Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/Y6h_uIp6p9VrDbP4SHTGbxFUcf0.roa
File: Y6h_uIp6p9VrDbP4SHTGbxFUcf0.roa (raw, json)
Hash identifier: sUu116aycJXGN8Maq8jZks4oA/4ymAqJUAAU/EnsWzk=
Subject key identifier: 63:A8:7F:B8:8A:7A:A7:D5:6B:0D:B3:F8:48:74:C6:6F:11:54:71:FD
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 018506E5120F87C9AC8CFD4C04DE18B5EB4D
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/Y6h_uIp6p9VrDbP4SHTGbxFUcf0.roa
Signing time: Mon 12 Dec 2022 15:12:33 +0000
ROA not before: Mon 12 Dec 2022 15:12:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201271
IP address blocks: 158.233.228.0/24 maxlen: 24
158.233.228.0/23 maxlen: 23
158.233.227.0/24 maxlen: 24
158.233.229.0/24 maxlen: 24
158.233.242.0/24 maxlen: 24
158.233.242.0/23 maxlen: 23
158.233.244.0/24 maxlen: 24
158.233.244.0/23 maxlen: 23
158.233.243.0/24 maxlen: 24
158.233.245.0/24 maxlen: 24
158.233.246.0/23 maxlen: 23
158.233.246.0/24 maxlen: 24
158.233.247.0/24 maxlen: 24
158.233.249.0/24 maxlen: 24
158.233.248.0/24 maxlen: 24
158.233.248.0/23 maxlen: 23
158.233.251.0/24 maxlen: 24
158.233.250.0/24 maxlen: 24
158.233.250.0/23 maxlen: 23
158.233.224.0/24 maxlen: 24
2001:67c:2af0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:e5:12:0f:87:c9:ac:8c:fd:4c:04:de:18:b5:eb:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Dec 12 15:12:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63a87fb88a7aa7d56b0db3f84874c66f115471fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f9:9b:e1:b5:ca:2b:9b:bb:d7:71:4c:2c:00:
15:2a:8a:a8:dd:a3:bd:7b:5b:e7:ca:e6:b2:6d:66:
25:b5:b9:82:3a:3b:ec:ea:45:cb:e6:15:ec:b8:88:
46:c2:cf:8e:17:9e:7f:b1:21:62:91:6a:45:1e:2b:
ae:08:6c:39:11:3e:ce:0a:77:e4:f4:11:40:55:73:
e3:46:d8:0b:bb:36:7e:e4:fc:6e:b2:c1:db:cc:a0:
63:29:ce:ea:c0:e7:2a:f5:b1:40:fb:b7:c2:a9:95:
d1:f0:8d:22:c6:dc:d9:61:20:ef:2f:1e:a1:6a:fd:
5c:7d:c4:85:cb:ed:0d:c9:e3:d4:d1:36:3a:12:c9:
51:d6:b2:e1:0b:80:2a:9a:10:52:aa:6e:e8:06:76:
c1:52:60:c8:1c:f8:cb:aa:c6:d4:0e:25:bf:b6:ac:
a7:7e:2a:c9:65:46:1e:e0:ea:7f:02:a1:1f:34:ca:
22:7b:a1:88:d4:d2:85:3e:9d:dd:f6:16:c8:97:7d:
2a:38:7c:4b:64:b4:50:14:5f:b5:99:fc:dd:ed:94:
9f:f7:c8:4d:37:9d:be:44:1a:55:1b:52:a2:3c:c8:
40:1c:c6:9a:f6:08:e1:ad:85:3b:13:52:01:db:86:
d4:3f:cd:a6:a3:fd:99:2b:e0:9b:9b:73:2e:eb:9c:
b6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A8:7F:B8:8A:7A:A7:D5:6B:0D:B3:F8:48:74:C6:6F:11:54:71:FD
