Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/ynlQciA61rTkyHLWGCHQM0Xu0hc.roa
File: ynlQciA61rTkyHLWGCHQM0Xu0hc.roa (raw, json)
Hash identifier: Crd/SGskH/IEDnQrY8G/m+Xcs3X1F4Zd/mMDGGEgpoQ=
Subject key identifier: CA:79:50:72:20:3A:D6:B4:E4:C8:72:D6:18:21:D0:33:45:EE:D2:17
Certificate issuer: /CN=fccca62cbe743328555483a857e521863f953b41
Certificate serial: 35F8C91D
Authority key identifier: FC:CC:A6:2C:BE:74:33:28:55:54:83:A8:57:E5:21:86:3F:95:3B:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_MymLL50MyhVVIOoV-Uhhj-VO0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/ynlQciA61rTkyHLWGCHQM0Xu0hc.roa
Signing time: Mon 04 Jul 2022 18:14:25 +0000
ROA not before: Mon 04 Jul 2022 18:14:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39232
IP address blocks: 5.134.50.0/23 maxlen: 23
5.134.48.0/21 maxlen: 21
5.134.48.0/22 maxlen: 22
5.134.48.0/23 maxlen: 23
5.134.48.0/20 maxlen: 20
5.134.56.0/21 maxlen: 21
5.134.56.0/22 maxlen: 22
5.134.56.0/23 maxlen: 23
5.134.54.0/23 maxlen: 23
5.134.52.0/23 maxlen: 23
5.134.52.0/22 maxlen: 22
5.134.58.0/23 maxlen: 23
5.134.62.0/23 maxlen: 23
5.134.60.0/23 maxlen: 23
5.134.60.0/22 maxlen: 22
185.40.156.0/22 maxlen: 22
185.40.156.0/23 maxlen: 23
185.40.158.0/23 maxlen: 23
188.227.208.0/21 maxlen: 21
188.227.208.0/20 maxlen: 20
188.227.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 905496861 (0x35f8c91d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fccca62cbe743328555483a857e521863f953b41
Validity
Not Before: Jul 4 18:14:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca795072203ad6b4e4c872d61821d03345eed217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:3e:54:f5:82:28:81:e2:ef:44:36:af:52:51:
e0:06:da:8a:a1:fa:5c:04:5f:fc:7b:32:2e:62:b9:
f9:cd:be:2f:8a:73:06:d3:13:a6:25:9d:db:84:9d:
bf:04:bd:a8:37:2a:ac:bb:7c:dd:74:f5:49:12:4c:
f8:77:e5:bd:50:9c:85:41:36:17:c8:dd:f9:91:85:
cd:a7:21:8e:a0:d0:5d:1e:3f:03:2d:d0:c5:49:58:
a8:b1:be:b6:3c:3e:ad:9c:7c:ff:aa:ea:60:ac:1e:
6a:58:98:10:42:e4:3c:9b:53:fe:19:3d:73:50:ec:
76:06:16:56:40:07:43:ff:3c:d4:97:7f:e1:26:3f:
00:b6:86:8f:b7:b6:5e:b0:57:ed:bc:cb:f5:80:99:
9c:e8:e4:12:ee:c9:4d:c1:bb:b0:1e:02:08:65:17:
3a:09:3e:d0:1f:a4:01:38:f4:e8:14:8c:53:67:b1:
70:6c:6d:6e:71:1b:cd:e2:51:da:e1:e5:f9:2b:82:
14:43:f0:bc:a1:e3:ba:55:be:cf:ca:16:16:96:0c:
8d:8d:69:db:43:9c:32:4d:d0:9d:8a:d4:2f:a8:3a:
6c:de:0a:cf:10:7a:ba:64:47:db:7c:e4:49:af:93:
57:65:7b:90:59:a8:ea:bf:69:7b:f4:41:7a:32:a4:
3e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:79:50:72:20:3A:D6:B4:E4:C8:72:D6:18:21:D0:33:45:EE:D2:17
X509v3 Authority Key Identifier:
keyid:FC:CC:A6:2C:BE:74:33:28:55:54:83:A8:57:E5:21:86:3F:95:3B:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_MymLL50MyhVVIOoV-Uhhj-VO0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/ynlQciA61rTkyHLWGCHQM0Xu0hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d2e43d-1faa-40b3-b012-ee64c6e71bfb/1/_MymLL50MyhVVIOoV-Uhhj-VO0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.48.0/20
