Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/SyflmP90F8kVs1ukemHVca-JgLc.roa
File: SyflmP90F8kVs1ukemHVca-JgLc.roa (raw, json)
Hash identifier: yxQasdHtYqxhxXp2yMLXfmFckikgmd8Wt5uFW2KgIak=
Subject key identifier: 4B:27:E5:98:FF:74:17:C9:15:B3:5B:A4:7A:61:D5:71:AF:89:80:B7
Certificate issuer: /CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Certificate serial: 04E55F09
Authority key identifier: A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/SyflmP90F8kVs1ukemHVca-JgLc.roa
Signing time: Sat 01 Jan 2022 05:00:52 +0000
ROA not before: Sat 01 Jan 2022 05:00:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24703
IP address blocks: 193.111.9.0/24 maxlen: 24
193.111.8.0/23 maxlen: 23
193.111.8.0/24 maxlen: 24
176.111.49.0/24 maxlen: 24
176.111.48.0/23 maxlen: 23
176.111.48.0/24 maxlen: 24
176.111.58.0/24 maxlen: 24
195.128.17.0/24 maxlen: 24
176.111.58.0/23 maxlen: 23
176.111.57.0/24 maxlen: 24
195.128.16.0/24 maxlen: 24
195.128.16.0/22 maxlen: 22
176.111.60.0/24 maxlen: 24
195.128.19.0/24 maxlen: 24
176.111.59.0/24 maxlen: 24
195.128.18.0/24 maxlen: 24
176.111.63.0/24 maxlen: 24
176.111.62.0/24 maxlen: 24
176.111.61.0/24 maxlen: 24
176.111.60.0/22 maxlen: 22
195.234.213.0/24 maxlen: 24
195.234.212.0/22 maxlen: 22
195.234.212.0/24 maxlen: 24
195.234.215.0/24 maxlen: 24
195.234.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82140937 (0x4e55f09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Validity
Not Before: Jan 1 05:00:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b27e598ff7417c915b35ba47a61d571af8980b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ff:b0:26:7b:d6:14:57:c7:08:21:91:f1:75:
62:e6:fd:b9:0c:bb:dc:75:b6:83:53:7a:2a:ae:a2:
c2:96:3a:5a:e0:d8:54:c8:5b:1f:bc:b3:bd:a7:97:
a4:bf:d4:d0:e9:83:47:41:f0:5b:80:1c:46:4d:cc:
49:ec:a7:98:42:7e:96:7f:31:2c:71:07:06:95:01:
44:49:9c:d4:ee:77:2f:72:6d:7c:97:cc:e1:f3:15:
20:45:8e:72:77:80:e8:af:a6:0d:25:74:25:45:fb:
e9:53:f7:ce:d2:f5:ae:0e:03:3c:d8:4a:dd:f6:3c:
fc:3a:54:60:45:4e:da:aa:4b:0f:b8:9c:63:d6:fb:
b2:2f:d1:22:b5:27:fa:67:53:f8:36:14:90:03:38:
1e:42:33:f0:4d:e2:69:f8:85:26:43:9a:a4:d4:a6:
77:b8:b8:4f:41:8d:5e:2e:6a:af:ee:a5:82:85:39:
35:78:05:6b:06:f6:97:4f:3a:27:07:96:df:be:00:
9c:ef:da:e1:e9:cf:9f:42:b4:08:0c:61:a1:34:f0:
1c:f5:cb:5f:e8:f7:51:01:c1:84:66:c5:a1:74:ba:
b3:9f:03:50:cd:ec:5a:75:b9:12:1f:8f:b9:16:c6:
02:6f:5c:ba:c3:b2:42:89:60:b4:5d:9c:fd:55:48:
4e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:27:E5:98:FF:74:17:C9:15:B3:5B:A4:7A:61:D5:71:AF:89:80:B7
X509v3 Authority Key Identifier:
keyid:A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/SyflmP90F8kVs1ukemHVca-JgLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.48.0/23
