Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/y5wev4wv_kO_fZi5725B2_lOCHs.roa
File: y5wev4wv_kO_fZi5725B2_lOCHs.roa (raw, json)
Hash identifier: 7YBzRJDmPNUHirRrZZ6450oesyr8hQRurw38AsxieUI=
Subject key identifier: CB:9C:1E:BF:8C:2F:FE:43:BF:7D:98:B9:EF:6E:41:DB:F9:4E:08:7B
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 17F79D4A
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/y5wev4wv_kO_fZi5725B2_lOCHs.roa
Signing time: Sat 01 Jan 2022 09:54:33 +0000
ROA not before: Sat 01 Jan 2022 09:54:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1853
IP address blocks: 193.170.0.0/15 maxlen: 15
78.104.0.0/16 maxlen: 16
193.171.1.0/24 maxlen: 24
185.154.40.0/22 maxlen: 22
2001:628::/29 maxlen: 29
2001:67c:1864::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402103626 (0x17f79d4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 1 09:54:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb9c1ebf8c2ffe43bf7d98b9ef6e41dbf94e087b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:3b:c3:e3:fa:b1:0e:9e:e4:b7:77:69:5e:
f7:72:82:1a:2f:b9:89:c5:05:76:60:0f:ad:42:60:
92:2a:24:55:21:47:43:4a:48:8a:50:3a:a1:fc:6b:
94:78:ff:81:ef:19:91:b4:e7:46:6c:44:c1:0c:89:
e6:0a:d4:cb:7b:7a:f5:7b:c7:8f:fe:f0:e9:08:ce:
57:59:e0:be:3c:b3:51:28:15:54:de:ec:09:f1:6b:
fa:61:d2:44:c3:7f:96:e7:34:e3:9c:ba:b7:02:7d:
0d:f8:01:2c:30:e9:be:b0:ed:ee:c0:34:18:b3:59:
4f:57:5e:19:c3:d3:9c:87:63:bc:ec:0a:04:2c:c0:
96:e6:f2:c4:cb:7a:7a:b8:60:9c:77:59:e0:91:c1:
fb:7c:01:5e:fe:48:ac:ee:0a:90:89:ed:d8:8e:d8:
43:6f:dd:8c:99:37:a1:12:7d:24:3d:90:cd:67:92:
4d:93:37:22:66:cd:ed:1b:61:68:d7:a5:92:f3:57:
61:04:0b:88:2d:78:bf:04:6a:b8:92:ae:9b:a0:62:
39:6e:2f:87:33:e2:cf:a2:fe:68:13:1e:6f:09:7a:
80:24:68:05:05:97:9d:7b:b9:cb:e1:4b:4b:df:2a:
c5:4b:a9:2c:52:b1:07:d3:eb:45:c0:c3:5a:20:57:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9C:1E:BF:8C:2F:FE:43:BF:7D:98:B9:EF:6E:41:DB:F9:4E:08:7B
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/y5wev4wv_kO_fZi5725B2_lOCHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.104.0.0/16
185.154.40.0/22
193.170.0.0/15
IPv6:
2001:628::/29
2001:67c:1864::/48
Signature Algorithm: sha256WithRSAEncryption
d2:33:c9:5c:61:07:8e:4e:f0:25:94:fe:fb:41:67:90:0c:8c:
76:4c:34:88:9d:20:99:8c:64:7e:b1:1b:7c:33:45:34:4f:90:
4d:88:2d:08:aa:97:49:83:6c:90:76:04:1a:65:78:12:e0:e6:
41:79:27:5a:9b:f8:15:85:3d:ac:1b:34:26:cb:bd:62:76:fa:
