Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/b_yhez3PxFLYq6bnxr0OuYqjb50.roa
File: b_yhez3PxFLYq6bnxr0OuYqjb50.roa (raw, json)
Hash identifier: Bf0oTi/xBpN0IR7ICOoNCpjdqCXvs7jxwUhZbY6tSDI=
Subject key identifier: 6F:FC:A1:7B:3D:CF:C4:52:D8:AB:A6:E7:C6:BD:0E:B9:8A:A3:6F:9D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018C005D92C9E5DDB98356F60B209C20038B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/b_yhez3PxFLYq6bnxr0OuYqjb50.roa
Signing time: Fri 24 Nov 2023 08:06:21 +0000
ROA not before: Fri 24 Nov 2023 08:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
193.234.94.0/24 maxlen: 24
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.183.20.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:00:5d:92:c9:e5:dd:b9:83:56:f6:0b:20:9c:20:03:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 24 08:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ffca17b3dcfc452d8aba6e7c6bd0eb98aa36f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:16:7f:f2:ca:a2:74:6e:42:25:87:b4:5e:41:
d5:dd:aa:28:25:ca:e3:42:24:a0:66:a9:92:6d:e2:
cb:9f:56:db:ac:4e:be:8d:0d:5b:fb:75:dc:44:48:
85:f7:78:9e:d8:10:0f:82:a8:1d:8d:a5:41:98:51:
e1:4a:b5:8b:ef:0d:cb:34:74:7b:c3:74:1e:ee:7c:
7f:99:a2:6a:92:63:5e:9d:08:ce:a4:45:61:3f:37:
8d:b1:6d:47:ed:17:d2:b1:39:2d:fc:75:82:b7:a8:
4b:81:06:bb:d2:fc:88:5b:9c:7d:a8:f2:d9:3f:6d:
f4:df:fd:68:95:ad:73:9c:8a:cb:9c:d2:82:44:fc:
9a:dd:34:e6:f8:31:8b:87:83:ee:7b:e8:b5:ae:1f:
5e:b7:e4:5c:26:00:55:6e:ad:4e:6f:c0:41:dd:ce:
3d:c4:d9:40:c9:13:1d:89:05:0d:c8:ac:1e:50:c5:
cd:34:72:6f:93:0d:56:e3:9c:c2:66:3d:73:69:24:
9d:cf:02:bf:5a:91:69:0a:d3:ef:23:73:d1:6a:7a:
65:97:6b:9b:5a:0c:13:21:de:b5:bc:d4:4b:c0:be:
51:51:c6:fe:e8:d3:90:18:87:62:0a:11:4b:28:5f:
82:4a:ca:0f:6b:1c:11:68:ea:67:f5:6f:2b:55:f4:
10:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FC:A1:7B:3D:CF:C4:52:D8:AB:A6:E7:C6:BD:0E:B9:8A:A3:6F:9D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/b_yhez3PxFLYq6bnxr0OuYqjb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.181.0/24
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
71:f6:67:e8:f2:da:1e:7a:9c:86:d8:7c:2b:be:de:71:d2:0c:
89:76:a1:70:c5:55:50:9c:a5:cd:5d:87:fb:5c:f9:5f:b2:99:
85:b3:01:39:2a:5b:b3:9c:7a:57:7a:8e:05:ff:b1:be:0b:d0:
c6:82:4a:ee:53:84:f2:77:72:14:a9:8f:79:cd:81:46:c7:02:
02:06:ad:ae:6d:64:f0:39:b4:75:08:1f:48:51:1c:57:a4:c1:
29:9d:2a:82:b6:6f:6b:51:e8:fb:e9:28:b2:74:95:87:92:02:
f0:ac:fa:80:c2:5f:0b:de:4a:fc:4b:2e:d0:8b:16:b2:be:43:
e6:6c:cf:bf:95:c1:fc:2c:92:d5:3a:e0:4c:4a:13:b5:f7:e7:
44:b5:7a:96:ae:c3:b0:21:0e:de:ae:1e:c9:4c:24:66:9a:69:
61:5d:e2:81:73:f9:cf:d7:d7:61:1a:90:bf:d9:ce:26:96:ae:
08:48:b5:f9:47:09:4a:18:f9:42:8f:59:f9:9a:36:f5:b2:8e:
5a:7f:64:81:dc:6f:89:25:00:84:6d:7b:b5:bf:07:20:48:9d:
7b:3b:cd:ce:19:28:1e:84:90:96:a8:90:16:cc:b3:47:39:5b:
db:60:1d:03:c8:95:14:6b:c9:ba:c7:09:09:71:f0:20:59:84:
3f:24:ef:7a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYwAXZLJ5d25g1b2CyCcIAOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMTI0MDgwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmZjYTE3YjNkY2ZjNDUyZDhhYmE2ZTdjNmJkMGViOThhYTM2ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRZ/8sqidG5CJYe0XkHV3aooJcrj
QiSgZqmSbeLLn1bbrE6+jQ1b+3XcREiF93ie2BAPgqgdjaVBmFHhSrWL7w3LNHR7
w3Qe7nx/maJqkmNenQjOpEVhPzeNsW1H7RfSsTkt/HWCt6hLgQa70vyIW5x9qPLZ
P2303/1ola1znIrLnNKCRPya3TTm+DGLh4Pue+i1rh9et+RcJgBVbq1Ob8BB3c49
xNlAyRMdiQUNyKweUMXNNHJvkw1W45zCZj1zaSSdzwK/WpFpCtPvI3PRanpll2ub
WgwTId61vNRLwL5RUcb+6NOQGIdiChFLKF+CSsoPaxwRaOpn9W8rVfQQjwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFG/8oXs9z8RS2Kum58a9DrmKo2+dMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYl95aGV6M1B4RkxZcTZibnhyME91WXFqYjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBADA
RwADBADApQMDBAHApYYDBADBtSIDBADBtxQDBADBtzEDBADBtzsDBADB6gMDBADB
6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkDBADCRLUDBAHCRwADBAHCZxADBADC
Z18DBADCZ5EDBADCZ8UDBADChKQDBADChKYDBADChLowDQYJKoZIhvcNAQELBQAD
ggEBAHH2Z+jy2h56nIbYfCu+3nHSDIl2oXDFVVCcpc1dh/tc+V+ymYWzATkqW7Oc
eld6jgX/sb4L0MaCSu5ThPJ3chSpj3nNgUbHAgIGra5tZPA5tHUIH0hRHFekwSmd
KoK2b2tR6PvpKLJ0lYeSAvCs+oDCXwveSvxLLtCLFrK+Q+Zsz7+VwfwsktU64ExK
E7X350S1epauw7AhDt6uHslMJGaaaWFd4oFz+c/X12EakL/ZziaWrghItflHCUoY
+UKPWfmaNvWyjlp/ZIHcb4klAIRte7W/ByBInXs7zc4ZKB6EkJaokBbMs0c5W9tg
HQPIlRRrybrHCQlx8CBZhD8k73o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:40 2025 by rpki-client