Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/cyKbA3ZQZP5tGmoPrveoy_lGY50.roa
File: cyKbA3ZQZP5tGmoPrveoy_lGY50.roa (raw, json)
Hash identifier: Wi28VlRtHXIe5R3BMPovNpXuzLcTVkRxNNzR8Kh3PDg=
Subject key identifier: 73:22:9B:03:76:50:64:FE:6D:1A:6A:0F:AE:F7:A8:CB:F9:46:63:9D
Certificate issuer: /CN=cb4fba09190b76849fff3d26d580790e54fac2e3
Certificate serial: 01857602A0B458146D62ABC4D4C5E44D090A
Authority key identifier: CB:4F:BA:09:19:0B:76:84:9F:FF:3D:26:D5:80:79:0E:54:FA:C2:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/cyKbA3ZQZP5tGmoPrveoy_lGY50.roa
Signing time: Tue 03 Jan 2023 05:02:41 +0000
ROA not before: Tue 03 Jan 2023 05:02:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62163
IP address blocks: 193.37.80.0/22 maxlen: 22
185.113.68.0/22 maxlen: 22
185.113.80.0/22 maxlen: 22
185.249.212.0/22 maxlen: 22
5.157.64.0/21 maxlen: 21
2a06:3f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:02:a0:b4:58:14:6d:62:ab:c4:d4:c5:e4:4d:09:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb4fba09190b76849fff3d26d580790e54fac2e3
Validity
Not Before: Jan 3 05:02:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73229b03765064fe6d1a6a0faef7a8cbf946639d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:23:8e:2d:64:58:61:4d:35:42:a5:99:e8:
ed:92:69:30:60:8d:60:03:b8:9c:37:20:8b:5e:b2:
46:a0:e9:45:40:eb:06:68:96:48:6a:1b:b9:7d:f8:
d2:9e:04:b2:9a:1e:9d:1b:a7:cb:16:61:92:48:8f:
18:e0:7e:3f:69:9b:2b:f8:92:d7:5e:7b:11:59:ea:
56:ed:d8:07:3e:a0:d5:eb:c1:21:2f:0d:7e:9f:d9:
93:d0:1f:b0:d8:b5:75:f6:8f:d6:2c:58:8c:2e:2f:
33:11:be:01:81:ef:72:c2:47:ec:f9:97:b5:8a:fa:
4c:e2:e8:c2:fa:01:6b:67:06:4a:a8:cb:78:68:41:
26:1e:57:7b:e7:1f:d1:b6:86:74:43:c2:82:42:bc:
68:3e:b0:98:42:f1:c4:b9:1c:cd:aa:6a:98:81:75:
9a:b5:0e:ed:2e:21:6c:88:f2:c4:b5:ca:e2:ca:b7:
cc:a9:44:1f:73:fd:f1:67:e6:10:d5:15:22:73:d6:
14:90:6f:06:e8:59:5b:c8:e6:8d:bc:45:ec:71:54:
e4:5b:cf:44:89:5d:6a:5b:bb:f0:b5:ad:4d:e9:6f:
3b:67:fa:3e:e8:35:76:87:2c:e8:a0:44:f3:a5:f2:
63:a0:79:1f:00:01:42:ef:fa:af:09:93:4d:76:e8:
54:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:22:9B:03:76:50:64:FE:6D:1A:6A:0F:AE:F7:A8:CB:F9:46:63:9D
X509v3 Authority Key Identifier:
keyid:CB:4F:BA:09:19:0B:76:84:9F:FF:3D:26:D5:80:79:0E:54:FA:C2:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/cyKbA3ZQZP5tGmoPrveoy_lGY50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/y0-6CRkLdoSf_z0m1YB5DlT6wuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.64.0/21
185.113.68.0/22
185.113.80.0/22
185.249.212.0/22
193.37.80.0/22
IPv6:
2a06:3f00::/29
