Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/CyrOWnS6ltLJN0QHjrZJ7NqnGOk.roa
File: CyrOWnS6ltLJN0QHjrZJ7NqnGOk.roa (raw, json)
Hash identifier: AQLz8A2qRYfPEHMJk7HQCGqu5cFZDbJDRTJR6Tht75o=
Subject key identifier: 0B:2A:CE:5A:74:BA:96:D2:C9:37:44:07:8E:B6:49:EC:DA:A7:18:E9
Certificate issuer: /CN=04c5f1d1779eb709090365db982917adfd0f8049
Certificate serial: 01843357A60FDFED0228DBF569F3A33DD403
Authority key identifier: 04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/CyrOWnS6ltLJN0QHjrZJ7NqnGOk.roa
Signing time: Tue 01 Nov 2022 13:18:12 +0000
ROA not before: Tue 01 Nov 2022 13:18:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 195.114.106.0/24 maxlen: 24
195.114.107.0/24 maxlen: 24
194.126.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:57:a6:0f:df:ed:02:28:db:f5:69:f3:a3:3d:d4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04c5f1d1779eb709090365db982917adfd0f8049
Validity
Not Before: Nov 1 13:18:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b2ace5a74ba96d2c93744078eb649ecdaa718e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c7:3a:a7:23:f0:3d:8d:c9:11:27:76:ef:08:
37:3f:02:88:fe:8d:be:f8:b5:f2:77:fe:2d:4e:e4:
b4:12:a8:50:46:ad:17:5a:5d:77:20:59:e5:c0:96:
88:b2:e6:b9:ec:ee:a0:a4:b9:55:9c:ad:4f:a3:23:
44:e4:88:f4:66:1e:fc:3d:85:54:44:3d:54:e3:b9:
c2:ef:3b:58:77:bf:01:3d:de:1d:eb:0b:91:b5:87:
9f:b0:44:31:eb:17:0c:86:ea:af:93:39:f6:86:b7:
3d:bb:4c:18:9e:c2:d1:54:11:a7:85:96:19:5a:a8:
1f:e7:64:03:52:b6:cd:82:05:ea:4f:ef:56:72:0b:
de:32:44:32:7b:f3:5f:5e:bd:40:c8:75:21:fb:cc:
bc:9a:34:95:81:32:a4:10:fb:b3:1e:83:e1:de:14:
74:00:98:1e:73:34:70:b8:3d:fe:72:85:a4:e4:70:
b3:69:d2:65:a4:64:34:1a:1a:73:c1:39:9f:6e:ba:
89:72:69:d3:5c:a9:3c:61:96:93:cb:31:cf:21:65:
33:0f:37:3c:68:61:ad:e7:71:6c:a6:69:56:76:75:
3a:cd:b1:6f:ca:34:b2:83:f0:60:20:ce:5b:f3:cd:
59:f6:0b:fc:39:f1:4c:27:5c:77:55:2c:6d:5a:47:
21:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2A:CE:5A:74:BA:96:D2:C9:37:44:07:8E:B6:49:EC:DA:A7:18:E9
X509v3 Authority Key Identifier:
keyid:04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/CyrOWnS6ltLJN0QHjrZJ7NqnGOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.231.0/24
195.114.106.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:96:87:a4:67:a4:e4:c4:45:5d:62:7d:d5:73:15:cc:7d:b6:
d3:4b:38:0b:4c:4b:a4:65:87:56:27:9f:db:6f:50:d0:eb:3d:
69:1f:8d:05:a4:da:84:22:61:9f:fc:5c:2f:a4:a4:b6:ce:a3:
7f:57:0e:6d:7a:75:1d:9a:1f:99:62:45:96:25:ed:b8:a5:fd:
f9:7a:5a:bf:20:3c:c8:7d:48:da:86:3f:dd:bc:9a:b3:ee:d0:
12:82:39:61:20:ea:22:91:57:1f:fb:1b:97:a6:25:50:7c:56:
ed:40:f7:3a:81:63:3c:e5:f2:7c:ac:d0:11:96:e1:37:9f:37:
0d:1a:92:75:2b:9e:8d:d1:31:bd:22:67:4f:ea:bb:65:c2:d5:
e2:af:72:64:fc:1b:f4:4d:47:b3:a8:43:b1:5c:9b:26:51:03:
45:7c:cb:a0:93:1f:02:e9:80:a0:f8:42:d7:6b:23:1a:2a:cf:
80:03:8e:d7:ca:ff:0a:ca:49:64:cd:4a:2f:0c:80:bf:92:78:
cc:a9:9d:27:22:91:5b:7e:6b:7d:d9:70:55:82:00:36:31:23:
1f:66:03:66:09:41:27:08:10:92:ce:0f:45:9d:f7:4f:ce:5b:
2f:76:03:1a:af:79:f9:ca:09:68:42:eb:4a:fb:cd:30:ac:ca:
87:02:00:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQzV6YP3+0CKNv1afOjPdQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YzVmMWQxNzc5ZWI3MDkwOTAzNjVkYjk4MjkxN2FkZmQw
ZjgwNDkwHhcNMjIxMTAxMTMxODEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjJhY2U1YTc0YmE5NmQyYzkzNzQ0MDc4ZWI2NDllY2RhYTcxOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsc6pyPwPY3JESd27wg3PwKI/o2+
+LXyd/4tTuS0EqhQRq0XWl13IFnlwJaIsua57O6gpLlVnK1PoyNE5Ij0Zh78PYVU
RD1U47nC7ztYd78BPd4d6wuRtYefsEQx6xcMhuqvkzn2hrc9u0wYnsLRVBGnhZYZ
Wqgf52QDUrbNggXqT+9WcgveMkQye/NfXr1AyHUh+8y8mjSVgTKkEPuzHoPh3hR0
AJgeczRwuD3+coWk5HCzadJlpGQ0GhpzwTmfbrqJcmnTXKk8YZaTyzHPIWUzDzc8
aGGt53FspmlWdnU6zbFvyjSyg/BgIM5b881Z9gv8OfFMJ1x3VSxtWkchHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAsqzlp0upbSyTdEB462SezapxjpMB8GA1UdIwQY
MBaAFATF8dF3nrcJCQNl25gpF639D4BJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYt
MDU5MjQ1M2RmN2QyLzEvQ3lyT1duUzZsdExKTjBRSGpyWko3TnFuR09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYtMDU5MjQ1M2RmN2Qy
LzEvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwn7nAwQB
w3JqMA0GCSqGSIb3DQEBCwUAA4IBAQAMloekZ6TkxEVdYn3VcxXMfbbTSzgLTEuk
ZYdWJ5/bb1DQ6z1pH40FpNqEImGf/FwvpKS2zqN/Vw5tenUdmh+ZYkWWJe24pf35
elq/IDzIfUjahj/dvJqz7tASgjlhIOoikVcf+xuXpiVQfFbtQPc6gWM85fJ8rNAR
luE3nzcNGpJ1K56N0TG9ImdP6rtlwtXir3Jk/Bv0TUezqEOxXJsmUQNFfMugkx8C
6YCg+ELXayMaKs+AA47Xyv8KyklkzUovDIC/knjMqZ0nIpFbfmt92XBVggA2MSMf
ZgNmCUEnCBCSzg9FnfdPzlsvdgMar3n5ygloQutK+80wrMqHAgCO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:07 2023 by rpki-client on console-fra.rpki-client.org