Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/e_C39zlvYFey0Q5ummyUHCAi2fg.roa
File: e_C39zlvYFey0Q5ummyUHCAi2fg.roa (raw, json)
Hash identifier: TRibs2IOnOWsafbeOtdkGosSpFhYJ6MeIL7K5y9Wiew=
Subject key identifier: 7B:F0:B7:F7:39:6F:60:57:B2:D1:0E:6E:9A:6C:94:1C:20:22:D9:F8
Certificate issuer: /CN=f416539e74934d23a0572f6625dbfdb54e820873
Certificate serial: 01850659E6CC38BE7D43467B7C1D79FCC585
Authority key identifier: F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/e_C39zlvYFey0Q5ummyUHCAi2fg.roa
Signing time: Mon 12 Dec 2022 12:40:33 +0000
ROA not before: Mon 12 Dec 2022 12:40:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196838
IP address blocks: 194.156.253.0/24 maxlen: 24
194.156.252.0/24 maxlen: 24
194.156.255.0/24 maxlen: 24
194.156.254.0/24 maxlen: 24
109.69.164.0/24 maxlen: 24
109.69.163.0/24 maxlen: 24
109.69.166.0/24 maxlen: 24
109.69.165.0/24 maxlen: 24
109.69.160.0/24 maxlen: 24
109.69.162.0/24 maxlen: 24
109.69.161.0/24 maxlen: 24
93.159.192.0/24 maxlen: 24
109.69.167.0/24 maxlen: 24
93.159.198.0/24 maxlen: 24
93.159.197.0/24 maxlen: 24
93.159.199.0/24 maxlen: 24
93.159.194.0/24 maxlen: 24
93.159.193.0/24 maxlen: 24
93.159.196.0/24 maxlen: 24
93.159.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:59:e6:cc:38:be:7d:43:46:7b:7c:1d:79:fc:c5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f416539e74934d23a0572f6625dbfdb54e820873
Validity
Not Before: Dec 12 12:40:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bf0b7f7396f6057b2d10e6e9a6c941c2022d9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:02:1d:1e:21:9c:2b:bd:d0:45:76:8e:ba:bb:
ed:58:49:f7:0c:d1:04:ec:63:16:3c:1f:35:b7:af:
75:10:6e:b1:0c:9f:1f:ae:89:11:97:8f:3d:e4:59:
6a:f2:31:f4:36:ac:41:45:63:0d:63:13:a2:f9:d2:
44:87:6a:e0:47:1c:08:9c:ae:19:00:da:1e:d8:7a:
8c:fb:84:8c:36:68:fe:d7:7f:49:7f:e7:1e:99:9e:
ed:ed:b6:5c:8d:92:02:64:b3:94:2b:59:3a:fd:44:
f7:27:e6:99:63:b1:85:7e:41:32:03:ea:c2:6a:e5:
7f:ac:1b:ea:6c:54:be:ad:d4:60:97:b8:a9:16:7f:
bb:c9:45:c7:ca:db:04:4f:b6:d6:53:f5:eb:55:9f:
b2:89:f5:a0:d1:67:09:77:8f:92:60:42:ef:e2:0c:
21:7e:f6:9e:67:9f:7c:fb:54:21:0e:6f:35:fb:32:
75:60:5d:78:aa:72:2e:11:50:8d:6d:13:9a:a7:f7:
9a:f1:6e:91:c6:18:e3:c9:87:ca:ae:5a:a2:42:70:
27:68:41:a3:d3:6a:10:2e:e3:f8:ba:f9:97:c5:de:
1b:a9:69:0a:6f:91:ac:be:20:10:d3:93:56:e8:e6:
82:df:4b:c9:ac:f3:22:b8:93:cf:a2:cf:6c:1f:a3:
9d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F0:B7:F7:39:6F:60:57:B2:D1:0E:6E:9A:6C:94:1C:20:22:D9:F8
X509v3 Authority Key Identifier:
