Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/yfg6DbkqXqxDPDMrn5srVzF_xoI.roa
File: yfg6DbkqXqxDPDMrn5srVzF_xoI.roa (raw, json)
Hash identifier: ke+LzqMVvZQRaCD8seqzqmfAkRBZiQZ4ZaBC+/1jvKo=
Subject key identifier: C9:F8:3A:0D:B9:2A:5E:AC:43:3C:33:2B:9F:9B:2B:57:31:7F:C6:82
Certificate issuer: /CN=d1f987af5adb2304d426f540de5d650545231e50
Certificate serial: 0183E56F7BB8D8A82A6F032965E0D1D0BFA6
Authority key identifier: D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/yfg6DbkqXqxDPDMrn5srVzF_xoI.roa
Signing time: Mon 17 Oct 2022 10:13:52 +0000
ROA not before: Mon 17 Oct 2022 10:13:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202299
IP address blocks: 195.5.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:6f:7b:b8:d8:a8:2a:6f:03:29:65:e0:d1:d0:bf:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f987af5adb2304d426f540de5d650545231e50
Validity
Not Before: Oct 17 10:13:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9f83a0db92a5eac433c332b9f9b2b57317fc682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0d:f8:3b:7b:e2:cc:4a:c4:72:b5:7e:75:60:
2a:dd:b5:d7:b4:07:a1:33:99:42:ba:c9:c9:e1:66:
53:37:83:96:76:69:d3:3a:89:bd:b4:f0:57:86:4c:
42:a3:3b:f7:be:cf:fb:1c:37:c7:31:c3:cf:82:8f:
7e:02:be:d8:17:ef:67:fd:ff:0b:62:c3:55:b0:e0:
e0:7e:60:70:b8:36:15:43:d0:13:63:17:ea:5a:76:
92:6c:5b:b4:89:25:2c:5b:eb:9e:c7:ae:36:56:1e:
03:c0:4e:33:a6:6d:33:5c:71:bf:4e:37:e8:13:a7:
00:cb:61:4e:59:5f:94:6f:b4:87:91:4d:49:3d:31:
61:9b:f5:a7:8b:f0:45:c9:d1:e9:35:8d:36:44:82:
94:ad:0d:68:e3:4e:2f:5e:ec:9a:69:3d:ad:5a:33:
ed:99:bc:02:4b:c9:bf:58:cd:b1:c2:7b:30:96:eb:
00:36:c0:98:fb:f3:8d:24:89:71:64:1f:bd:e5:02:
c0:1f:c6:2b:51:74:38:86:0d:e4:63:68:a3:8f:8b:
54:0a:4c:0e:87:31:b5:2f:d8:be:c9:e2:cd:d3:2c:
dc:c0:9c:16:f1:60:74:1e:17:87:4b:1c:be:7f:7b:
08:2d:3e:b4:e6:6d:dc:54:79:39:69:10:11:c4:9a:
63:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F8:3A:0D:B9:2A:5E:AC:43:3C:33:2B:9F:9B:2B:57:31:7F:C6:82
X509v3 Authority Key Identifier:
keyid:D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/yfg6DbkqXqxDPDMrn5srVzF_xoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.162.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:bc:69:ed:de:c5:11:e7:70:c3:9d:0a:7b:db:8a:86:f7:ba:
c3:07:c8:48:20:87:59:48:45:d2:3c:1e:eb:00:94:1a:16:1b:
97:eb:26:8a:51:27:29:b3:0f:dc:33:56:cf:71:81:49:6e:2f:
78:61:71:27:68:f8:24:bd:93:be:47:ff:4a:93:e6:c5:26:12:
52:03:51:84:f9:77:25:16:86:22:e2:54:2a:6a:ca:dd:93:d4:
fb:71:57:b3:f0:85:44:96:28:24:91:62:7b:2f:f1:9d:28:3c:
1a:d2:19:74:ed:e5:bc:16:06:47:3a:ac:ec:6d:b7:9b:cf:a1:
7b:62:81:0d:86:9e:63:fe:e4:a1:cc:f6:c3:40:ce:a5:09:e3:
11:12:ad:96:e2:0e:d3:e2:30:e1:62:aa:0d:31:4e:63:ce:fd:
4f:fe:9c:3b:4c:7b:e9:8a:33:10:a2:d4:a1:d8:34:d5:f8:73:
c2:4d:4d:94:61:7f:b0:67:6b:40:58:90:0c:18:9f:f5:96:88:
85:4c:9e:f8:c8:a6:e3:48:91:6d:d4:15:76:a8:5d:a4:62:3a:
1c:6b:3e:f6:f6:75:56:df:5b:42:f1:ed:4d:ea:35:d3:bb:03:
ee:eb:74:26:b5:2c:ca:fb:25:e0:80:88:a2:dd:0e:55:5c:96:
f6:95:ac:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPlb3u42KgqbwMpZeDR0L+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjk4N2FmNWFkYjIzMDRkNDI2ZjU0MGRlNWQ2NTA1NDUy
MzFlNTAwHhcNMjIxMDE3MTAxMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY4M2EwZGI5MmE1ZWFjNDMzYzMzMmI5ZjliMmI1NzMxN2ZjNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg34O3vizErEcrV+dWAq3bXXtAeh
M5lCusnJ4WZTN4OWdmnTOom9tPBXhkxCozv3vs/7HDfHMcPPgo9+Ar7YF+9n/f8L
YsNVsODgfmBwuDYVQ9ATYxfqWnaSbFu0iSUsW+uex642Vh4DwE4zpm0zXHG/Tjfo
E6cAy2FOWV+Ub7SHkU1JPTFhm/Wni/BFydHpNY02RIKUrQ1o404vXuyaaT2tWjPt
mbwCS8m/WM2xwnswlusANsCY+/ONJIlxZB+95QLAH8YrUXQ4hg3kY2ijj4tUCkwO
hzG1L9i+yeLN0yzcwJwW8WB0HheHSxy+f3sILT605m3cVHk5aRARxJpjmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMn4Og25Kl6sQzwzK5+bK1cxf8aCMB8GA1UdIwQY
MBaAFNH5h69a2yME1Cb1QN5dZQVFIx5QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjct
MmFmMDk1ZmZjOWJiLzEveWZnNkRia3FYcXhEUERNcm41c3JWekZfeG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjctMmFmMDk1ZmZjOWJi
LzEvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwWiMA0G
CSqGSIb3DQEBCwUAA4IBAQBbvGnt3sUR53DDnQp724qG97rDB8hIIIdZSEXSPB7r
AJQaFhuX6yaKUScpsw/cM1bPcYFJbi94YXEnaPgkvZO+R/9Kk+bFJhJSA1GE+Xcl
FoYi4lQqasrdk9T7cVez8IVEligkkWJ7L/GdKDwa0hl07eW8FgZHOqzsbbebz6F7
YoENhp5j/uShzPbDQM6lCeMREq2W4g7T4jDhYqoNMU5jzv1P/pw7THvpijMQotSh
2DTV+HPCTU2UYX+wZ2tAWJAMGJ/1loiFTJ74yKbjSJFt1BV2qF2kYjocaz729nVW
31tC8e1N6jXTuwPu63QmtSzK+yXggIii3Q5VXJb2laxD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org