Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/Y5vNGQhvOi2UjhnmKrkWZdZGkM4.roa
File: Y5vNGQhvOi2UjhnmKrkWZdZGkM4.roa (raw, json)
Hash identifier: zDxH+OL9eY0UjiusQjDp9xz+zxmMxaRLvP5KTvXzzWs=
Subject key identifier: 63:9B:CD:19:08:6F:3A:2D:94:8E:19:E6:2A:B9:16:65:D6:46:90:CE
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 0184BD89C75B278FAF399226CDF497F9FE01
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/Y5vNGQhvOi2UjhnmKrkWZdZGkM4.roa
Signing time: Mon 28 Nov 2022 09:20:34 +0000
ROA not before: Mon 28 Nov 2022 09:20:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202468
IP address blocks: 130.185.120.0/22 maxlen: 24
185.235.40.0/22 maxlen: 24
194.5.192.0/23 maxlen: 24
194.5.206.0/23 maxlen: 24
185.204.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:89:c7:5b:27:8f:af:39:92:26:cd:f4:97:f9:fe:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Nov 28 09:20:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=639bcd19086f3a2d948e19e62ab91665d64690ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8b:a8:0e:45:82:6f:1d:27:e9:b5:4a:73:e5:
03:36:8e:a4:b4:e3:2a:49:d2:86:42:88:cf:ec:40:
cf:3e:54:49:83:76:23:52:13:a4:82:00:81:46:00:
c8:92:0f:43:4c:27:68:27:c4:d6:cf:a0:74:1e:d3:
9c:58:29:84:3d:d4:68:95:e9:51:91:f3:be:e2:91:
e9:26:92:2e:16:fb:9c:f5:a6:54:58:08:4f:ca:55:
7a:59:1d:5f:ae:91:13:d9:06:6a:60:ff:e8:93:9b:
78:dc:73:0c:4c:9c:79:14:81:4f:d1:70:e3:41:ae:
4b:82:5f:18:46:c3:04:fd:8b:f0:a1:fc:78:f9:1c:
ca:07:6b:1a:a9:d8:70:20:ff:71:46:45:22:54:c7:
aa:dc:08:c5:8e:a1:d8:11:89:a8:f4:ed:16:79:43:
c1:8b:9f:03:ea:c8:16:fd:73:3b:73:f2:dc:ff:d1:
99:05:d5:7a:6a:9a:7d:42:3c:95:00:49:6b:a9:6d:
a7:ad:8b:8e:ef:46:16:f2:1e:45:7b:dd:46:fd:13:
2e:3e:5d:da:1b:17:25:3d:22:94:27:b7:32:5d:33:
32:5f:be:6e:e2:35:de:66:64:9e:a3:ac:18:6d:b7:
44:6d:55:3e:a0:6b:45:11:48:c0:3d:0b:33:d9:6d:
12:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9B:CD:19:08:6F:3A:2D:94:8E:19:E6:2A:B9:16:65:D6:46:90:CE
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/Y5vNGQhvOi2UjhnmKrkWZdZGkM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.235.40.0/22
194.5.192.0/23
194.5.206.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:e4:04:5d:2d:cc:70:98:ac:b4:45:2a:fd:d6:a0:16:02:1a:
4d:9e:89:1b:01:1c:0a:28:de:22:5c:aa:8a:b1:4a:18:f8:b7:
ec:a3:e4:c8:40:bf:d2:e8:4d:11:75:41:ea:08:42:34:ea:40:
94:84:39:93:75:28:8c:e6:73:16:71:b3:37:be:da:66:d1:e8:
76:55:5e:26:0a:49:91:16:6e:b2:da:5c:2b:a7:db:f8:9f:a2:
c8:69:e5:f2:04:0a:74:7d:79:55:70:27:73:d9:52:19:54:86:
03:af:90:9a:67:c5:9e:49:05:d9:0b:0f:39:fb:79:de:10:e4:
44:cb:0f:0d:06:e3:10:69:97:83:51:fe:ee:29:9c:c4:6b:e1:
4e:88:20:39:10:e6:68:69:67:f5:52:e6:ac:2a:ab:b2:9e:ef:
84:9d:80:74:5a:20:61:02:9c:94:5e:d5:e9:3b:f0:c1:a8:da:
73:0c:06:ba:5c:66:0b:2f:94:53:06:42:d4:98:ba:d7:de:e9:
21:db:4a:4b:63:c3:a2:8e:47:01:64:5f:88:fc:ed:e6:c3:92:
fe:d3:01:a6:ee:bf:10:c7:9a:9d:2c:c2:1d:87:1f:09:6d:18:
75:03:97:6c:6b:2d:02:dd:31:e5:3f:4c:2d:9a:a7:f5:47:61:
50:7a:88:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYS9icdbJ4+vOZImzfSX+f4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjIxMTI4MDkyMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzliY2QxOTA4NmYzYTJkOTQ4ZTE5ZTYyYWI5MTY2NWQ2NDY5MGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYuoDkWCbx0n6bVKc+UDNo6ktOMq
SdKGQojP7EDPPlRJg3YjUhOkggCBRgDIkg9DTCdoJ8TWz6B0HtOcWCmEPdRolelR
kfO+4pHpJpIuFvuc9aZUWAhPylV6WR1frpET2QZqYP/ok5t43HMMTJx5FIFP0XDj
Qa5Lgl8YRsME/Yvwofx4+RzKB2saqdhwIP9xRkUiVMeq3AjFjqHYEYmo9O0WeUPB
i58D6sgW/XM7c/Lc/9GZBdV6app9QjyVAElrqW2nrYuO70YW8h5Fe91G/RMuPl3a
GxclPSKUJ7cyXTMyX75u4jXeZmSeo6wYbbdEbVU+oGtFEUjAPQsz2W0SUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGObzRkIbzotlI4Z5iq5FmXWRpDOMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvWTV2TkdRaHZPaTJVamhubUtya1daZFpHa000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCgrl4AwQC
ucyoAwQCuesoAwQBwgXAAwQBwgXOMA0GCSqGSIb3DQEBCwUAA4IBAQA65ARdLcxw
mKy0RSr91qAWAhpNnokbARwKKN4iXKqKsUoY+Lfso+TIQL/S6E0RdUHqCEI06kCU
hDmTdSiM5nMWcbM3vtpm0eh2VV4mCkmRFm6y2lwrp9v4n6LIaeXyBAp0fXlVcCdz
2VIZVIYDr5CaZ8WeSQXZCw85+3neEOREyw8NBuMQaZeDUf7uKZzEa+FOiCA5EOZo
aWf1UuasKquynu+EnYB0WiBhApyUXtXpO/DBqNpzDAa6XGYLL5RTBkLUmLrX3ukh
20pLY8OijkcBZF+I/O3mw5L+0wGm7r8Qx5qdLMIdhx8JbRh1A5dsay0C3THlP0wt
mqf1R2FQeogS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:02 2025 by rpki-client