Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/y19JfRvN11up-A5ktbl6kHGOmZ0.roa
File: y19JfRvN11up-A5ktbl6kHGOmZ0.roa (raw, json)
Hash identifier: cfQPLHbyaFcrLphXHpORAQYLPAvbKY12dyxuuhONmyI=
Subject key identifier: CB:5F:49:7D:1B:CD:D7:5B:A9:F8:0E:64:B5:B9:7A:90:71:8E:99:9D
Certificate issuer: /CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Certificate serial: 0183EA49DA5D541DDF2190B899EA3D217574
Authority key identifier: 7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/y19JfRvN11up-A5ktbl6kHGOmZ0.roa
Signing time: Tue 18 Oct 2022 08:50:52 +0000
ROA not before: Tue 18 Oct 2022 08:50:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43930
IP address blocks: 185.108.34.0/24 maxlen: 24
185.108.32.0/24 maxlen: 24
185.108.33.0/24 maxlen: 24
185.194.165.0/24 maxlen: 24
185.194.164.0/24 maxlen: 24
2a02:c800::/32 maxlen: 32
2a02:c800:42::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:49:da:5d:54:1d:df:21:90:b8:99:ea:3d:21:75:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Validity
Not Before: Oct 18 08:50:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb5f497d1bcdd75ba9f80e64b5b97a90718e999d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:ec:59:d5:b4:5d:99:7a:d1:ed:54:03:25:
4a:86:7b:61:87:1a:a4:91:f5:19:28:d4:91:9b:c9:
55:56:5a:7a:48:29:73:6a:5d:4b:80:09:73:35:34:
64:ae:f8:74:3c:4c:04:76:d8:9b:4a:f4:bc:25:9d:
e4:72:68:9e:10:13:a4:ac:0e:2b:36:be:18:a1:4a:
5d:43:68:ac:55:ed:37:e9:cf:84:95:93:14:ca:83:
e4:bd:c5:9c:27:46:bf:85:3b:1b:ec:c3:51:ca:24:
ca:89:d6:1b:93:9d:5e:c5:af:c7:49:b7:ab:59:83:
92:a3:d8:5a:2d:f8:9c:d0:c8:c4:19:09:5e:ec:6a:
b6:bf:63:b1:6f:26:ed:7d:0c:8c:38:18:4e:f3:18:
c6:50:2c:b5:4f:3f:fa:60:2e:49:38:e4:10:d1:d4:
bf:2d:d3:02:07:23:09:0b:1c:1f:c1:63:8f:ee:41:
82:7f:d1:ae:78:ae:15:0b:37:46:e8:e9:7b:20:4a:
bb:f9:42:ae:19:5c:8e:ce:d3:15:d5:6c:5c:16:a9:
b6:59:65:03:39:1e:fe:85:cf:70:0d:07:34:0d:86:
09:fa:9b:a5:27:73:62:4f:1e:e7:86:c8:29:7e:b1:
7f:fa:e8:d5:77:2b:04:1f:ad:b3:ed:39:25:88:ef:
e4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5F:49:7D:1B:CD:D7:5B:A9:F8:0E:64:B5:B9:7A:90:71:8E:99:9D
X509v3 Authority Key Identifier:
keyid:7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/y19JfRvN11up-A5ktbl6kHGOmZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/e_OebrMTHs883c0MnjeMNS2kH8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.32.0-185.108.34.255
185.194.164.0/23
IPv6:
2a02:c800::/32