Signature Algorithm: sha256WithRSAEncryption
56:6a:18:9b:f3:6c:a9:fc:06:2b:0a:03:fe:c5:a6:40:95:b5:
2d:51:c3:e0:89:c4:9d:2a:fb:1d:4b:b0:57:eb:80:5b:9f:85:
4b:cb:6d:7b:8b:27:6f:2b:37:74:63:bb:60:1f:a9:43:a3:6a:
5e:7a:10:d8:cd:97:36:b5:e1:aa:57:f3:eb:19:9b:bc:77:59:
8a:6f:63:60:70:67:3c:d8:35:78:8e:20:17:18:ce:67:25:6c:
10:20:0b:b3:9e:b6:60:bf:1c:41:37:5b:41:4e:b7:a4:47:8e:
07:b0:a7:25:4c:b0:21:41:7a:04:b1:d0:1a:4e:01:b2:ef:fd:
cf:00:63:22:26:79:69:9b:7a:fb:b5:7f:6e:82:66:d3:1a:a0:
62:17:bc:5a:6f:41:92:c7:81:d8:0a:b1:15:8f:67:9e:43:1e:
cc:d9:90:da:a2:5f:8d:a0:88:bc:80:b4:70:fa:8f:c3:61:55:
04:8e:d7:67:44:6c:81:11:97:a1:34:3a:32:87:59:e7:0b:43:
8b:03:24:36:b0:95:5e:ba:e5:75:19:b2:b9:a4:3e:df:5a:56:
f7:aa:3a:c7:7a:b1:9d:80:23:b6:74:f5:24:a4:69:2d:18:cd:
bf:c1:2d:1d:b5:c0:3f:dd:bd:d1:6a:91:d3:97:57:13:cc:c2:
81:c3:ef:7a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYV2AqC0WBRtYqvE1MXkTQkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNGZiYTA5MTkwYjc2ODQ5ZmZmM2QyNmQ1ODA3OTBlNTRm
YWMyZTMwHhcNMjMwMTAzMDUwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzIyOWIwMzc2NTA2NGZlNmQxYTZhMGZhZWY3YThjYmY5NDY2MzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqisjji1kWGFNNUKlmejtkmkwYI1g
A7icNyCLXrJGoOlFQOsGaJZIahu5ffjSngSymh6dG6fLFmGSSI8Y4H4/aZsr+JLX
XnsRWepW7dgHPqDV68EhLw1+n9mT0B+w2LV19o/WLFiMLi8zEb4Bge9ywkfs+Ze1
ivpM4ujC+gFrZwZKqMt4aEEmHld75x/RtoZ0Q8KCQrxoPrCYQvHEuRzNqmqYgXWa
tQ7tLiFsiPLEtcriyrfMqUQfc/3xZ+YQ1RUic9YUkG8G6FlbyOaNvEXscVTkW89E
iV1qW7vwta1N6W87Z/o+6DV2hyzooETzpfJjoHkfAAFC7/qvCZNNduhUGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHMimwN2UGT+bRpqD673qMv5RmOdMB8GA1UdIwQY
MBaAFMtPugkZC3aEn/89JtWAeQ5U+sLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTAtNkNSa0xkb1NmX3owbTFZQjVEbFQ2d3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9kYWRiNGItMTRmMy00MmZhLTk1Yjct
Zjg1Y2M1NzQ3ZmJmLzEvY3lLYkEzWlFaUDV0R21vUHJ2ZW95X2xHWTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9kYWRiNGItMTRmMy00MmZhLTk1YjctZjg1Y2M1NzQ3ZmJm
LzEveTAtNkNSa0xkb1NmX3owbTFZQjVEbFQ2d3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZ1AAwQC
uXFEAwQCuXFQAwQCufnUAwQCwSVQMA0EAgACMAcDBQMqBj8AMA0GCSqGSIb3DQEB
CwUAA4IBAQBWahib82yp/AYrCgP+xaZAlbUtUcPgicSdKvsdS7BX64Bbn4VLy217
iydvKzd0Y7tgH6lDo2peehDYzZc2teGqV/PrGZu8d1mKb2NgcGc82DV4jiAXGM5n
JWwQIAuznrZgvxxBN1tBTrekR44HsKclTLAhQXoEsdAaTgGy7/3PAGMiJnlpm3r7
tX9ugmbTGqBiF7xab0GSx4HYCrEVj2eeQx7M2ZDaol+NoIi8gLRw+o/DYVUEjtdn
RGyBEZehNDoyh1nnC0OLAyQ2sJVeuuV1GbK5pD7fWlb3qjrHerGdgCO2dPUkpGkt
GM2/wS0dtcA/3b3RapHTl1cTzMKBw+96
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:07 2025 by rpki-client