Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bKYFUry73Fx3jj_JC8fnzvExP0g.roa
File: bKYFUry73Fx3jj_JC8fnzvExP0g.roa (raw, json)
Hash identifier: FDA29P7WMLD72CWTN1wN2TReRsXvYZXp9dvR6zitSNM=
Subject key identifier: 6C:A6:05:52:BC:BB:DC:5C:77:8E:3F:C9:0B:C7:E7:CE:F1:31:3F:48
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01837D572D3C23E57A293AA814C7B0C0398B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bKYFUry73Fx3jj_JC8fnzvExP0g.roa
Signing time: Tue 27 Sep 2022 05:06:48 +0000
ROA not before: Tue 27 Sep 2022 05:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133206
IP address blocks: 193.36.84.0/23 maxlen: 24
188.214.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:57:2d:3c:23:e5:7a:29:3a:a8:14:c7:b0:c0:39:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 27 05:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ca60552bcbbdc5c778e3fc90bc7e7cef1313f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:45:f1:fa:5b:d9:b1:0b:ad:9d:6a:ae:38:f1:
8b:11:b3:5d:e7:08:b7:a7:6c:7b:c9:ea:9f:30:16:
90:d9:30:a2:a3:57:7d:82:8a:11:02:5e:7f:7d:ee:
ab:e6:91:e3:dd:50:85:3c:62:10:a9:5d:a1:fa:ce:
fd:16:a3:2a:85:8e:9a:63:22:2b:cb:1d:cb:93:0a:
67:50:d4:cc:3d:e3:fa:41:70:e3:0d:c8:73:da:d5:
bd:26:d4:7a:7d:0e:1e:3a:59:49:e2:be:24:dc:b5:
8b:6f:be:b7:d4:8c:92:9c:ff:2f:70:1c:31:40:38:
a5:b7:08:22:9e:ac:cb:2e:78:6c:a8:b6:83:6d:0c:
0f:1a:90:e6:99:e5:4f:d2:aa:62:06:f4:a5:78:6c:
44:2c:43:be:2a:00:40:12:bf:68:41:72:50:b4:9e:
52:9f:50:56:bf:85:4f:39:ad:3c:5a:39:21:f0:c5:
70:78:04:e0:1c:88:75:b7:f0:59:12:13:be:a4:31:
91:76:3b:0c:3e:ed:07:c4:d7:fb:b5:fb:ce:8a:cb:
f7:8d:3d:4f:2c:e6:c1:d3:53:e6:74:9c:ea:87:f9:
13:45:8c:db:6e:90:6a:9d:aa:70:2d:ea:bb:43:b0:
aa:82:9a:6a:ac:13:10:7e:b1:e4:07:d5:32:bb:45:
95:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A6:05:52:BC:BB:DC:5C:77:8E:3F:C9:0B:C7:E7:CE:F1:31:3F:48
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bKYFUry73Fx3jj_JC8fnzvExP0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.236.0/22
193.36.84.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:2f:90:72:d6:26:af:d1:21:35:7c:23:5e:c9:d7:a2:53:8e:
65:4f:5a:7d:72:69:12:bf:c1:5f:a2:3e:c5:a1:f2:1a:b4:4e:
cc:de:1c:5b:6c:d4:42:18:4b:5b:9e:4a:ed:c7:79:1f:2d:c4:
75:9e:bb:43:34:20:f0:23:f7:4a:d3:74:a9:0d:35:47:87:e7:
3a:c5:c8:ad:6c:98:43:d6:2d:dd:60:27:d6:0d:d6:8d:de:5b:
e8:0c:a7:e8:ce:9b:90:d3:50:72:51:d7:bb:31:7b:73:a1:17:
59:9f:84:e3:4e:0b:7b:91:65:2a:d8:bc:91:4a:36:b6:ec:cc:
2a:1b:3a:05:f3:e3:86:2b:fe:b9:f7:5b:9c:b1:e9:40:d4:88:
6d:8a:c3:a0:4b:fd:e0:8d:ca:58:13:b0:8f:da:35:56:d5:9b:
a2:e2:84:f7:79:48:38:cf:b2:b1:7a:f5:26:90:6e:c4:18:bb:
b1:b1:5c:1f:fe:69:55:c3:a8:ff:dd:f7:17:06:98:e5:a7:c6:
85:dd:fb:e4:45:bb:a8:98:b8:ce:6d:48:ea:d5:72:24:d9:9a:
56:cd:d6:80:8f:3b:45:a1:67:af:5b:b6:92:cd:dc:2a:1d:36:
12:80:1f:08:f6:dd:8f:71:a6:b9:33:b3:3b:df:58:8c:9f:c5:
8c:d6:af:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYN9Vy08I+V6KTqoFMewwDmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIwOTI3MDUwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2E2MDU1MmJjYmJkYzVjNzc4ZTNmYzkwYmM3ZTdjZWYxMzEzZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EXx+lvZsQutnWquOPGLEbNd5wi3
p2x7yeqfMBaQ2TCio1d9gooRAl5/fe6r5pHj3VCFPGIQqV2h+s79FqMqhY6aYyIr
yx3LkwpnUNTMPeP6QXDjDchz2tW9JtR6fQ4eOllJ4r4k3LWLb7631IySnP8vcBwx
QDiltwginqzLLnhsqLaDbQwPGpDmmeVP0qpiBvSleGxELEO+KgBAEr9oQXJQtJ5S
n1BWv4VPOa08Wjkh8MVweATgHIh1t/BZEhO+pDGRdjsMPu0HxNf7tfvOisv3jT1P
LObB01PmdJzqh/kTRYzbbpBqnapwLeq7Q7CqgppqrBMQfrHkB9Uyu0WVpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGymBVK8u9xcd44/yQvH587xMT9IMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYktZRlVyeTczRngzampfSkM4Zm56dkV4UDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvNbsAwQB
wSRUMA0GCSqGSIb3DQEBCwUAA4IBAQBcL5By1iav0SE1fCNeydeiU45lT1p9cmkS
v8Ffoj7FofIatE7M3hxbbNRCGEtbnkrtx3kfLcR1nrtDNCDwI/dK03SpDTVHh+c6
xcitbJhD1i3dYCfWDdaN3lvoDKfozpuQ01ByUde7MXtzoRdZn4TjTgt7kWUq2LyR
Sja27MwqGzoF8+OGK/6591ucselA1IhtisOgS/3gjcpYE7CP2jVW1Zui4oT3eUg4
z7KxevUmkG7EGLuxsVwf/mlVw6j/3fcXBpjlp8aF3fvkRbuomLjObUjq1XIk2ZpW
zdaAjztFoWevW7aSzdwqHTYSgB8I9t2Pcaa5M7M731iMn8WM1q+v
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org