185.40.156.0/22
188.227.208.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:8d:36:11:75:f7:3c:a8:ef:2f:95:dd:9c:6c:37:03:8d:2a:
c9:f1:fa:b1:f0:06:97:74:d3:d4:2a:19:2b:1b:7b:e5:47:e3:
fd:49:34:bd:6e:fa:b1:7f:34:ce:4c:27:be:2b:40:4f:81:6c:
42:1c:5c:60:b9:29:f3:e9:4d:0d:e2:b6:08:6a:10:03:a6:7b:
78:73:72:56:8c:bf:03:12:c6:b4:e7:78:ef:2a:64:50:4f:b1:
7b:df:ff:4e:ee:3b:51:3c:fd:20:9c:c5:3e:06:9d:7c:a8:a7:
33:51:f3:aa:fc:90:04:02:5c:91:2c:c4:e7:1d:34:72:2b:69:
2c:c1:92:1c:5a:8e:04:85:90:fe:4f:a0:73:5e:6e:61:3f:ff:
14:4e:36:d3:27:7a:10:d0:d2:3c:66:9d:16:69:9e:2b:5c:5a:
93:27:89:ff:ae:5e:e0:3b:82:74:ed:9f:f6:4a:6d:b2:a4:e2:
2d:30:02:c6:04:f8:be:4a:14:01:47:eb:48:5e:9d:99:6a:82:
9e:cd:4b:5c:f7:ad:b0:7f:2f:11:f9:82:8e:9c:53:43:42:68:
96:d3:bc:80:2a:bd:93:12:88:67:07:41:53:e0:7f:33:25:94:
02:6d:27:8e:cf:81:0a:a7:97:9f:06:3c:77:8d:a1:07:91:22:
90:6f:2f:c2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENfjJHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Y2NjYTYyY2JlNzQzMzI4NTU1NDgzYTg1N2U1MjE4NjNmOTUzYjQxMB4XDTIyMDcw
NDE4MTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E3OTUwNzIyMDNh
ZDZiNGU0Yzg3MmQ2MTgyMWQwMzM0NWVlZDIxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPY+VPWCKIHi70Q2r1JR4AbaiqH6XARf/HsyLmK5+c2+L4pz
BtMTpiWd24SdvwS9qDcqrLt83XT1SRJM+HflvVCchUE2F8jd+ZGFzachjqDQXR4/
Ay3QxUlYqLG+tjw+rZx8/6rqYKwealiYEELkPJtT/hk9c1DsdgYWVkAHQ/881Jd/
4SY/ALaGj7e2XrBX7bzL9YCZnOjkEu7JTcG7sB4CCGUXOgk+0B+kATj06BSMU2ex
cGxtbnEbzeJR2uHl+SuCFEPwvKHjulW+z8oWFpYMjY1p20OcMk3QnYrUL6g6bN4K
zxB6umRH23zkSa+TV2V7kFmo6r9pe/RBejKkPt0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTKeVByIDrWtOTIctYYIdAzRe7SFzAfBgNVHSMEGDAWgBT8zKYsvnQzKFVU
g6hX5SGGP5U7QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19NeW1MTDUwTXloVlZJT29WLVVoaGotVk8wRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvZDJlNDNkLTFmYWEtNDBiMy1iMDEyLWVlNjRjNmU3MWJmYi8x
L3lubFFjaUE2MXJUa3lITFdHQ0hRTTBYdTBoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
ZDJlNDNkLTFmYWEtNDBiMy1iMDEyLWVlNjRjNmU3MWJmYi8xL19NeW1MTDUwTXlo
VlZJT29WLVVoaGotVk8wRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBAWGMAMEArkonAMEBLzj0DANBgkq
hkiG9w0BAQsFAAOCAQEAno02EXX3PKjvL5XdnGw3A40qyfH6sfAGl3TT1CoZKxt7
5Ufj/Uk0vW76sX80zkwnvitAT4FsQhxcYLkp8+lNDeK2CGoQA6Z7eHNyVoy/AxLG
tOd47ypkUE+xe9//Tu47UTz9IJzFPgadfKinM1HzqvyQBAJckSzE5x00citpLMGS
HFqOBIWQ/k+gc15uYT//FE420yd6ENDSPGadFmmeK1xakyeJ/65e4DuCdO2f9kpt
sqTiLTACxgT4vkoUAUfrSF6dmWqCns1LXPetsH8vEfmCjpxTQ0JoltO8gCq9kxKI
ZwdBU+B/MyWUAm0njs+BCqeXnwY8d42hB5EikG8vwg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:26 2023 by rpki-client on console-fra.rpki-client.org