Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/Y55liwIJIgL92Vg3BHG-pA1GBrY.roa
File: Y55liwIJIgL92Vg3BHG-pA1GBrY.roa (raw, json)
Hash identifier: 0Oy2sAMhmp3O7fsWlw5SSw0ueBnAiGK3jl2HnPvaX4M=
Subject key identifier: 63:9E:65:8B:02:09:22:02:FD:D9:58:37:04:71:BE:A4:0D:46:06:B6
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 01827DB7023FFEEB6E891DFE45EBED57249B
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/Y55liwIJIgL92Vg3BHG-pA1GBrY.roa
Signing time: Mon 08 Aug 2022 13:48:41 +0000
ROA not before: Mon 08 Aug 2022 13:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3209
IP address blocks: 195.50.128.0/18 maxlen: 18
85.238.224.0/19 maxlen: 19
195.158.128.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7d:b7:02:3f:fe:eb:6e:89:1d:fe:45:eb:ed:57:24:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Aug 8 13:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=639e658b02092202fdd958370471bea40d4606b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:d0:e9:98:71:4e:bf:84:6d:b6:15:14:76:
1f:21:a1:0c:32:29:8e:02:21:b7:7a:85:42:03:07:
78:7c:59:4e:d9:f5:45:28:38:a2:2e:89:64:d6:b6:
a8:63:2f:97:47:58:e8:ea:67:19:e6:dc:b5:03:eb:
9a:68:0c:54:04:e9:78:be:b7:9a:4b:12:42:1b:32:
ed:ba:f8:0f:84:f3:12:68:d8:13:26:14:6e:f2:7c:
35:25:1e:e0:10:04:f6:e1:87:25:43:80:3f:7a:3f:
79:16:f7:9a:93:fd:46:30:71:4a:52:ac:7f:44:83:
5d:c1:88:90:cf:1c:23:1c:3b:8b:7d:dc:90:ac:e8:
75:45:a9:af:a1:63:ff:d6:05:25:bd:d6:1c:40:25:
37:5d:d6:20:da:7f:7c:20:a2:63:6d:c0:67:bc:f6:
a5:ea:21:f0:50:dc:fb:32:75:ab:4f:2d:3c:77:76:
02:b1:2e:cb:2a:58:d6:7d:c0:26:18:bc:12:0b:7f:
fd:aa:9f:b0:97:32:77:08:e4:8e:e5:8b:2f:18:47:
2a:66:d5:55:c0:88:35:3e:77:69:27:75:45:8d:a7:
5f:aa:c1:08:63:fe:17:65:6d:5b:df:ff:86:e8:1f:
a8:4c:94:a3:e4:b2:fd:5f:1e:a6:42:8d:55:c0:ba:
1e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9E:65:8B:02:09:22:02:FD:D9:58:37:04:71:BE:A4:0D:46:06:B6
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/Y55liwIJIgL92Vg3BHG-pA1GBrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.238.224.0/19
195.50.128.0/18
195.158.128.0/19
Signature Algorithm: sha256WithRSAEncryption
79:df:8f:2b:d7:18:63:26:fd:e1:dc:f7:1e:f9:59:60:b2:b1:
c7:4f:3d:c3:12:4c:15:48:00:6d:a6:8b:ae:f6:1b:5e:c9:df:
77:a3:2f:8b:4d:09:16:f8:a2:c4:1f:7e:3f:61:01:3d:19:ca:
0e:ef:fb:24:84:23:fe:15:74:1e:bf:b8:19:6f:51:02:0d:14:
c4:c2:69:4f:8d:b5:e4:52:f1:19:1a:8e:7c:01:c0:9f:79:ea:
c3:7e:9b:4e:52:7a:71:da:ee:a0:c8:a7:85:4c:76:4b:27:32:
84:90:d2:f5:ac:45:05:50:b7:c5:9c:b4:a0:5d:d5:ff:29:3e:
2a:42:a7:93:3d:9a:98:09:14:8b:e9:4d:66:d6:a6:5f:6c:1a:
5e:f5:a5:0d:26:13:15:f0:b9:4f:da:18:bb:81:12:09:86:b8:
26:80:1b:15:5e:e1:88:72:a8:ba:70:aa:e2:63:c9:96:55:5d:
a1:74:c0:41:44:95:b3:d1:63:9f:21:11:ce:1f:9f:7f:da:0a:
98:ff:cb:41:a7:c1:53:76:0b:78:d1:7b:cd:c6:b6:ae:c4:b0:
14:a6:15:ac:92:19:01:85:30:ff:94:0d:c7:7c:11:53:46:d5:
3a:5f:c2:70:8b:5e:50:3c:05:66:e1:e3:91:47:9d:42:31:bb:
3a:eb:b2:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJ9twI//utuiR3+RevtVySbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjIwODA4MTM0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzllNjU4YjAyMDkyMjAyZmRkOTU4MzcwNDcxYmVhNDBkNDYwNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzvQ6ZhxTr+EbbYVFHYfIaEMMimO
AiG3eoVCAwd4fFlO2fVFKDiiLolk1raoYy+XR1jo6mcZ5ty1A+uaaAxUBOl4vrea
SxJCGzLtuvgPhPMSaNgTJhRu8nw1JR7gEAT24YclQ4A/ej95Fveak/1GMHFKUqx/
RINdwYiQzxwjHDuLfdyQrOh1RamvoWP/1gUlvdYcQCU3XdYg2n98IKJjbcBnvPal
6iHwUNz7MnWrTy08d3YCsS7LKljWfcAmGLwSC3/9qp+wlzJ3COSO5YsvGEcqZtVV
wIg1PndpJ3VFjadfqsEIY/4XZW1b3/+G6B+oTJSj5LL9Xx6mQo1VwLoeDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGOeZYsCCSIC/dlYNwRxvqQNRga2MB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvWTU1bGl3SUpJZ0w5MlZnM0JIRy1wQTFHQnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFVe7gAwQG
wzKAAwQFw56AMA0GCSqGSIb3DQEBCwUAA4IBAQB5348r1xhjJv3h3Pce+VlgsrHH
Tz3DEkwVSABtpouu9hteyd93oy+LTQkW+KLEH34/YQE9GcoO7/skhCP+FXQev7gZ
b1ECDRTEwmlPjbXkUvEZGo58AcCfeerDfptOUnpx2u6gyKeFTHZLJzKEkNL1rEUF
ULfFnLSgXdX/KT4qQqeTPZqYCRSL6U1m1qZfbBpe9aUNJhMV8LlP2hi7gRIJhrgm
gBsVXuGIcqi6cKriY8mWVV2hdMBBRJWz0WOfIRHOH59/2gqY/8tBp8FTdgt40XvN
xrauxLAUphWskhkBhTD/lA3HfBFTRtU6X8Jwi15QPAVm4eORR51CMbs667Jr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org