Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/y-SacOLn00Qs2jlphZRBijUSZBg.roa
File: y-SacOLn00Qs2jlphZRBijUSZBg.roa (raw, json)
Hash identifier: PY7jMnVCZOy+522bF5lyRdYM9W1aPhEgkzi/YTqPFkM=
Subject key identifier: CB:E4:9A:70:E2:E7:D3:44:2C:DA:39:69:85:94:41:8A:35:12:64:18
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 1F957BDA
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/y-SacOLn00Qs2jlphZRBijUSZBg.roa
Signing time: Sat 01 Jan 2022 14:06:39 +0000
ROA not before: Sat 01 Jan 2022 14:06:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59592
IP address blocks: 176.100.33.0/24 maxlen: 24
176.100.32.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
37.114.38.0/24 maxlen: 24
185.14.92.0/22 maxlen: 22
94.154.49.0/24 maxlen: 24
2a00:ccc2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 529890266 (0x1f957bda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 14:06:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbe49a70e2e7d3442cda39698594418a35126418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:14:97:4b:fd:0f:69:a5:33:cd:28:2f:18:41:
c3:21:8f:e4:a8:c1:b3:9f:ac:13:6c:cf:94:e2:ae:
48:b4:21:79:1d:b8:05:44:88:a9:d5:f9:e4:d3:2d:
46:39:d2:9f:60:43:87:02:12:51:2e:a8:7b:0f:bf:
72:a2:77:a0:a3:b2:87:da:45:1b:8c:62:53:bb:f8:
af:70:cd:85:6c:53:c6:6e:98:51:fa:a1:2f:17:20:
05:d2:dc:14:c5:2c:09:52:6b:93:19:57:01:28:41:
a1:cc:d2:81:cd:68:b4:d1:69:90:45:34:72:51:00:
e1:56:bf:7a:e8:bb:c9:93:67:8a:4d:cb:d7:95:b6:
47:89:cf:80:0a:8d:ac:85:ca:3d:e0:e2:5b:f4:7c:
42:1c:01:17:d2:5e:8d:80:fc:0d:fe:ca:bd:59:c0:
29:9b:5b:e7:38:0a:7d:23:9f:81:ea:70:9c:28:01:
6c:e6:fa:ac:f3:78:b3:93:05:df:38:b9:ed:db:fe:
5c:19:20:cc:ec:5a:99:e4:70:fe:14:cb:a5:4b:d1:
1e:a7:28:6c:7a:0d:94:f2:d0:4a:97:1d:c1:98:4f:
76:6f:3a:ab:59:1f:0e:11:e7:be:d4:a8:48:20:9f:
8e:dc:50:f9:51:e6:11:79:83:60:52:84:7e:b1:8a:
56:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E4:9A:70:E2:E7:D3:44:2C:DA:39:69:85:94:41:8A:35:12:64:18
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/y-SacOLn00Qs2jlphZRBijUSZBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.38.0/24
94.154.49.0/24
176.100.32.0/22
185.14.92.0/22
IPv6:
2a00:ccc2::/32
Signature Algorithm: sha256WithRSAEncryption
60:b1:18:cc:4d:8d:af:3b:9b:92:38:5d:da:c7:3b:1c:79:0f:
5d:a8:d8:be:44:ba:1b:39:06:9b:50:bd:ea:84:23:7e:c4:95:
74:61:f8:b1:32:87:ba:d4:4f:ee:11:a7:63:61:71:39:a1:4c:
1f:42:64:bb:7c:cc:b3:41:a8:8b:f2:e2:67:2d:7e:d0:66:ec:
2b:d7:1d:fc:6f:73:b6:d0:c6:26:d5:e8:30:40:b3:60:84:b5:
35:e2:c4:01:01:70:a0:5b:25:dd:92:5a:65:46:10:4f:d9:33:
93:81:13:ae:6e:b7:63:11:9c:62:25:ff:b9:cd:df:5e:b6:df:
1c:51:92:5b:36:58:26:92:7a:c1:5d:6f:54:97:6e:b0:88:c7:
66:2e:7a:dd:fd:76:f6:a8:f3:5d:d1:1f:7c:c7:c8:eb:27:d4:
71:d3:bd:21:2c:12:21:32:e5:4a:db:0f:86:0b:e8:86:f0:32:
54:16:0c:bc:29:21:0a:fb:20:47:f1:82:84:f0:ac:8d:1c:d3:
63:0c:d4:68:86:57:9c:81:50:d3:7e:fa:73:a2:6b:6a:a0:b3:
e1:0d:79:ef:10:c4:00:06:40:e3:9c:07:fc:37:21:e0:8f:6a:
c1:56:03:e1:7c:9b:f9:35:35:d3:fd:d5:5d:19:2d:ef:42:78:
b1:f6:b3:f9
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEH5V72jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDEw
MTE0MDYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JlNDlhNzBlMmU3
ZDM0NDJjZGEzOTY5ODU5NDQxOGEzNTEyNjQxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4Ul0v9D2mlM80oLxhBwyGP5KjBs5+sE2zPlOKuSLQheR24
BUSIqdX55NMtRjnSn2BDhwISUS6oew+/cqJ3oKOyh9pFG4xiU7v4r3DNhWxTxm6Y
UfqhLxcgBdLcFMUsCVJrkxlXAShBoczSgc1otNFpkEU0clEA4Va/eui7yZNnik3L
15W2R4nPgAqNrIXKPeDiW/R8QhwBF9JejYD8Df7KvVnAKZtb5zgKfSOfgepwnCgB
bOb6rPN4s5MF3zi57dv+XBkgzOxameRw/hTLpUvRHqcobHoNlPLQSpcdwZhPdm86
q1kfDhHnvtSoSCCfjtxQ+VHmEXmDYFKEfrGKVs8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTL5Jpw4ufTRCzaOWmFlEGKNRJkGDAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
L3ktU2FjT0xuMDBRczJqbHBoWlJCaWpVU1pCZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEACVyJgMEAF6aMQMEArBkIAMEArkO
XDANBAIAAjAHAwUAKgDMwjANBgkqhkiG9w0BAQsFAAOCAQEAYLEYzE2Nrzubkjhd
2sc7HHkPXajYvkS6GzkGm1C96oQjfsSVdGH4sTKHutRP7hGnY2FxOaFMH0Jku3zM
s0Goi/LiZy1+0GbsK9cd/G9zttDGJtXoMECzYIS1NeLEAQFwoFsl3ZJaZUYQT9kz
k4ETrm63YxGcYiX/uc3fXrbfHFGSWzZYJpJ6wV1vVJdusIjHZi563f129qjzXdEf
fMfI6yfUcdO9ISwSITLlStsPhgvohvAyVBYMvCkhCvsgR/GChPCsjRzTYwzUaIZX
nIFQ0376c6JraqCz4Q157xDEAAZA45wH/Dch4I9qwVYD4Xyb+TU10/3VXRkt70J4
sfaz+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org