Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/KyTUVH833h3d9CQDNza-7Faf29U.roa
File: KyTUVH833h3d9CQDNza-7Faf29U.roa (raw, json)
Hash identifier: mtAW+cyN/SeY5XN3whv9+79g37hTwgT+KhMHHQZk8dw=
Subject key identifier: 2B:24:D4:54:7F:37:DE:1D:DD:F4:24:03:37:36:BE:EC:56:9F:DB:D5
Certificate issuer: /CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Certificate serial: 50AE93
Authority key identifier: B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/KyTUVH833h3d9CQDNza-7Faf29U.roa
Signing time: Sat 01 Jan 2022 00:58:15 +0000
ROA not before: Sat 01 Jan 2022 00:58:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12998
IP address blocks: 5.183.200.0/22 maxlen: 24
195.3.156.0/22 maxlen: 24
193.227.206.0/23 maxlen: 24
91.196.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5287571 (0x50ae93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Validity
Not Before: Jan 1 00:58:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b24d4547f37de1dddf424033736beec569fdbd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e9:97:62:1c:2a:4f:19:42:c1:c6:c3:f8:00:
89:41:32:f9:07:71:ed:a8:f1:6c:69:86:d0:b9:d2:
56:be:cd:4d:4f:c0:d3:a6:3d:a4:62:0a:61:a7:ec:
a0:09:69:84:e7:22:53:ff:26:29:e8:a7:ba:ac:31:
b2:c6:c9:f0:07:49:0a:59:d8:06:42:68:41:c1:20:
eb:98:60:f4:69:ed:b3:f5:1a:80:26:1d:81:8b:a0:
b9:53:73:00:a7:57:de:af:0c:ec:d0:9e:6e:e6:13:
50:e8:ad:8c:bf:da:82:33:79:3d:00:5f:87:4b:f7:
26:6b:3c:f3:fb:ad:a1:82:a3:19:81:93:67:0a:ec:
bf:79:ea:fe:d5:f6:a6:8a:5c:38:b7:28:61:2f:65:
78:83:83:f6:0f:71:10:f5:ee:f2:79:79:f8:a1:78:
a9:e3:82:da:00:09:ba:47:f0:c9:8b:1c:16:e8:ce:
00:49:6c:43:6f:48:eb:8f:2a:b4:62:b5:89:37:70:
9a:2f:49:a2:c4:8c:19:2e:c0:fe:ab:21:5f:ce:9a:
3e:2d:85:7e:90:dd:56:4a:04:c0:71:53:ed:50:27:
8b:cd:00:3b:bc:24:b1:68:b1:7d:32:37:94:d2:03:
0b:f1:18:bf:7d:1b:53:10:68:98:0d:95:24:6a:10:
26:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:24:D4:54:7F:37:DE:1D:DD:F4:24:03:37:36:BE:EC:56:9F:DB:D5
X509v3 Authority Key Identifier:
keyid:B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/KyTUVH833h3d9CQDNza-7Faf29U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/tQALgentSypwKh71-FLg52nuEOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.200.0/22
91.196.100.0/22
193.227.206.0/23
195.3.156.0/22
Signature Algorithm: sha256WithRSAEncryption
84:a9:5c:6c:a5:fb:0f:21:0b:ac:10:a5:98:ce:ea:c7:a6:3c:
da:c8:97:4d:f0:7a:42:83:da:40:fb:e7:05:e3:99:0e:f9:ce:
07:f7:f8:7a:98:bf:2b:63:d3:0c:94:92:4d:1c:60:70:51:3e:
12:33:03:2f:d2:7c:f2:e7:64:2d:0f:27:02:67:68:74:4c:23:
dc:dc:16:ab:62:c2:5f:dc:10:92:f3:47:7e:19:e7:b7:09:9f:
d8:88:99:f1:55:8f:60:dd:8d:f1:c7:ca:97:93:ff:69:e0:e6:
89:a6:a5:9c:bc:67:a6:ab:42:9c:d8:a9:06:a8:94:6e:3a:1b:
a5:7d:e4:b5:73:8e:d7:cd:59:b5:23:be:58:18:90:d9:c2:79:
74:34:0c:04:2c:a0:07:2d:bb:6e:5f:94:a0:ba:be:f8:4c:87:
79:77:2f:82:27:f0:0e:65:7a:9e:78:b4:61:e6:59:82:70:9c:
aa:b5:58:fa:0e:77:5a:7e:80:c3:d9:08:09:a1:58:99:f2:c3:
02:29:ee:43:dd:ad:55:e5:08:12:8a:97:fd:37:26:58:01:77:
2a:a7:1f:74:1a:92:87:7d:48:86:39:96:6a:8e:85:84:70:61:
1d:6d:a8:12:74:24:07:6c:2e:79:c1:cc:f5:66:82:a2:d9:97:
cb:4f:33:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDUK6TMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI1
MDAwYjgxZTllZDRiMmE3MDJhMWVmNWY4NTJlMGU3NjllZTEwZTIwHhcNMjIwMTAx
MDA1ODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyYjI0ZDQ1NDdmMzdk
ZTFkZGRmNDI0MDMzNzM2YmVlYzU2OWZkYmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs+mXYhwqTxlCwcbD+ACJQTL5B3HtqPFsaYbQudJWvs1NT8DT
pj2kYgphp+ygCWmE5yJT/yYp6Ke6rDGyxsnwB0kKWdgGQmhBwSDrmGD0ae2z9RqA
Jh2Bi6C5U3MAp1ferwzs0J5u5hNQ6K2Mv9qCM3k9AF+HS/cmazzz+62hgqMZgZNn
Cuy/eer+1familw4tyhhL2V4g4P2D3EQ9e7yeXn4oXip44LaAAm6R/DJixwW6M4A
SWxDb0jrjyq0YrWJN3CaL0mixIwZLsD+qyFfzpo+LYV+kN1WSgTAcVPtUCeLzQA7
vCSxaLF9MjeU0gML8Ri/fRtTEGiYDZUkahAmKwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFCsk1FR/N94d3fQkAzc2vuxWn9vVMB8GA1UdIwQYMBaAFLUAC4Hp7UsqcCoe
9fhS4Odp7hDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dFFBTGdlbnRTeXB3S2g3MS1GTGc1Mm51RU9JLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85MS8wZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYtZDQxZTAzNTkyMzM1LzEv
S3lUVVZIODMzaDNkOUNRRE56YS03RmFmMjlVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8w
ZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYtZDQxZTAzNTkyMzM1LzEvdFFBTGdlbnRTeXB3
S2g3MS1GTGc1Mm51RU9JLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbfIAwQCW8RkAwQBwePOAwQCwwOc
MA0GCSqGSIb3DQEBCwUAA4IBAQCEqVxspfsPIQusEKWYzurHpjzayJdN8HpCg9pA
++cF45kO+c4H9/h6mL8rY9MMlJJNHGBwUT4SMwMv0nzy52QtDycCZ2h0TCPc3Bar
YsJf3BCS80d+Gee3CZ/YiJnxVY9g3Y3xx8qXk/9p4OaJpqWcvGemq0Kc2KkGqJRu
OhulfeS1c47XzVm1I75YGJDZwnl0NAwELKAHLbtuX5Sgur74TId5dy+CJ/AOZXqe
eLRh5lmCcJyqtVj6DndafoDD2QgJoViZ8sMCKe5D3a1V5QgSipf9NyZYAXcqpx90
GpKHfUiGOZZqjoWEcGEdbagSdCQHbC55wcz1ZoKi2ZfLTzPJ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:15 2023 by rpki-client on console-ams.rpki-client.org