Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/hy5dyJEAMA3Cll8I4uoraJoKeH4.roa
File: hy5dyJEAMA3Cll8I4uoraJoKeH4.roa (raw, json)
Hash identifier: H+AkpH6GTfkq5jnhfjwNrlFVHQbziPXbWhQzhoxb5Pg=
Subject key identifier: 87:2E:5D:C8:91:00:30:0D:C2:96:5F:08:E2:EA:2B:68:9A:0A:78:7E
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 013F38DB
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/hy5dyJEAMA3Cll8I4uoraJoKeH4.roa
Signing time: Thu 03 Feb 2022 14:39:39 +0000
ROA not before: Thu 03 Feb 2022 14:39:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209709
IP address blocks: 195.69.78.0/24 maxlen: 24
195.69.77.0/24 maxlen: 24
185.170.108.0/22 maxlen: 22
91.247.40.0/21 maxlen: 21
91.247.48.0/22 maxlen: 22
5.182.12.0/22 maxlen: 22
185.99.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20920539 (0x13f38db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Feb 3 14:39:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=872e5dc89100300dc2965f08e2ea2b689a0a787e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8c:7a:8c:62:0d:ce:b8:ac:20:ea:8b:48:a7:
4b:44:3d:4f:bf:9e:fa:5f:9a:98:54:5e:7c:b6:bc:
89:16:d9:c3:d3:e8:09:48:95:d5:7c:a5:2f:1e:19:
77:80:58:3a:bd:e8:b1:39:00:eb:2a:af:a3:94:44:
e8:b0:63:a2:4b:65:64:6b:ec:2e:d0:2d:66:49:02:
04:d4:bb:75:81:eb:b3:12:68:30:c9:94:61:c9:3e:
ef:5f:1f:00:68:2c:1a:7d:47:4d:2f:7e:d6:f8:b6:
49:07:c3:61:84:9f:44:d5:53:47:d6:49:77:20:4e:
a4:a7:f9:82:50:cf:a0:16:e0:65:ec:13:25:69:9b:
fb:fe:33:8d:e3:0a:c0:ee:41:33:9b:c8:1e:c4:98:
14:32:0f:8b:13:3d:1d:e5:e1:9e:f8:6b:cd:2b:99:
54:f0:74:14:03:26:fe:f4:62:3a:67:c9:92:90:5b:
0e:52:d1:fb:b7:34:6c:15:5d:0f:89:94:c1:7d:93:
02:a5:b5:ca:4f:34:8b:63:ed:79:9d:01:17:4a:cb:
32:42:84:8b:8d:24:f8:34:1c:0b:be:45:3e:bf:69:
19:fb:f5:82:21:d0:63:6a:e8:d4:9a:ea:a5:4f:8f:
15:1d:12:5e:5a:10:16:41:e0:cd:89:52:64:4e:8a:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2E:5D:C8:91:00:30:0D:C2:96:5F:08:E2:EA:2B:68:9A:0A:78:7E
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/hy5dyJEAMA3Cll8I4uoraJoKeH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.12.0/22
91.247.40.0-91.247.51.255
185.99.28.0/22
185.170.108.0/22
195.69.77.0-195.69.78.255
Signature Algorithm: sha256WithRSAEncryption
91:c0:6e:ff:e4:a5:8d:5f:5b:0d:8b:3c:22:ed:08:f9:a6:10:
79:50:7d:3d:a7:1b:94:9c:0a:34:a6:fa:22:12:72:02:1a:60:
be:e5:3b:e5:c8:99:ee:32:11:8a:7a:f2:e4:25:86:a5:32:17:
