.roa
Signing time: Wed 28 Sep 2022 08:02:49 +0000
ROA not before: Wed 28 Sep 2022 08:02:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 109.236.50.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:83:1e:ad:f3:79:66:ad:ed:8e:e0:d2:a8:90:90:44:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Sep 28 08:02:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=635bea196e944a58914a3e94591cebbeb6d4ca85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:47:46:35:e7:ea:9b:90:52:1f:c3:9c:49:2c:
9e:25:0a:5b:98:d5:f3:88:4e:bc:81:24:79:fb:8d:
ba:c8:b9:9e:16:99:8c:a4:6a:14:1d:69:d2:72:40:
37:ba:a6:52:9a:ee:cf:22:4b:61:8e:61:b0:d0:f9:
a6:1a:01:b2:45:a9:6e:10:bb:7f:28:f2:4a:7d:67:
5c:ac:05:14:13:2e:76:55:b6:3b:d8:61:e1:77:9e:
a4:08:5c:e7:37:02:d1:ff:22:c3:82:e6:68:3e:b4:
5f:b9:c2:66:22:27:92:2f:58:44:e2:0b:97:fe:76:
2d:15:97:02:85:89:0f:d0:c4:fe:0e:d4:69:40:47:
1b:77:a2:76:90:a6:b0:6f:91:81:fc:5c:6c:b4:dd:
43:31:5e:fd:d5:5f:f0:3b:9a:6d:98:d3:20:73:94:
ad:45:5b:77:5f:0b:37:5e:37:25:58:b9:f0:66:82:
13:64:ae:6d:38:6c:d3:2b:f2:2f:ac:6e:7c:27:28:
dd:20:be:35:bd:6b:56:e6:18:0a:38:50:8c:de:ed:
ca:29:bc:ba:b7:a8:5b:f4:13:8e:7f:ce:30:0d:fa:
80:01:47:d8:7a:4a:64:28:59:f5:99:72:7e:b1:e7:
8d:49:38:f0:25:9e:e2:64:b9:cf:48:31:65:0b:2f:
a7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5B:EA:19:6E:94:4A:58:91:4A:3E:94:59:1C:EB:BE:B6:D4:CA:85
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y1vqGW6USliRSj6UWRzrvrbUyoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0-109.236.50.255
193.160.141.0/24
193.160.143.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:65:d2:4d:40:c0:80:38:50:05:cf:b9:c6:6d:fe:ce:f0:c2:
cd:e6:6d:9e:6a:48:a3:2d:63:6d:da:2c:a4:cb:29:19:a2:2a:
c3:19:80:4f:a4:5a:66:63:fe:14:d5:76:30:88:b0:73:35:07:
b2:b9:dd:1d:17:38:f4:54:4d:4a:c9:cd:33:31:60:66:12:c8:
4a:58:d9:7c:eb:06:b4:65:6b:df:54:b8:73:93:7a:19:9d:90:
31:5d:62:de:5a:89:76:44:f4:f3:e8:b9:50:42:6e:a4:2c:22:
dc:88:8d:65:9d:1b:dc:a1:70:b5:df:47:9b:49:42:d0:5d:e4:
3f:3c:43:4c:64:dc:e4:07:b4:c8:e0:d4:b3:ab:6d:a3:c4:72:
00:70:ff:ee:ac:79:7e:39:65:cd:8c:dd:8e:f1:83:1a:51:ce:
aa:10:94:9a:00:72:81:e8:b1:c8:e9:cc:f6:e7:96:b6:8a:f6:
67:df:e9:eb:d0:8f:fa:d1:40:46:e7:5e:46:23:38:11:21:7d:
8e:b2:08:44:4a:8e:e7:fc:31:ab:25:ce:45:ae:aa:d9:23:5d:
21:b2:3b:88:b2:10:08:14:0c:f6:58:3c:6f:b0:53:58:13:33:
c9:fb:07:e3:ac:30:2a:f1:5b:44:b2:96:0f:e8:54:c3:07:41:
0c:60:bc:65
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYODHq3zeWat7Y7g0qiQkER4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjIwOTI4MDgwMjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzViZWExOTZlOTQ0YTU4OTE0YTNlOTQ1OTFjZWJiZWI2ZDRjYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUdGNefqm5BSH8OcSSyeJQpbmNXz
iE68gSR5+426yLmeFpmMpGoUHWnSckA3uqZSmu7PIkthjmGw0PmmGgGyRaluELt/
KPJKfWdcrAUUEy52VbY72GHhd56kCFznNwLR/yLDguZoPrRfucJmIieSL1hE4guX
/nYtFZcChYkP0MT+DtRpQEcbd6J2kKawb5GB/FxstN1DMV791V/wO5ptmNMgc5St
RVt3Xws3XjclWLnwZoITZK5tOGzTK/IvrG58JyjdIL41vWtW5hgKOFCM3u3KKby6
t6hb9BOOf84wDfqAAUfYekpkKFn1mXJ+seeNSTjwJZ7iZLnPSDFlCy+nqwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGNb6hlulEpYkUo+lFkc67621MqFMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvWTF2cUdXNlVTbGlSU2o2VVdSenJ2cmJVeW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABt7DED
BABt7DIDBADBoI0DBADBoI8wDQYJKoZIhvcNAQELBQADggEBAAtl0k1AwIA4UAXP
ucZt/s7wws3mbZ5qSKMtY23aLKTLKRmiKsMZgE+kWmZj/hTVdjCIsHM1B7K53R0X
OPRUTUrJzTMxYGYSyEpY2XzrBrRla99UuHOTehmdkDFdYt5aiXZE9PPouVBCbqQs
ItyIjWWdG9yhcLXfR5tJQtBd5D88Q0xk3OQHtMjg1LOrbaPEcgBw/+6seX45Zc2M
3Y7xgxpRzqoQlJoAcoHoscjpzPbnlraK9mff6evQj/rRQEbnXkYjOBEhfY6yCERK
juf8MaslzkWuqtkjXSGyO4iyEAgUDPZYPG+wU1gTM8n7B+OsMCrxW0Sylg/oVMMH
QQxgvGU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org