176.111.57.0-176.111.63.255
193.111.8.0/23
195.128.16.0/22
195.234.212.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:81:13:85:1a:e8:02:d1:00:fe:b1:db:d0:4e:d0:19:77:e5:
50:d4:5d:06:f5:83:37:4b:63:82:8b:4a:48:b5:d7:66:28:2f:
db:fc:7b:2a:69:65:53:36:0a:93:b8:21:b8:64:1f:68:f0:a8:
d4:f3:cb:12:de:c4:40:75:ac:61:54:c3:c1:2b:be:7a:b9:97:
b0:36:a1:98:15:cc:c2:f4:8b:22:7b:c3:18:23:89:48:d7:db:
a6:a6:f3:c4:57:88:dd:c1:06:05:cd:78:26:9e:66:40:ba:4b:
de:49:df:0c:d0:7d:ba:77:b3:5e:d1:ce:1b:be:e5:cf:c0:29:
2f:9e:3a:79:f0:e8:10:29:a7:37:e6:72:f3:e6:e0:84:5b:24:
63:70:00:ec:8a:77:00:ad:99:36:33:73:0a:fc:a0:2b:b8:19:
dc:ce:f3:de:fe:70:58:e3:c4:ee:68:aa:2d:26:98:58:31:e9:
f5:a3:a6:b6:df:9b:69:ba:28:f6:8e:b7:d0:ae:29:1c:52:0a:
ac:42:fe:38:f3:89:17:c9:a1:ca:44:0e:27:98:b6:bf:40:4b:
ff:69:e9:18:9a:0a:20:37:79:05:00:e0:f4:9c:53:ef:80:13:
08:50:fb:1d:23:c0:bc:17:f5:86:97:cf:33:2c:1d:11:bc:9d:
a9:9f:7c:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBOVfCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NmI3ODliMzJlMTZlOWRkMmY3MDUxMzExOWRjNzdlYTYxZmYxZTA5MB4XDTIyMDEw
MTA1MDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIyN2U1OThmZjc0
MTdjOTE1YjM1YmE0N2E2MWQ1NzFhZjg5ODBiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALz/sCZ71hRXxwghkfF1Yub9uQy73HW2g1N6Kq6iwpY6WuDY
VMhbH7yzvaeXpL/U0OmDR0HwW4AcRk3MSeynmEJ+ln8xLHEHBpUBREmc1O53L3Jt
fJfM4fMVIEWOcneA6K+mDSV0JUX76VP3ztL1rg4DPNhK3fY8/DpUYEVO2qpLD7ic
Y9b7si/RIrUn+mdT+DYUkAM4HkIz8E3iafiFJkOapNSmd7i4T0GNXi5qr+6lgoU5
NXgFawb2l086JweW374AnO/a4enPn0K0CAxhoTTwHPXLX+j3UQHBhGbFoXS6s58D
UM3sWnW5Eh+PuRbGAm9cusOyQolgtF2c/VVITmUCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBRLJ+WY/3QXyRWzW6R6YdVxr4mAtzAfBgNVHSMEGDAWgBSmt4mzLhbp3S9w
UTEZ3HfqYf8eCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ByZUpzeTRXNmQwdmNGRXhHZHgzNm1IX0hnay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvZTc2OGJkLWY1MTItNGI4YS05MzZhLTA2YzkyOTZmMDhhMi8x
L1N5ZmxtUDkwRjhrVnMxdWtlbUhWY2EtSmdMYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
ZTc2OGJkLWY1MTItNGI4YS05MzZhLTA2YzkyOTZmMDhhMi8xL3ByZUpzeTRXNmQw
dmNGRXhHZHgzNm1IX0hnay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAbBvMDAMAwQAsG85AwQGsG8AAwQB
wW8IAwQCw4AQAwQCw+rUMA0GCSqGSIb3DQEBCwUAA4IBAQCLgROFGugC0QD+sdvQ
TtAZd+VQ1F0G9YM3S2OCi0pItddmKC/b/HsqaWVTNgqTuCG4ZB9o8KjU88sS3sRA
daxhVMPBK756uZewNqGYFczC9Isie8MYI4lI19umpvPEV4jdwQYFzXgmnmZAukve
Sd8M0H26d7Ne0c4bvuXPwCkvnjp58OgQKac35nLz5uCEWyRjcADsincArZk2M3MK
/KAruBnczvPe/nBY48TuaKotJphYMen1o6a235tpuij2jrfQrikcUgqsQv4484kX
yaHKRA4nmLa/QEv/aekYmgogN3kFAOD0nFPvgBMIUPsdI8C8F/WGl88zLB0RvJ2p
n3zV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:04 2023 by rpki-client on console-fra.rpki-client.org