Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/Y2hw569gWE5lba6GEMOgIoBFRis.roa
File: Y2hw569gWE5lba6GEMOgIoBFRis.roa (raw, json)
Hash identifier: d296Dbsm4Wr7/LOj+mgzxRZ3MSWCKah6gdSx+PDwXbY=
Subject key identifier: 63:68:70:E7:AF:60:58:4E:65:6D:AE:86:10:C3:A0:22:80:45:46:2B
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 01837FDF5FE493789BD7EE4F96730CF8C87E
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/Y2hw569gWE5lba6GEMOgIoBFRis.roa
Signing time: Tue 27 Sep 2022 16:54:48 +0000
ROA not before: Tue 27 Sep 2022 16:54:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49801
IP address blocks: 78.111.5.0/24 maxlen: 24
87.247.168.0/21 maxlen: 21
87.247.172.0/23 maxlen: 23
87.247.173.0/24 maxlen: 24
2a10:a440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:df:5f:e4:93:78:9b:d7:ee:4f:96:73:0c:f8:c8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Sep 27 16:54:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=636870e7af60584e656dae8610c3a0228045462b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d6:31:f3:7e:ef:92:6f:c2:5f:94:4d:02:31:
d0:6c:b8:44:48:1e:8f:c6:a7:e2:28:83:b4:41:a2:
40:a5:06:e4:e5:e6:c8:eb:36:be:b8:c5:cc:eb:d4:
5b:55:9e:12:bd:8e:9d:6b:18:b3:99:18:7d:a8:16:
4a:d1:fc:cd:77:56:77:20:bf:1c:1d:2f:e1:41:fd:
43:30:62:f2:04:75:9d:7f:2e:73:2e:96:ed:44:c5:
21:6a:72:90:2c:84:e2:b7:d7:df:52:6a:54:aa:a5:
93:d1:30:a7:9a:d2:cc:8a:7a:9c:60:22:4b:34:c4:
d9:d3:2a:d7:e2:f7:a9:37:6b:6e:19:42:85:77:1f:
41:ff:25:13:be:a3:c7:83:e9:ae:86:bb:67:e8:36:
74:55:fc:83:9d:b8:c9:d9:79:4a:f3:cb:a1:22:6d:
20:04:a7:93:20:74:94:1d:97:c9:14:71:17:5f:93:
f9:5e:4f:ab:a1:3b:b1:9b:96:d3:1b:08:a8:67:fd:
66:71:b2:36:b2:e2:bc:48:17:c8:bd:75:65:a6:50:
cd:39:65:73:fa:3b:f1:ff:c0:c4:65:85:66:a4:6f:
28:b7:12:28:96:d5:de:d4:a2:94:9f:0d:d8:f5:88:
87:9b:c5:c9:0c:09:85:45:1d:8a:1e:a7:af:2a:1b:
09:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:68:70:E7:AF:60:58:4E:65:6D:AE:86:10:C3:A0:22:80:45:46:2B
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/Y2hw569gWE5lba6GEMOgIoBFRis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.5.0/24
87.247.168.0/21
IPv6:
2a10:a440::/29
Signature Algorithm: sha256WithRSAEncryption
8d:0f:c8:dc:50:76:73:04:8a:32:c7:bd:c3:32:12:c9:cd:c1:
49:00:90:af:fb:a9:ad:08:75:61:89:58:2e:36:36:14:01:65:
34:71:a7:75:c0:86:f5:b8:a2:f9:b3:53:4b:5c:21:16:bc:9d:
f2:8c:9d:6a:d1:0a:2b:86:8e:1a:22:7b:af:6a:86:50:7e:77:
ca:1b:82:09:69:c1:eb:f5:d7:2a:8b:8b:14:0a:0f:c6:fb:10:
b6:55:d4:c7:da:c6:46:06:f6:aa:8d:3e:89:5f:85:ac:ee:14:
7e:aa:32:1f:54:bc:a7:b8:72:e4:68:f7:23:61:16:25:3d:6f:
06:c9:a5:d2:01:29:9a:3b:43:b5:e3:6d:53:22:2a:8d:27:1a:
cb:96:76:35:85:6b:78:ba:e2:39:14:49:b4:b7:01:06:a0:25:
75:c2:38:76:38:81:ae:62:e3:d9:ff:bc:9e:c2:33:cf:98:db:
3d:bf:c8:7c:cc:fd:df:e0:37:c7:25:a1:42:b9:f0:93:67:98:
7c:22:ac:e9:a8:ad:4e:0b:ab:95:d8:bf:68:4b:19:39:61:1e:
ae:54:a5:28:e8:c1:a9:bc:07:49:04:b5:ba:79:7f:d8:e7:d2:
ce:ba:15:d2:de:35:f5:6a:aa:b5:28:44:b6:da:30:53:87:86:
9b:a0:af:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYN/31/kk3ib1+5PlnMM+Mh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjIwOTI3MTY1NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY4NzBlN2FmNjA1ODRlNjU2ZGFlODYxMGMzYTAyMjgwNDU0NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NYx837vkm/CX5RNAjHQbLhESB6P
xqfiKIO0QaJApQbk5ebI6za+uMXM69RbVZ4SvY6daxizmRh9qBZK0fzNd1Z3IL8c
HS/hQf1DMGLyBHWdfy5zLpbtRMUhanKQLITit9ffUmpUqqWT0TCnmtLMinqcYCJL
NMTZ0yrX4vepN2tuGUKFdx9B/yUTvqPHg+muhrtn6DZ0VfyDnbjJ2XlK88uhIm0g
BKeTIHSUHZfJFHEXX5P5Xk+roTuxm5bTGwioZ/1mcbI2suK8SBfIvXVlplDNOWVz
+jvx/8DEZYVmpG8otxIoltXe1KKUnw3Y9YiHm8XJDAmFRR2KHqevKhsJFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGNocOevYFhOZW2uhhDDoCKARUYrMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvWTJodzU2OWdXRTVsYmE2R0VNT2dJb0JGUmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATm8FAwQD
V/eoMA0EAgACMAcDBQMqEKRAMA0GCSqGSIb3DQEBCwUAA4IBAQCND8jcUHZzBIoy
x73DMhLJzcFJAJCv+6mtCHVhiVguNjYUAWU0cad1wIb1uKL5s1NLXCEWvJ3yjJ1q
0Qorho4aInuvaoZQfnfKG4IJacHr9dcqi4sUCg/G+xC2VdTH2sZGBvaqjT6JX4Ws
7hR+qjIfVLynuHLkaPcjYRYlPW8GyaXSASmaO0O1421TIiqNJxrLlnY1hWt4uuI5
FEm0twEGoCV1wjh2OIGuYuPZ/7yewjPPmNs9v8h8zP3f4DfHJaFCufCTZ5h8Iqzp
qK1OC6uV2L9oSxk5YR6uVKUo6MGpvAdJBLW6eX/Y59LOuhXS3jX1aqq1KES22jBT
h4aboK/U
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:42 2023 by rpki-client on console-ams.rpki-client.org