67:c8:e8:70:62:b5:2a:d2:de:3a:7b:8d:90:7f:1c:ed:64:91:
6b:62:8c:d4:71:57:9b:e6:09:9a:79:bb:b0:61:38:3e:6e:18:
af:ec:e3:aa:38:14:8a:06:70:e4:c0:40:b2:9d:1a:fb:30:2c:
66:f9:49:83:7f:77:80:2b:af:c0:87:db:44:cc:0b:58:9e:53:
26:34:9d:9a:8f:c2:1a:7c:b1:d0:85:70:7f:0f:60:a5:54:1a:
e2:73:29:8d:5b:83:48:30:2d:53:dd:1d:e7:43:65:07:24:38:
ef:12:38:cf:45:26:51:56:d2:9e:0c:e2:23:e3:05:32:88:bf:
e8:3b:16:5b:e3:f8:47:37:f6:b1:68:7a:fe:f2:24:83:5a:10:
c3:3a:57:af:6c:75:d7:c0:79:91:c2:5b:78:b9:45:4a:b3:7c:
c5:cc:8f:6c:f2:5a:cb:6c:ed:c3:d9:a1:4b:1c:7d:e0:b4:f3:
df:90:4b:38
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEF/edSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2Q4NDQ4YzVjYjkwMzk4ZTRjMjg1Y2VjOWMwZjQ3NjZhYzkzMWRmMB4XDTIyMDEw
MTA5NTQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I5YzFlYmY4YzJm
ZmU0M2JmN2Q5OGI5ZWY2ZTQxZGJmOTRlMDg3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKU4O8Pj+rEOnuS3d2le93KCGi+5icUFdmAPrUJgkiokVSFH
Q0pIilA6ofxrlHj/ge8ZkbTnRmxEwQyJ5grUy3t69XvHj/7w6QjOV1ngvjyzUSgV
VN7sCfFr+mHSRMN/luc045y6twJ9DfgBLDDpvrDt7sA0GLNZT1deGcPTnIdjvOwK
BCzAlubyxMt6erhgnHdZ4JHB+3wBXv5IrO4KkInt2I7YQ2/djJk3oRJ9JD2QzWeS
TZM3ImbN7RthaNelkvNXYQQLiC14vwRquJKum6BiOW4vhzPiz6L+aBMebwl6gCRo
BQWXnXu5y+FLS98qxUupLFKxB9PrRcDDWiBXmAMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTLnB6/jC/+Q799mLnvbkHb+U4IezAfBgNVHSMEGDAWgBQj2ESMXLkDmOTC
hc7JwPR2askx3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k5aEVqRnk1QTVqa3dvWE95Y0QwZG1ySk1kOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvZjRhODBkLWY1ZjctNDUyMi1iOWI1LWY3NzJhMDEzOTAxNi8x
L3k1d2V2NHd2X2tPX2ZaaTU3MjVCMl9sT0NIcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
ZjRhODBkLWY1ZjctNDUyMi1iOWI1LWY3NzJhMDEzOTAxNi8xL0k5aEVqRnk1QTVq
a3dvWE95Y0QwZG1ySk1kOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwFgQCAAEwEAMDAE5oAwQCuZooAwMBwaowFgQCAAIw
EAMFAyABBigDBwAgAQZ8GGQwDQYJKoZIhvcNAQELBQADggEBANIzyVxhB45O8CWU
/vtBZ5AMjHZMNIidIJmMZH6xG3wzRTRPkE2ILQiql0mDbJB2BBpleBLg5kF5J1qb
+BWFPawbNCbLvWJ2+mfI6HBitSrS3jp7jZB/HO1kkWtijNRxV5vmCZp5u7BhOD5u
GK/s46o4FIoGcOTAQLKdGvswLGb5SYN/d4Arr8CH20TMC1ieUyY0nZqPwhp8sdCF
cH8PYKVUGuJzKY1bg0gwLVPdHedDZQckOO8SOM9FJlFW0p4M4iPjBTKIv+g7Flvj
+Ec39rFoev7yJINaEMM6V69sddfAeZHCW3i5RUqzfMXMj2zyWsts7cPZoUscfeC0
89+QSzg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:52 2023 by rpki-client on console-fra.rpki-client.org