Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/9fqRJbwCS3Yjv_smWvF_PYxRFfU.roa
File: 9fqRJbwCS3Yjv_smWvF_PYxRFfU.roa (raw, json)
Hash identifier: yplbnUMtdN34yEcAQRL5UNTITRnGZ+TjYoiHVqiw0aM=
Subject key identifier: F5:FA:91:25:BC:02:4B:76:23:BF:FB:26:5A:F1:7F:3D:8C:51:15:F5
Certificate issuer: /CN=627b305ba1babef4bfec68581e4039d41b5f71f2
Certificate serial: 0234E5
Authority key identifier: 62:7B:30:5B:A1:BA:BE:F4:BF:EC:68:58:1E:40:39:D4:1B:5F:71:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YnswW6G6vvS_7GhYHkA51BtfcfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/9fqRJbwCS3Yjv_smWvF_PYxRFfU.roa
Signing time: Mon 11 Apr 2022 22:07:59 +0000
ROA not before: Mon 11 Apr 2022 22:07:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8224
IP address blocks: 195.72.192.0/19 maxlen: 19
159.253.96.0/21 maxlen: 21
185.79.52.0/22 maxlen: 22
2a01:2d8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144613 (0x234e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=627b305ba1babef4bfec68581e4039d41b5f71f2
Validity
Not Before: Apr 11 22:07:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5fa9125bc024b7623bffb265af17f3d8c5115f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:95:48:11:b2:64:db:9b:5d:b3:93:43:9a:42:
2e:b0:e4:53:80:39:a2:4e:84:13:39:8c:be:ab:09:
ef:5e:fd:f3:0a:9e:c3:b8:32:14:99:8e:5e:b4:33:
b0:36:4f:b0:2f:38:b0:fd:e9:a6:f2:37:4b:18:23:
58:f6:e5:be:39:75:5f:21:42:67:c7:d8:0f:62:65:
69:17:88:61:73:13:c2:e3:e6:be:ed:a0:c0:af:54:
28:2e:c2:ff:a6:b2:6a:54:05:5a:0d:ea:32:9b:76:
2c:ef:23:4e:de:e6:8e:a7:b5:b8:43:33:62:58:7a:
c9:05:3f:9e:08:8a:4e:a9:0a:1e:60:35:ed:25:cc:
16:3d:c0:03:49:ae:5b:9f:8d:12:7b:7b:4b:8a:a1:
2c:f9:1e:e0:f1:61:35:19:37:cc:15:25:43:de:bf:
20:a5:25:9b:85:5a:39:c7:b8:21:a5:2c:17:71:69:
c7:78:e8:54:8d:fb:0b:c3:4f:09:26:fa:73:03:1e:
10:0c:92:bf:9c:2e:3a:39:f4:b5:c8:92:7e:3c:a3:
29:7d:84:1c:2a:e2:b0:91:b8:5f:a4:f0:27:62:25:
ea:9f:7e:47:43:5d:02:60:d5:d5:c0:49:ca:c1:7d:
ff:a1:1c:55:a8:13:75:e0:5f:51:23:01:1e:71:b2:
71:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FA:91:25:BC:02:4B:76:23:BF:FB:26:5A:F1:7F:3D:8C:51:15:F5
X509v3 Authority Key Identifier:
keyid:62:7B:30:5B:A1:BA:BE:F4:BF:EC:68:58:1E:40:39:D4:1B:5F:71:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YnswW6G6vvS_7GhYHkA51BtfcfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/9fqRJbwCS3Yjv_smWvF_PYxRFfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/YnswW6G6vvS_7GhYHkA51BtfcfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.96.0/21
185.79.52.0/22
195.72.192.0/19
IPv6:
2a01:2d8::/29
