Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/C5YXGOB-KxXG53nfLhwdrVklZLM.roa
File: C5YXGOB-KxXG53nfLhwdrVklZLM.roa (raw, json)
Hash identifier: agLFOvm4XUVjc+ceHQ3ZrbScOA89gIEtrAfokTlBUG8=
Subject key identifier: 0B:96:17:18:E0:7E:2B:15:C6:E7:79:DF:2E:1C:1D:AD:59:25:64:B3
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018336FCF4ADA7F99DBB9CA4EC79CDA88637
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/C5YXGOB-KxXG53nfLhwdrVklZLM.roa
Signing time: Tue 13 Sep 2022 13:14:50 +0000
ROA not before: Tue 13 Sep 2022 13:14:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.183.20.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:36:fc:f4:ad:a7:f9:9d:bb:9c:a4:ec:79:cd:a8:86:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 13 13:14:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b961718e07e2b15c6e779df2e1c1dad592564b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d9:df:f4:19:0e:68:fb:a0:b3:22:d8:03:75:
52:f5:34:ac:95:98:dc:64:61:72:4d:79:5b:7f:b3:
63:82:f3:32:36:b0:4c:4b:5f:b6:78:e7:f0:a1:d3:
18:11:84:0e:55:bb:1a:78:35:35:0d:f9:5f:f9:54:
b0:4f:91:f9:c4:25:53:95:29:30:30:17:4f:a2:6c:
ea:0e:56:08:a9:d1:9f:02:db:82:27:e0:89:dc:70:
76:e8:9a:e7:5f:e8:95:c6:0e:41:e5:87:5e:28:a2:
ea:f1:3b:74:4b:dd:a8:c1:1f:a6:d4:2b:01:a7:13:
4f:74:39:89:3a:9f:e7:d0:4e:97:86:f3:03:1c:84:
b5:d5:12:63:4f:df:7b:a1:62:92:15:fe:79:7f:f4:
42:a5:92:a1:c1:43:ce:ce:d4:e2:41:73:c1:67:6d:
97:9d:59:57:a8:68:64:31:54:b9:c8:d8:17:d1:18:
6e:f0:d6:0e:0b:1d:ce:a7:74:2b:2d:85:cc:c7:79:
ba:c6:fb:15:bb:c6:a8:a0:cf:c6:db:33:31:48:d1:
b2:aa:bc:34:a3:88:3f:86:9d:2c:30:10:79:58:d9:
e8:e4:3f:ed:8f:17:15:b8:fe:98:ed:53:d5:c6:86:
d8:ff:9b:34:64:f4:0c:07:f3:bc:1b:56:0d:87:b2:
b1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:96:17:18:E0:7E:2B:15:C6:E7:79:DF:2E:1C:1D:AD:59:25:64:B3
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/C5YXGOB-KxXG53nfLhwdrVklZLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.234.3.0/24
193.234.116.0/22
193.234.144.0/24
194.14.57.0/24
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c6:af:2b:df:d5:3d:dd:ae:82:1b:82:c7:1e:c2:ca:ae:af:
f2:4c:d4:0a:fc:1d:4f:93:a1:49:75:b7:f0:6c:13:95:bd:9e:
ff:e7:c8:34:7f:2c:3a:02:48:f8:f9:23:94:19:94:4a:7f:af:
41:aa:09:fd:dd:9e:b4:3b:09:23:87:ff:77:b8:7e:f8:38:1b:
98:22:ce:96:d9:a3:f2:52:12:fb:e3:35:a4:0d:f6:cb:8d:33:
f7:23:1c:bb:f8:9a:59:e3:11:47:42:56:b8:c5:65:31:f7:21:
3d:91:30:5f:f6:23:dd:db:87:ad:0d:55:37:67:39:58:ac:8c:
d1:50:d8:f3:88:9a:7a:41:1b:60:a9:62:a2:fb:ad:e8:66:e1:
af:54:e5:16:02:f5:47:3f:c8:b5:c8:cf:74:31:d0:57:db:24:
8b:47:a1:45:30:ea:e3:25:30:fe:b7:ea:21:5b:06:48:a6:c3:
75:46:fc:26:4d:e0:22:dd:7b:da:b6:46:b2:87:bd:e5:92:a2:
c6:72:80:ca:a5:9e:6f:a7:58:63:21:18:f0:bf:6f:cf:7b:23:
3b:bc:51:67:1e:fd:ef:bd:e4:dd:cf:ae:43:34:83:24:14:3d:
ee:f6:18:c2:1a:c8:ba:b8:23:91:d7:1c:5c:ef:ea:70:dd:7a:
09:b9:b9:6b
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYM2/PStp/mdu5yk7HnNqIY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIwOTEzMTMxNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjk2MTcxOGUwN2UyYjE1YzZlNzc5ZGYyZTFjMWRhZDU5MjU2NGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNnf9BkOaPugsyLYA3VS9TSslZjc
ZGFyTXlbf7NjgvMyNrBMS1+2eOfwodMYEYQOVbsaeDU1Dflf+VSwT5H5xCVTlSkw
MBdPomzqDlYIqdGfAtuCJ+CJ3HB26JrnX+iVxg5B5YdeKKLq8Tt0S92owR+m1CsB
pxNPdDmJOp/n0E6XhvMDHIS11RJjT997oWKSFf55f/RCpZKhwUPOztTiQXPBZ22X
nVlXqGhkMVS5yNgX0Rhu8NYOCx3Op3QrLYXMx3m6xvsVu8aooM/G2zMxSNGyqrw0
o4g/hp0sMBB5WNno5D/tjxcVuP6Y7VPVxobY/5s0ZPQMB/O8G1YNh7Kx9wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFAuWFxjgfisVxud53y4cHa1ZJWSzMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQzVZWEdPQi1LeFhHNTNuZkxod2RyVmtsWkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAMBHAAME
AMClAwMEAcClhgMEAMG1IgMEAMG3FAMEAMG3MQMEAMHqAwMEAsHqdAMEAMHqkAME
AMIOOQMEAcJHAAMEAcJnEAMEAMJnXwMEAMJnkQMEAMJnxQMEAMKEpAMEAMKEpgME
AMKEujANBgkqhkiG9w0BAQsFAAOCAQEAYMavK9/VPd2ughuCxx7Cyq6v8kzUCvwd
T5OhSXW38GwTlb2e/+fINH8sOgJI+PkjlBmUSn+vQaoJ/d2etDsJI4f/d7h++Dgb
mCLOltmj8lIS++M1pA32y40z9yMcu/iaWeMRR0JWuMVlMfchPZEwX/Yj3duHrQ1V
N2c5WKyM0VDY84iaekEbYKliovut6Gbhr1TlFgL1Rz/ItcjPdDHQV9ski0ehRTDq
4yUw/rfqIVsGSKbDdUb8Jk3gIt172rZGsoe95ZKixnKAyqWeb6dYYyEY8L9vz3sj
O7xRZx79773k3c+uQzSDJBQ97vYYwhrIurgjkdccXO/qcN16Cbm5aw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org