Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y8esT79M7x5Ho6oLSDoZ16gGCH4.roa
File: Y8esT79M7x5Ho6oLSDoZ16gGCH4.roa (raw, json)
Hash identifier: ofJthvfqpZNOJus/dH1XTfb8nrIfYMQ3hOzo9Q+T99I=
Subject key identifier: 63:C7:AC:4F:BF:4C:EF:1E:47:A3:AA:0B:48:3A:19:D7:A8:06:08:7E
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0181F7E551D852B515D7BFC97C8DAFE541FE
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y8esT79M7x5Ho6oLSDoZ16gGCH4.roa
Signing time: Wed 13 Jul 2022 14:10:09 +0000
ROA not before: Wed 13 Jul 2022 14:10:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212512
IP address blocks: 160.20.109.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f7:e5:51:d8:52:b5:15:d7:bf:c9:7c:8d:af:e5:41:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jul 13 14:10:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c7ac4fbf4cef1e47a3aa0b483a19d7a806087e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cb:58:9f:d6:34:3a:f3:65:f9:6e:bf:2d:87:
f8:4f:fd:c2:9e:89:45:96:c3:2f:20:f6:39:63:cc:
2a:03:e5:70:ad:13:48:39:3e:de:97:d4:ae:a4:b8:
f7:d5:c7:38:e0:94:81:ad:ae:2d:f9:52:10:3c:b0:
f1:c3:4b:4f:95:87:9c:81:5f:ee:74:f1:0b:52:c6:
c9:68:1e:4a:74:37:11:70:29:82:68:04:12:11:02:
8b:ab:4a:a9:ac:0a:77:06:bc:06:29:f4:eb:d8:ae:
bf:12:da:c5:f5:46:f1:5b:2b:f9:bb:2a:9f:dc:82:
fd:ad:5e:3c:f6:a5:dd:36:c0:d2:87:d5:e3:cb:7b:
d7:fb:75:97:a5:6f:b2:f4:37:a2:a8:e2:6f:a2:4d:
5a:95:25:88:cc:b7:6a:78:d8:fd:b9:08:60:69:21:
3c:37:48:14:99:d0:7a:f4:66:0a:0d:0b:b4:55:9f:
5b:55:63:21:a5:5c:b5:19:48:8d:f7:8e:f6:65:46:
d6:5c:5a:39:c0:b1:91:1e:96:9b:50:95:90:a2:9d:
25:75:32:52:1c:f5:03:76:f4:4e:43:81:b5:ca:42:
72:6d:b0:ea:ae:c8:45:db:fd:44:9a:1f:66:5e:dc:
de:4c:83:47:dc:af:0d:c7:55:82:56:ff:79:f4:b3:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C7:AC:4F:BF:4C:EF:1E:47:A3:AA:0B:48:3A:19:D7:A8:06:08:7E
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y8esT79M7x5Ho6oLSDoZ16gGCH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.20.109.0/24
185.243.181.0/24
185.250.210.0/24
Signature Algorithm: sha256WithRSAEncryption
34:7f:ed:4b:e1:0a:a8:54:62:f5:30:35:f2:06:9d:62:bd:25:
c2:49:ac:78:6f:d8:a5:bb:cd:78:e4:9e:c5:ba:e2:50:62:fd:
58:5d:41:b8:57:0b:d8:2b:05:be:cb:96:a4:b2:98:7c:0d:13:
ef:65:24:b5:6c:70:d6:c8:57:59:b3:a8:83:ab:29:0c:7e:38:
40:b6:bd:83:d2:52:27:6d:c0:8d:93:c7:10:7b:3f:7b:93:09:
c7:26:c8:9d:b3:89:fb:4b:1e:af:82:3d:4d:b7:b2:d1:9b:6c:
f0:14:fe:0a:fc:df:ad:29:fd:38:d4:14:ca:2c:89:01:f4:b8:
d7:9a:51:f5:87:c9:f0:17:67:13:82:bc:30:1b:cb:3d:1f:b5:
22:13:48:49:6e:55:28:c5:0c:08:0c:d0:0b:3e:00:57:a3:e9:
5f:7a:5b:f5:cc:65:e5:fb:6f:e1:e7:5a:e7:18:e7:b8:46:fd:
8e:aa:5c:26:fd:29:c8:94:a7:8a:82:0a:76:07:7b:62:dd:17:
1e:28:39:dd:8f:32:bf:b7:da:7e:6a:48:10:8d:38:5a:4e:a0:
2c:1e:5a:e4:f2:aa:26:a2:42:52:ab:d9:3f:5a:84:b4:52:19:
d8:90:f2:15:be:f7:7b:bb:a9:33:a7:e0:2a:29:9e:45:52:af:
44:2c:60:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYH35VHYUrUV17/JfI2v5UH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjIwNzEzMTQxMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M3YWM0ZmJmNGNlZjFlNDdhM2FhMGI0ODNhMTlkN2E4MDYwODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMtYn9Y0OvNl+W6/LYf4T/3CnolF
lsMvIPY5Y8wqA+VwrRNIOT7el9SupLj31cc44JSBra4t+VIQPLDxw0tPlYecgV/u
dPELUsbJaB5KdDcRcCmCaAQSEQKLq0qprAp3BrwGKfTr2K6/EtrF9UbxWyv5uyqf
3IL9rV489qXdNsDSh9Xjy3vX+3WXpW+y9DeiqOJvok1alSWIzLdqeNj9uQhgaSE8
N0gUmdB69GYKDQu0VZ9bVWMhpVy1GUiN9472ZUbWXFo5wLGRHpabUJWQop0ldTJS
HPUDdvROQ4G1ykJybbDqrshF2/1Emh9mXtzeTINH3K8Nx1WCVv959LMp+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGPHrE+/TO8eR6OqC0g6GdeoBgh+MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvWThlc1Q3OU03eDVIbzZvTFNEb1oxNmdHQ0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAoBRtAwQA
ufO1AwQAufrSMA0GCSqGSIb3DQEBCwUAA4IBAQA0f+1L4QqoVGL1MDXyBp1ivSXC
Sax4b9ilu8145J7FuuJQYv1YXUG4VwvYKwW+y5aksph8DRPvZSS1bHDWyFdZs6iD
qykMfjhAtr2D0lInbcCNk8cQez97kwnHJsids4n7Sx6vgj1Nt7LRm2zwFP4K/N+t
Kf041BTKLIkB9LjXmlH1h8nwF2cTgrwwG8s9H7UiE0hJblUoxQwIDNALPgBXo+lf
elv1zGXl+2/h51rnGOe4Rv2Oqlwm/SnIlKeKggp2B3ti3RceKDndjzK/t9p+akgQ
jThaTqAsHlrk8qomokJSq9k/WoS0UhnYkPIVvvd7u6kzp+AqKZ5FUq9ELGCa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org