Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/5YadCMP_ve_bKkNHNUZ9nfHFm0g.roa
File: 5YadCMP_ve_bKkNHNUZ9nfHFm0g.roa (raw, json)
Hash identifier: XVN46RAfftyWTUbiBripuxpJX+0C4f0p9OzmUJ43keg=
Subject key identifier: E5:86:9D:08:C3:FF:BD:EF:DB:2A:43:47:35:46:7D:9D:F1:C5:9B:48
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 0183129D03F043BEAEE1DE06F82F4702D5AE
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/5YadCMP_ve_bKkNHNUZ9nfHFm0g.roa
Signing time: Tue 06 Sep 2022 11:43:43 +0000
ROA not before: Tue 06 Sep 2022 11:43:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205199
IP address blocks: 193.42.219.0/24 maxlen: 24
194.35.182.0/24 maxlen: 24
194.35.78.0/24 maxlen: 24
194.35.95.0/24 maxlen: 24
194.35.92.0/24 maxlen: 24
193.43.14.0/24 maxlen: 24
193.43.28.0/24 maxlen: 24
193.43.37.0/24 maxlen: 24
185.157.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:9d:03:f0:43:be:ae:e1:de:06:f8:2f:47:02:d5:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Sep 6 11:43:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5869d08c3ffbdefdb2a434735467d9df1c59b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ab:13:33:1e:14:22:44:da:fd:6f:14:c5:60:
51:99:aa:4a:a4:fb:13:32:05:1e:35:21:3d:34:28:
13:51:ec:3b:d0:26:07:4f:57:2b:c1:7a:be:72:42:
ed:a8:3b:42:e1:f7:f6:fa:eb:0f:74:ad:5b:e8:57:
10:33:e0:fa:ba:c1:fd:ee:28:68:a9:b8:18:74:d4:
15:f9:1b:3b:bf:0c:d7:90:8b:9c:2d:b7:4e:2b:9d:
44:b6:13:ae:fe:2e:79:81:02:43:06:a2:eb:89:82:
14:05:00:b7:ac:85:e4:60:ff:3a:eb:1e:29:15:6c:
8c:f1:33:01:61:cf:c6:09:6e:8f:1f:1d:13:2c:53:
d0:53:a2:05:b5:c9:c8:c2:6b:71:a2:a7:de:a3:0b:
ba:de:43:be:78:44:f7:11:e7:a5:9f:1d:61:e6:fc:
ab:e5:d4:f9:4a:9a:94:ad:27:ee:e7:65:74:9a:33:
4c:86:07:a4:b8:95:95:ce:86:68:ed:29:c3:ef:e3:
9a:50:80:4c:06:55:e6:d8:75:17:3f:90:5c:5f:2e:
cc:97:f6:b0:f1:8b:0a:21:b9:80:d6:d3:d6:74:cf:
5d:d3:ce:e5:75:52:af:e8:73:b2:9c:58:dd:e2:b4:
1a:ed:b3:bd:c1:1c:e5:0b:d9:6c:73:11:e4:c0:ea:
86:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:86:9D:08:C3:FF:BD:EF:DB:2A:43:47:35:46:7D:9D:F1:C5:9B:48
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/5YadCMP_ve_bKkNHNUZ9nfHFm0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.168.0/22
193.42.219.0/24
193.43.14.0/24
193.43.28.0/24
193.43.37.0/24
194.35.78.0/24
194.35.92.0/24
194.35.95.0/24
194.35.182.0/24
Signature Algorithm: sha256WithRSAEncryption