Signature Algorithm: sha256WithRSAEncryption
72:f0:38:bc:e8:0e:c8:1d:0b:39:9a:83:e4:28:f0:2f:43:a4:
ba:cc:d0:f3:2f:58:32:95:8d:ca:01:9e:1d:65:43:9f:3b:8c:
7c:cb:16:27:0a:28:13:6f:f6:fb:f5:73:76:1e:d3:40:24:48:
e4:ad:05:4f:f9:3a:77:5b:47:55:b0:b0:50:92:18:ea:ed:da:
56:f5:a7:0a:19:10:80:c1:60:9c:1f:b7:8c:cc:b9:02:c1:75:
41:d2:39:7f:05:6a:2d:1c:9c:96:0e:e7:e9:0a:58:2d:be:5a:
3f:55:5c:89:f3:ca:78:22:09:c7:9c:97:84:14:a4:57:ad:15:
85:7d:73:66:1c:09:d2:de:0f:85:fc:7a:6f:37:55:22:31:40:
8e:f7:22:9a:3c:e0:13:ea:10:ff:ad:3c:26:d9:4b:b8:cb:42:
ea:b9:31:9a:30:87:37:c0:21:12:85:34:44:30:df:b8:2b:db:
ae:1a:ff:7c:6d:1e:ae:1c:f6:3b:c1:ba:78:71:d0:e4:a4:71:
2c:bb:f4:e5:ea:ed:4e:a8:d0:84:f4:ae:55:cd:0d:c6:a4:38:
73:b3:8a:7a:8f:d3:48:bd:81:af:1b:1f:03:d5:cb:f3:56:53:
d5:0a:e3:d6:11:38:46:fc:c0:56:4d:e9:46:82:0e:ba:0f:7d:
47:d1:d3:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDAjTlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYy
N2IzMDViYTFiYWJlZjRiZmVjNjg1ODFlNDAzOWQ0MWI1ZjcxZjIwHhcNMjIwNDEx
MjIwNzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmNWZhOTEyNWJjMDI0
Yjc2MjNiZmZiMjY1YWYxN2YzZDhjNTExNWY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1ZVIEbJk25tds5NDmkIusORTgDmiToQTOYy+qwnvXv3zCp7D
uDIUmY5etDOwNk+wLziw/emm8jdLGCNY9uW+OXVfIUJnx9gPYmVpF4hhcxPC4+a+
7aDAr1QoLsL/prJqVAVaDeoym3Ys7yNO3uaOp7W4QzNiWHrJBT+eCIpOqQoeYDXt
JcwWPcADSa5bn40Se3tLiqEs+R7g8WE1GTfMFSVD3r8gpSWbhVo5x7ghpSwXcWnH
eOhUjfsLw08JJvpzAx4QDJK/nC46OfS1yJJ+PKMpfYQcKuKwkbhfpPAnYiXqn35H
Q10CYNXVwEnKwX3/oRxVqBN14F9RIwEecbJx9QIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFPX6kSW8Akt2I7/7Jlrxfz2MURX1MB8GA1UdIwQYMBaAFGJ7MFuhur70v+xo
WB5AOdQbX3HyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WW5zd1c2RzZ2dlNfN0doWUhrQTUxQnRmY2ZJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Yi8wNjAyZDQtNTVhNS00ZjQ5LThjZmUtYmVlN2ExODM5NzEwLzEv
OWZxUkpid0NTM1lqdl9zbVd2Rl9QWXhSRmZVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8w
NjAyZDQtNTVhNS00ZjQ5LThjZmUtYmVlN2ExODM5NzEwLzEvWW5zd1c2RzZ2dlNf
N0doWUhrQTUxQnRmY2ZJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDn/1gAwQCuU80AwQFw0jAMA0EAgAC
MAcDBQMqAQLYMA0GCSqGSIb3DQEBCwUAA4IBAQBy8Di86A7IHQs5moPkKPAvQ6S6
zNDzL1gylY3KAZ4dZUOfO4x8yxYnCigTb/b79XN2HtNAJEjkrQVP+Tp3W0dVsLBQ
khjq7dpW9acKGRCAwWCcH7eMzLkCwXVB0jl/BWotHJyWDufpClgtvlo/VVyJ88p4
IgnHnJeEFKRXrRWFfXNmHAnS3g+F/HpvN1UiMUCO9yKaPOAT6hD/rTwm2Uu4y0Lq
uTGaMIc3wCEShTREMN+4K9uuGv98bR6uHPY7wbp4cdDkpHEsu/Tl6u1OqNCE9K5V
zQ3GpDhzs4p6j9NIvYGvGx8D1cvzVlPVCuPWEThG/MBWTelGgg66D31H0dNM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:19 2023 by rpki-client on console-fra.rpki-client.org