Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hy06Go8vr4vX70Fu1pzPk45vaqQ.roa
File: hy06Go8vr4vX70Fu1pzPk45vaqQ.roa (raw, json)
Hash identifier: wnD3vOG9RW5SAD4lSjV2fFfCqnwfTLM8qkflDHqc0Vg=
Subject key identifier: 87:2D:3A:1A:8F:2F:AF:8B:D7:EF:41:6E:D6:9C:CF:93:8E:6F:6A:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018258DFE18A98899AE4D7336E916F112F8F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hy06Go8vr4vX70Fu1pzPk45vaqQ.roa
Signing time: Mon 01 Aug 2022 10:07:23 +0000
ROA not before: Mon 01 Aug 2022 10:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 194.68.127.0/24 maxlen: 24
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
194.103.240.0/20 maxlen: 20
192.165.12.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:df:e1:8a:98:89:9a:e4:d7:33:6e:91:6f:11:2f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 1 10:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=872d3a1a8f2faf8bd7ef416ed69ccf938e6f6aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:f5:32:65:88:f8:5f:f3:ad:5f:47:05:78:
07:64:74:bb:39:8a:53:54:ff:ce:fd:7b:6e:c1:52:
60:0c:af:33:11:4f:35:52:a8:fc:ab:2e:84:58:ca:
c6:f7:9e:05:3c:6e:06:16:45:e6:3d:fd:6c:18:98:
3b:97:0a:9c:b0:6f:34:3c:e7:32:fb:85:c7:17:3f:
b1:e1:52:cb:c5:cd:b3:25:be:66:85:8e:a7:44:04:
af:e2:b6:68:45:74:d7:2b:f9:22:14:58:dd:a2:dc:
a0:03:9b:08:84:27:f3:b8:9e:61:ab:74:b0:41:2c:
00:61:90:38:84:73:7a:07:84:de:d5:a6:2f:75:bb:
13:64:a4:b2:cd:08:64:5a:15:8a:11:5a:a7:3e:25:
34:69:18:d7:5e:b8:91:62:89:f5:b4:ac:7f:91:f8:
73:36:f0:a0:2b:ed:88:56:03:c6:c2:ba:d8:ea:4d:
a6:f8:e9:df:9b:41:b1:89:23:38:53:4f:69:d6:76:
5a:3b:d5:01:9a:87:79:b7:b2:2f:a3:5f:e3:b4:e5:
8b:54:4a:6e:61:da:9b:8e:bc:69:23:cc:1d:dc:b4:
1d:69:5a:bf:af:e9:88:0d:8a:b5:4e:f4:b8:33:73:
4f:b2:e1:1a:5f:42:a8:ae:ab:c1:69:f2:2b:bc:db:
1c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2D:3A:1A:8F:2F:AF:8B:D7:EF:41:6E:D6:9C:CF:93:8E:6F:6A:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hy06Go8vr4vX70Fu1pzPk45vaqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.180.0/24
192.176.124.0/24
193.180.7.0/24
193.182.152.0/23
193.183.228.0/22
193.183.236.0/23
194.68.127.0/24
194.103.240.0/20
Signature Algorithm: sha256WithRSAEncryption
09:33:18:35:70:87:df:52:b3:2f:1a:be:fd:2d:14:6d:37:ab:
1f:40:7e:f5:71:3f:c0:b5:02:54:17:01:3b:27:27:f4:07:c1:
41:00:88:f1:f7:bd:63:82:85:43:6e:c1:4d:11:ab:80:04:9e:
26:ce:f9:62:06:74:b1:4f:99:1f:86:39:c6:16:ab:e5:87:14:
43:4d:e4:4a:e7:2f:41:73:08:23:f5:46:11:12:11:fb:a1:a1:
42:c3:df:92:37:06:91:e2:21:53:17:27:0d:4c:d6:76:56:6d:
5c:b4:87:b1:54:09:a7:dc:95:29:90:7e:7b:31:04:31:8c:99:
21:1b:1d:8e:e2:b2:34:39:8d:db:b7:7c:62:2a:5f:08:71:a6:
9a:bd:b3:4b:ae:0f:5e:1f:13:66:6e:c2:e7:eb:d1:ed:10:78:
44:3a:7d:03:74:4e:ef:d8:13:1c:5c:2d:49:fa:55:96:27:ca:
f5:21:ac:c3:29:bd:b6:43:92:e3:8a:b3:eb:04:4e:eb:5d:e2:
26:fd:ac:f6:68:b8:3c:29:87:70:8a:8f:34:35:a7:ab:7a:55:
59:bc:22:55:e1:6d:62:44:07:1d:52:4a:9b:61:02:22:95:49:
bf:44:ff:09:ba:07:f7:96:e7:c9:ef:23:b9:6c:48:25:d7:61:
0f:77:4c:cf
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYJY3+GKmIma5NczbpFvES+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIwODAxMTAwNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJkM2ExYThmMmZhZjhiZDdlZjQxNmVkNjljY2Y5MzhlNmY2YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjb1MmWI+F/zrV9HBXgHZHS7OYpT
VP/O/XtuwVJgDK8zEU81Uqj8qy6EWMrG954FPG4GFkXmPf1sGJg7lwqcsG80POcy
+4XHFz+x4VLLxc2zJb5mhY6nRASv4rZoRXTXK/kiFFjdotygA5sIhCfzuJ5hq3Sw
QSwAYZA4hHN6B4Te1aYvdbsTZKSyzQhkWhWKEVqnPiU0aRjXXriRYon1tKx/kfhz
NvCgK+2IVgPGwrrY6k2m+Onfm0GxiSM4U09p1nZaO9UBmod5t7Ivo1/jtOWLVEpu
YdqbjrxpI8wd3LQdaVq/r+mIDYq1TvS4M3NPsuEaX0KorqvBafIrvNsclwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFIctOhqPL6+L1+9Bbtacz5OOb2qkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaHkwNkdvOHZyNHZYNzBGdTFwelBrNDV2YXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAwHkoMAwD
BAHAeTIDBADAeTQDBADAeXMDBADAeeUDBADApQwDBADApbQDBADAsHwDBADBtAcD
BAHBtpgDBALBt+QDBAHBt+wDBADCRH8DBATCZ/AwDQYJKoZIhvcNAQELBQADggEB
AAkzGDVwh99Ssy8avv0tFG03qx9AfvVxP8C1AlQXATsnJ/QHwUEAiPH3vWOChUNu
wU0Rq4AEnibO+WIGdLFPmR+GOcYWq+WHFENN5ErnL0FzCCP1RhESEfuhoULD35I3
BpHiIVMXJw1M1nZWbVy0h7FUCafclSmQfnsxBDGMmSEbHY7isjQ5jdu3fGIqXwhx
ppq9s0uuD14fE2Zuwufr0e0QeEQ6fQN0Tu/YExxcLUn6VZYnyvUhrMMpvbZDkuOK
s+sETutd4ib9rPZouDwph3CKjzQ1p6t6VVm8IlXhbWJEBx1SSpthAiKVSb9E/wm6
B/eW58nvI7lsSCXXYQ93TM8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org