Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RS-y15WLPyPQ3xCOEeqRe47KYl4.roa
File: RS-y15WLPyPQ3xCOEeqRe47KYl4.roa (raw, json)
Hash identifier: 7KfaMqhLvAtdTi6k7YAcTTlKu7+SO7cvW8Q1FuIyJhE=
Subject key identifier: 45:2F:B2:D7:95:8B:3F:23:D0:DF:10:8E:11:EA:91:7B:8E:CA:62:5E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01840DF875FC187DB20D9B4458697141FE01
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RS-y15WLPyPQ3xCOEeqRe47KYl4.roa
Signing time: Tue 25 Oct 2022 07:08:17 +0000
ROA not before: Tue 25 Oct 2022 07:08:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:f8:75:fc:18:7d:b2:0d:9b:44:58:69:71:41:fe:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 25 07:08:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=452fb2d7958b3f23d0df108e11ea917b8eca625e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:95:3e:8a:56:db:ed:90:4d:44:64:58:2c:
17:b3:d5:0c:27:73:96:3f:e1:ba:77:d3:d6:e0:77:
60:d1:ab:a3:34:44:00:2d:05:2f:da:de:d6:1a:22:
51:68:b0:9d:10:93:d7:96:83:ed:c2:cc:1c:52:a0:
31:46:c2:72:e4:7d:e4:b3:e6:31:a7:d2:7c:74:b2:
c7:35:a3:ef:aa:0a:2b:31:81:d8:18:d8:0b:8f:4f:
ed:a3:ae:68:43:4d:ef:25:ca:57:a3:82:da:52:7e:
98:bb:58:6f:26:97:75:a1:35:19:d6:25:f3:8b:0f:
c2:c2:cb:31:99:1f:ca:3d:57:f8:af:f4:85:ce:21:
e1:84:ed:7e:88:42:cf:3c:20:1b:a6:ec:48:12:0d:
d3:ec:ea:d5:52:ea:fe:7a:7c:59:29:d5:9a:1e:82:
57:fd:9b:40:b8:04:11:2c:0e:62:a7:56:aa:7c:47:
a4:f2:0f:bd:92:e2:48:e7:fa:67:55:c3:0a:34:a6:
ab:a3:9c:c7:52:d5:34:48:ab:78:c0:ea:6c:ac:66:
e2:f2:61:f6:e3:f6:70:5c:22:75:0d:ff:45:f4:ae:
1d:34:db:45:d0:6d:9e:56:f4:d7:6f:eb:81:e8:dd:
bd:c5:9b:6a:b0:a6:cb:00:1d:f8:89:21:b2:d4:10:
db:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2F:B2:D7:95:8B:3F:23:D0:DF:10:8E:11:EA:91:7B:8E:CA:62:5E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RS-y15WLPyPQ3xCOEeqRe47KYl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
a9:c1:7b:3f:61:bb:6f:5b:26:ec:80:01:13:73:03:e7:01:4f:
07:47:44:65:80:70:c4:91:3c:23:71:2e:46:95:73:34:91:18:
74:ec:8a:22:4f:55:cc:d8:8c:74:5a:5a:76:95:58:7b:65:d1:
e4:7f:d8:19:de:83:6a:04:24:3f:fd:1f:71:d1:44:d3:8e:a8:
ef:98:e7:4d:c2:f3:44:9f:c1:d2:48:7e:3d:a5:7b:08:d3:15:
2f:0b:c4:db:1f:2a:c1:fc:61:fa:2e:6c:93:0a:ab:28:cd:72:
17:f6:48:b9:53:4e:07:02:8e:fb:4c:56:33:d4:84:59:c1:8f:
43:1d:ae:4a:31:d0:9e:03:93:2e:77:11:f0:76:9f:e9:27:85:
34:ae:13:51:c6:ce:ad:94:6d:13:ce:de:a3:ce:4e:70:dd:bd:
14:7a:81:2f:ff:94:53:f3:c3:11:fa:2e:27:46:0e:02:08:dc:
cf:0c:7b:54:08:cd:a5:5f:96:14:b2:b1:da:45:f9:07:37:47:
d8:cf:4b:1a:a0:95:2d:01:ea:45:9a:49:b5:37:b5:33:c5:27:
d1:9d:ea:f3:df:9b:68:a7:fa:9b:e5:95:80:f7:6b:12:44:28:
25:2c:2d:79:f2:24:9c:94:15:b5:6a:ab:77:de:7e:d7:e7:10:
9e:c3:d8:7e
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYQN+HX8GH2yDZtEWGlxQf4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI1MDcwODE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJmYjJkNzk1OGIzZjIzZDBkZjEwOGUxMWVhOTE3YjhlY2E2MjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov6VPopW2+2QTURkWCwXs9UMJ3OW
P+G6d9PW4Hdg0aujNEQALQUv2t7WGiJRaLCdEJPXloPtwswcUqAxRsJy5H3ks+Yx
p9J8dLLHNaPvqgorMYHYGNgLj0/to65oQ03vJcpXo4LaUn6Yu1hvJpd1oTUZ1iXz
iw/CwssxmR/KPVf4r/SFziHhhO1+iELPPCAbpuxIEg3T7OrVUur+enxZKdWaHoJX
/ZtAuAQRLA5ip1aqfEek8g+9kuJI5/pnVcMKNKaro5zHUtU0SKt4wOpsrGbi8mH2
4/ZwXCJ1Df9F9K4dNNtF0G2eVvTXb+uB6N29xZtqsKbLAB34iSGy1BDbjQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFEUvsteViz8j0N8QjhHqkXuOymJeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUlMteTE1V0xQeVBRM3hDT0VlcVJlNDdLWWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMGwEAgAC
MGYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAECAwcEKhDMQAHA
AwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAKnBez9hu29bJuyAARNzA+cBTwdH
RGWAcMSRPCNxLkaVczSRGHTsiiJPVczYjHRaWnaVWHtl0eR/2Bneg2oEJD/9H3HR
RNOOqO+Y503C80SfwdJIfj2lewjTFS8LxNsfKsH8YfoubJMKqyjNchf2SLlTTgcC
jvtMVjPUhFnBj0Mdrkox0J4Dky53EfB2n+knhTSuE1HGzq2UbRPO3qPOTnDdvRR6
gS//lFPzwxH6LidGDgII3M8Me1QIzaVflhSysdpF+Qc3R9jPSxqglS0B6kWaSbU3
tTPFJ9Gd6vPfm2in+pvllYD3axJEKCUsLXnyJJyUFbVqq3feftfnEJ7D2H4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org