keyid:F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/e_C39zlvYFey0Q5ummyUHCAi2fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.159.192.0/21
109.69.160.0/21
194.156.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:b5:5a:f1:fd:5d:f5:04:1f:69:48:65:7c:eb:55:af:98:ff:
0c:fc:a6:33:ab:7f:c0:02:6a:b5:1f:56:64:58:fd:f3:0d:2d:
6c:fa:f1:5b:e2:02:8c:04:5d:ed:7b:8c:33:d3:bd:6b:59:80:
2a:28:e6:32:e7:8e:ef:81:fb:7d:3d:33:87:75:7d:96:8c:19:
12:b8:45:63:43:9e:da:4e:cd:41:4d:69:e0:2d:8e:54:04:65:
a8:91:f5:4e:8a:df:14:3e:86:64:df:1b:42:7c:27:27:fd:a8:
29:27:5d:d3:06:ad:a0:3f:2e:ec:6e:89:8b:87:21:f4:2c:c9:
bc:a4:c2:b6:0f:13:b9:c8:64:21:b2:7c:da:0b:17:8d:75:dc:
f8:b5:df:bc:91:38:67:33:92:9d:8e:23:49:cd:0c:0f:e0:99:
c5:8b:ad:d7:cf:e3:8e:4c:40:63:71:e2:11:f9:0f:87:ae:d0:
98:b4:1a:9e:9d:e8:6f:61:eb:38:89:ff:43:61:15:bd:95:4e:
12:65:c4:38:ef:c9:1b:e7:3c:78:4c:72:d1:33:d5:d1:80:83:
30:3d:63:c4:94:3a:08:e4:d6:c2:82:c0:59:e4:9f:35:8c:e4:
00:a5:80:6f:3f:58:83:d8:5c:52:df:07:6a:2f:75:3d:ca:84:
7f:e5:93:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUGWebMOL59Q0Z7fB15/MWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MTY1MzllNzQ5MzRkMjNhMDU3MmY2NjI1ZGJmZGI1NGU4
MjA4NzMwHhcNMjIxMjEyMTI0MDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmYwYjdmNzM5NmY2MDU3YjJkMTBlNmU5YTZjOTQxYzIwMjJkOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+QIdHiGcK73QRXaOurvtWEn3DNEE
7GMWPB81t691EG6xDJ8frokRl4895Flq8jH0NqxBRWMNYxOi+dJEh2rgRxwInK4Z
ANoe2HqM+4SMNmj+139Jf+cemZ7t7bZcjZICZLOUK1k6/UT3J+aZY7GFfkEyA+rC
auV/rBvqbFS+rdRgl7ipFn+7yUXHytsET7bWU/XrVZ+yifWg0WcJd4+SYELv4gwh
fvaeZ598+1QhDm81+zJ1YF14qnIuEVCNbROap/ea8W6RxhjjyYfKrlqiQnAnaEGj
02oQLuP4uvmXxd4bqWkKb5GsviAQ05NW6OaC30vJrPMiuJPPos9sH6OdkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHvwt/c5b2BXstEObppslBwgItn4MB8GA1UdIwQY
MBaAFPQWU550k00joFcvZiXb/bVOgghzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODkt
ZDY3YTYxZDU0MTZkLzEvZV9DMzl6bHZZRmV5MFE1dW1teVVIQ0FpMmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODktZDY3YTYxZDU0MTZk
LzEvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXZ/AAwQD
bUWgAwQCwpz8MA0GCSqGSIb3DQEBCwUAA4IBAQBctVrx/V31BB9pSGV861WvmP8M
/KYzq3/AAmq1H1ZkWP3zDS1s+vFb4gKMBF3te4wz071rWYAqKOYy547vgft9PTOH
dX2WjBkSuEVjQ57aTs1BTWngLY5UBGWokfVOit8UPoZk3xtCfCcn/agpJ13TBq2g
Py7sbomLhyH0LMm8pMK2DxO5yGQhsnzaCxeNddz4td+8kThnM5KdjiNJzQwP4JnF
i63Xz+OOTEBjceIR+Q+HrtCYtBqenehvYes4if9DYRW9lU4SZcQ478kb5zx4THLR
M9XRgIMwPWPElDoI5NbCgsBZ5J81jOQApYBvP1iD2FxS3wdqL3U9yoR/5ZON
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:29 2023 by rpki-client on console-fra.rpki-client.org