92:fa:de:89:ca:c6:56:01:db:27:f6:16:30:22:9e:71:b5:c2:
36:6f:44:3c:96:72:f6:7c:87:a0:8f:92:58:d4:1e:6d:69:b8:
00:1b:96:6b:ec:12:e4:cf:3d:72:78:7c:49:49:20:29:b9:c6:
bf:58:74:9c:ad:a5:3b:ed:fd:21:ba:13:9f:60:ad:d0:2d:1b:
16:90:43:62:04:53:86:38:e6:86:17:e3:c8:0d:46:41:f9:ca:
3b:f1:6c:a7:f0:cb:0d:f4:82:6f:73:5c:fb:95:af:78:42:f7:
5e:f4:8f:86:11:4f:cf:8b:60:72:ef:39:47:58:07:68:c9:27:
64:7e:77:4d:5b:1d:9e:df:e5:f4:be:9a:8c:f4:0d:94:70:02:
3b:b9:87:d9:c3:57:fa:50:01:13:89:1e:72:a5:cd:a7:ec:23:
3a:29:e3:c2:f7:60:13:50:b9:0e:ae:c9:24:e8:39:4c:80:84:
41:29:da:d4:f0:2d:43:46:8c:52:a2:da:7c:71:31:18:e2:ad:
55:34:83:03
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEAT842zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NWZiMzJkMjI2NmIxZjliY2U1N2NhYzk4YmMwMjQ3ZjJjOTE5N2YyMB4XDTIyMDIw
MzE0MzkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODcyZTVkYzg5MTAw
MzAwZGMyOTY1ZjA4ZTJlYTJiNjg5YTBhNzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOeMeoxiDc64rCDqi0inS0Q9T7+e+l+amFRefLa8iRbZw9Po
CUiV1XylLx4Zd4BYOr3osTkA6yqvo5RE6LBjoktlZGvsLtAtZkkCBNS7dYHrsxJo
MMmUYck+718fAGgsGn1HTS9+1vi2SQfDYYSfRNVTR9ZJdyBOpKf5glDPoBbgZewT
JWmb+/4zjeMKwO5BM5vIHsSYFDIPixM9HeXhnvhrzSuZVPB0FAMm/vRiOmfJkpBb
DlLR+7c0bBVdD4mUwX2TAqW1yk80i2PteZ0BF0rLMkKEi40k+DQcC75FPr9pGfv1
giHQY2ro1JrqpU+PFR0SXloQFkHgzYlSZE6KKUcCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBSHLl3IkQAwDcKWXwji6itomgp4fjAfBgNVHSMEGDAWgBT1+zLSJmsfm85X
ysmLwCR/LJGX8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzlmc3kwaVpySDV2T1Y4ckppOEFrZnl5UmxfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvZmI0MmVjLTEwYjQtNGRjZi1iZWYwLTJkMTQzZDdiODUzYy8x
L2h5NWR5SkVBTUEzQ2xsOEk0dW9yYUpvS2VINC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
ZmI0MmVjLTEwYjQtNGRjZi1iZWYwLTJkMTQzZDdiODUzYy8xLzlmc3kwaVpySDV2
T1Y4ckppOEFrZnl5UmxfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLgMEAgW2DDAMAwQDW/coAwQCW/cwAwQC
uWMcAwQCuapsMAwDBADDRU0DBADDRU4wDQYJKoZIhvcNAQELBQADggEBAJHAbv/k
pY1fWw2LPCLtCPmmEHlQfT2nG5ScCjSm+iIScgIaYL7lO+XIme4yEYp68uQlhqUy
F5L63onKxlYB2yf2FjAinnG1wjZvRDyWcvZ8h6CPkljUHm1puAAblmvsEuTPPXJ4
fElJICm5xr9YdJytpTvt/SG6E59grdAtGxaQQ2IEU4Y45oYX48gNRkH5yjvxbKfw
yw30gm9zXPuVr3hC9170j4YRT8+LYHLvOUdYB2jJJ2R+d01bHZ7f5fS+moz0DZRw
Aju5h9nDV/pQAROJHnKlzafsIzop48L3YBNQuQ6uySToOUyAhEEp2tTwLUNGjFKi
2nxxMRjirVU0gwM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:39 2023 by rpki-client on console-fra.rpki-client.org