Signature Algorithm: sha256WithRSAEncryption
2a:64:12:ae:7f:42:f5:d8:c9:c8:1e:bf:e2:53:77:d1:31:1a:
14:b3:42:b7:b2:65:ac:de:22:f1:55:5a:80:5a:d3:a2:66:6d:
9e:e5:f2:f8:30:05:9f:d6:b1:9f:35:34:b4:78:4f:b4:90:1a:
a9:f9:e6:d1:3a:12:f4:72:71:75:ce:71:69:d7:55:eb:25:ad:
18:b3:66:36:ef:c4:97:3b:cf:42:e8:86:95:6b:4b:06:c6:6f:
98:9e:e2:80:f6:86:0e:5a:e0:7a:49:1f:d5:48:32:7a:41:a6:
2d:9c:9f:42:f8:7e:65:14:e5:19:f9:14:52:00:f9:d4:d5:1a:
35:7c:06:7b:33:72:b6:b7:e0:f8:2a:e5:10:2d:b3:29:de:8e:
19:80:30:88:e1:1e:6e:b0:e1:f4:1b:9e:00:e8:8d:86:e5:6b:
8d:2a:40:80:27:db:ca:c6:b2:b0:cb:3c:c6:57:51:d1:db:96:
9a:bf:78:fb:7d:61:97:e8:4d:54:0b:bc:fc:8c:d3:31:53:16:
53:44:40:40:31:64:ac:82:29:2a:31:21:b5:45:25:43:cf:88:
b8:00:13:84:c1:50:e7:98:cb:fe:3e:02:24:90:94:a5:86:2d:
ea:6f:7d:a5:a6:45:bf:bd:85:7e:99:18:b3:f4:7e:8b:18:8c:
84:e9:9a:65
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYPqSdpdVB3fIZC4meo9IXV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZjM5ZTZlYjMxMzFlY2YzY2RkY2QwYzllMzc4YzM1MmRh
NDFmYzIwHhcNMjIxMDE4MDg1MDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjVmNDk3ZDFiY2RkNzViYTlmODBlNjRiNWI5N2E5MDcxOGU5OTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtfsWdW0XZl60e1UAyVKhnthhxqk
kfUZKNSRm8lVVlp6SClzal1LgAlzNTRkrvh0PEwEdtibSvS8JZ3kcmieEBOkrA4r
Nr4YoUpdQ2isVe036c+ElZMUyoPkvcWcJ0a/hTsb7MNRyiTKidYbk51exa/HSber
WYOSo9haLfic0MjEGQle7Gq2v2OxbybtfQyMOBhO8xjGUCy1Tz/6YC5JOOQQ0dS/
LdMCByMJCxwfwWOP7kGCf9GueK4VCzdG6Ol7IEq7+UKuGVyOztMV1WxcFqm2WWUD
OR7+hc9wDQc0DYYJ+pulJ3NiTx7nhsgpfrF/+ujVdysEH62z7TkliO/knQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMtfSX0bzddbqfgOZLW5epBxjpmdMB8GA1UdIwQY
MBaAFHvznm6zEx7PPN3NDJ43jDUtpB/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYt
Yzk2N2M5ZGI1NzUyLzEveTE5SmZSdk4xMXVwLUE1a3RibDZrSEdPbVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYtYzk2N2M5ZGI1NzUy
LzEvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAW5bCAD
BAC5bCIDBAG5wqQwDQQCAAIwBwMFACoCyAAwDQYJKoZIhvcNAQELBQADggEBACpk
Eq5/QvXYycgev+JTd9ExGhSzQreyZazeIvFVWoBa06JmbZ7l8vgwBZ/WsZ81NLR4
T7SQGqn55tE6EvRycXXOcWnXVeslrRizZjbvxJc7z0LohpVrSwbGb5ie4oD2hg5a
4HpJH9VIMnpBpi2cn0L4fmUU5Rn5FFIA+dTVGjV8Bnszcra34Pgq5RAtsynejhmA
MIjhHm6w4fQbngDojYbla40qQIAn28rGsrDLPMZXUdHblpq/ePt9YZfoTVQLvPyM
0zFTFlNEQEAxZKyCKSoxIbVFJUPPiLgAE4TBUOeYy/4+AiSQlKWGLepvfaWmRb+9
hX6ZGLP0fosYjITpmmU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:06 2023 by rpki-client on console-fra.rpki-client.org