55:7a:fc:87:f4:bb:2d:15:2b:42:81:9b:9c:a9:44:68:39:80:
92:88:1b:7d:9a:14:28:9c:4c:9f:42:e3:f5:fa:97:ee:7f:46:
a1:cd:95:d0:97:c3:61:99:a9:4f:c9:31:35:65:0a:b6:18:00:
50:d2:35:f7:db:2f:ba:43:72:ae:7a:7a:fd:96:20:d5:d8:1e:
d6:65:90:04:10:db:8b:8a:7e:0f:45:45:71:30:3c:d0:42:cf:
28:87:46:a5:2e:e1:d4:5c:6d:86:67:b3:a8:e9:17:f2:b9:0e:
f4:38:4a:01:1c:d2:ee:79:a8:bb:19:bd:61:4e:c9:4a:eb:cd:
6d:48:55:34:28:0c:90:5b:dc:bf:c5:7d:94:02:6a:2d:67:ee:
91:b1:66:36:5f:77:f8:74:84:d3:00:f6:b6:53:29:7d:33:62:
ca:e0:f6:79:3d:d0:45:d3:14:6a:71:32:a7:2a:ab:ac:04:25:
07:52:74:23:4c:69:4a:37:6c:19:14:52:64:c0:2e:9c:72:cb:
07:81:d6:84:8f:01:30:1c:29:81:ed:a9:7e:45:b8:f2:7e:3d:
f8:3c:b6:78:bb:2a:2b:a7:13:f0:04:30:d3:d2:70:ec:a8:89:
29:ff:a2:d0:c2:e4:09:ae:04:75:b7:52:4b:e6:23:a1:67:7b:
00:85:88:01
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYMSnQPwQ76u4d4G+C9HAtWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzcyMGU5NzBmYWEwZTA3ZjUwYTYzODllN2FlNTNhZmE0
MzlkYWIwHhcNMjIwOTA2MTE0MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg2OWQwOGMzZmZiZGVmZGIyYTQzNDczNTQ2N2Q5ZGYxYzU5YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKsTMx4UIkTa/W8UxWBRmapKpPsT
MgUeNSE9NCgTUew70CYHT1crwXq+ckLtqDtC4ff2+usPdK1b6FcQM+D6usH97iho
qbgYdNQV+Rs7vwzXkIucLbdOK51EthOu/i55gQJDBqLriYIUBQC3rIXkYP866x4p
FWyM8TMBYc/GCW6PHx0TLFPQU6IFtcnIwmtxoqfeowu63kO+eET3Eeelnx1h5vyr
5dT5SpqUrSfu52V0mjNMhgekuJWVzoZo7SnD7+OaUIBMBlXm2HUXP5BcXy7Ml/aw
8YsKIbmA1tPWdM9d087ldVKv6HOynFjd4rQa7bO9wRzlC9lscxHkwOqGcQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOWGnQjD/73v2ypDRzVGfZ3xxZtIMB8GA1UdIwQY
MBaAFJ83IOlw+qDgf1CmOJ565Tr6Q52rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQt
MTJlNmEwZDQzMThhLzEvNVlhZENNUF92ZV9iS2tOSE5VWjluZkhGbTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQtMTJlNmEwZDQzMThh
LzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCuZ2oAwQA
wSrbAwQAwSsOAwQAwSscAwQAwSslAwQAwiNOAwQAwiNcAwQAwiNfAwQAwiO2MA0G
CSqGSIb3DQEBCwUAA4IBAQBVevyH9LstFStCgZucqURoOYCSiBt9mhQonEyfQuP1
+pfuf0ahzZXQl8NhmalPyTE1ZQq2GABQ0jX32y+6Q3Kuenr9liDV2B7WZZAEENuL
in4PRUVxMDzQQs8oh0alLuHUXG2GZ7Oo6RfyuQ70OEoBHNLueai7Gb1hTslK681t
SFU0KAyQW9y/xX2UAmotZ+6RsWY2X3f4dITTAPa2Uyl9M2LK4PZ5PdBF0xRqcTKn
KqusBCUHUnQjTGlKN2wZFFJkwC6ccssHgdaEjwEwHCmB7al+Rbjyfj34PLZ4uyor
pxPwBDDT0nDsqIkp/6LQwuQJrgR1t1JL5iOhZ3sAhYgB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org