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/Y6h_uIp6p9VrDbP4SHTGbxFUcf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.224.0/24
158.233.227.0-158.233.229.255
158.233.242.0-158.233.251.255
IPv6:
2001:67c:2af0::/48
Signature Algorithm: sha256WithRSAEncryption
03:e9:8a:3c:1e:28:ec:78:b8:ea:31:52:0b:d9:f0:12:9c:f2:
a8:b6:30:5b:1e:2a:b0:a0:99:0e:71:bc:10:26:8d:57:d0:88:
83:e8:d7:62:5f:be:84:6a:d1:fd:b0:c9:84:1c:43:61:94:c3:
66:d2:12:f3:c5:5b:af:19:54:3f:f6:06:e9:fa:3e:93:7b:1f:
ed:65:91:c9:41:10:be:08:40:45:2a:31:8c:3a:75:03:c7:ff:
44:91:39:70:f8:2e:52:22:f6:31:e2:49:ee:2b:0e:cf:4a:de:
a7:cb:38:92:7d:56:ca:49:33:97:56:1b:19:a5:c9:7d:9f:07:
88:76:a6:04:62:31:3a:09:26:1c:fa:7d:51:a2:e0:b1:c2:3b:
f9:90:bc:88:2a:0f:26:e2:29:70:1b:75:00:02:ea:e3:7e:bd:
2e:45:7d:05:a5:54:bb:07:00:f9:52:05:7d:38:b1:40:dc:2f:
bd:ec:56:a3:d7:43:fe:8c:c1:de:98:dc:ff:02:1d:1f:ae:e3:
85:5c:aa:31:b1:32:4c:ac:de:e5:35:4a:ea:f6:d8:4f:8a:ce:
d8:e9:0d:95:a7:a5:72:71:b9:07:f3:84:b5:e9:cb:ca:6f:05:
85:06:0c:68:c6:ec:24:51:98:87:6b:54:93:37:4d:ff:08:ff:
99:34:05:b6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYUG5RIPh8msjP1MBN4YtetNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjIxMjEyMTUxMjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E4N2ZiODhhN2FhN2Q1NmIwZGIzZjg0ODc0YzY2ZjExNTQ3MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvmb4bXKK5u713FMLAAVKoqo3aO9
e1vnyuaybWYltbmCOjvs6kXL5hXsuIhGws+OF55/sSFikWpFHiuuCGw5ET7OCnfk
9BFAVXPjRtgLuzZ+5PxussHbzKBjKc7qwOcq9bFA+7fCqZXR8I0ixtzZYSDvLx6h
av1cfcSFy+0NyePU0TY6EslR1rLhC4AqmhBSqm7oBnbBUmDIHPjLqsbUDiW/tqyn
firJZUYe4Op/AqEfNMoie6GI1NKFPp3d9hbIl30qOHxLZLRQFF+1mfzd7ZSf98hN
N52+RBpVG1KiPMhAHMaa9gjhrYU7E1IB24bUP82mo/2ZK+Cbm3Mu65y2MwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGOof7iKeqfVaw2z+Eh0xm8RVHH9MB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEvWTZoX3VJcDZwOVZyRGJQNFNIVEdieEZVY2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiAwQAnungMAwD
BACe6eMDBAGe6eQwDAMEAZ7p8gMEAp7p+DAPBAIAAjAJAwcAIAEGfCrwMA0GCSqG
SIb3DQEBCwUAA4IBAQAD6Yo8HijseLjqMVIL2fASnPKotjBbHiqwoJkOcbwQJo1X
0IiD6NdiX76EatH9sMmEHENhlMNm0hLzxVuvGVQ/9gbp+j6Tex/tZZHJQRC+CEBF
KjGMOnUDx/9EkTlw+C5SIvYx4knuKw7PSt6nyziSfVbKSTOXVhsZpcl9nweIdqYE
YjE6CSYc+n1RouCxwjv5kLyIKg8m4ilwG3UAAurjfr0uRX0FpVS7BwD5UgV9OLFA
3C+97Faj10P+jMHemNz/Ah0fruOFXKoxsTJMrN7lNUrq9thPis7Y6Q2Vp6VycbkH
84S16cvKbwWFBgxoxuwkUZiHa1STN03/CP+ZNAW2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:34 2025 by rpki-client