Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/yNBRELJZ8nGrF92Y9pKwPELKHtU.roa
File: yNBRELJZ8nGrF92Y9pKwPELKHtU.roa (raw, json)
Hash identifier: vbQia+arLoNSGvORtSqKmjF+RLUpRP/wJeuQCtJlNsU=
Subject key identifier: C8:D0:51:10:B2:59:F2:71:AB:17:DD:98:F6:92:B0:3C:42:CA:1E:D5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 426D2A59
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/yNBRELJZ8nGrF92Y9pKwPELKHtU.roa
Signing time: Sat 01 Jan 2022 14:03:13 +0000
ROA not before: Sat 01 Jan 2022 14:03:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43893
IP address blocks: 192.165.66.0/24 maxlen: 24
194.103.4.0/24 maxlen: 24
194.103.221.0/24 maxlen: 24
194.103.17.0/24 maxlen: 24
192.165.30.0/24 maxlen: 24
194.71.161.0/24 maxlen: 24
194.71.162.0/24 maxlen: 24
194.132.80.0/24 maxlen: 24
193.234.52.0/24 maxlen: 24
194.132.82.0/23 maxlen: 23
193.234.53.0/24 maxlen: 24
192.121.13.0/24 maxlen: 24
194.132.30.0/24 maxlen: 24
192.121.62.0/24 maxlen: 24
192.71.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114450521 (0x426d2a59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8d05110b259f271ab17dd98f692b03c42ca1ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e4:8e:dd:69:46:f0:81:78:72:56:84:cb:9f:
2f:53:aa:ed:5f:4e:8a:6f:f3:85:8d:62:05:96:56:
db:3e:e8:2b:e1:4a:31:78:a4:f4:25:b1:06:b3:1c:
e4:ef:8a:45:88:8e:aa:ce:12:65:01:a5:bc:28:72:
8c:44:03:50:c8:54:2e:b5:98:17:f6:0a:fc:dc:e0:
a4:3e:fa:c1:ef:c5:17:bf:f5:10:42:7f:8f:10:51:
1b:a8:90:8e:a4:02:a3:e4:5c:95:7a:35:28:43:cf:
07:a5:c9:ed:db:d2:e0:84:d6:13:d0:9f:06:4d:bc:
61:0e:ec:24:26:ac:e8:7c:0c:96:fd:49:3c:26:65:
d1:ad:7c:a3:e3:2c:b7:56:a6:59:8d:cc:7b:e7:a2:
37:69:ac:77:6d:88:a0:2e:40:e3:a0:c3:27:21:fb:
6e:1a:93:1a:ee:39:06:e6:44:e4:b6:d9:bc:79:22:
bb:89:36:37:69:1d:ce:65:60:38:03:9d:80:6c:0c:
e9:60:da:ab:2d:a4:03:6d:34:9d:78:b1:5b:70:e6:
da:bf:21:03:6b:d1:af:57:8f:f7:ed:31:3b:5d:0f:
d9:fc:97:e7:f6:b3:47:81:8a:3d:f0:b3:16:5a:84:
df:54:df:1b:b7:2a:44:a3:55:6e:30:55:5a:bf:0a:
b6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D0:51:10:B2:59:F2:71:AB:17:DD:98:F6:92:B0:3C:42:CA:1E:D5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/yNBRELJZ8nGrF92Y9pKwPELKHtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.58.0/24
192.121.13.0/24
192.121.62.0/24
192.165.30.0/24
192.165.66.0/24
193.234.52.0/23
194.71.161.0-194.71.162.255
194.103.4.0/24
194.103.17.0/24
194.103.221.0/24
194.132.30.0/24
194.132.80.0/24
194.132.82.0/23
Signature Algorithm: sha256WithRSAEncryption
05:a1:c3:bc:6a:a0:b9:66:e8:9d:7f:5c:de:3e:5a:cd:0f:a1:
31:c7:fb:a8:66:1d:21:0b:f3:52:b2:49:b8:cc:8f:9a:b9:1d:
b8:c3:dd:17:37:77:6d:a2:c0:0d:99:59:94:ee:3e:ac:2e:e7:
95:ea:22:7e:a6:4c:65:8f:90:38:17:00:3d:d1:e8:02:ff:c0:
e0:03:34:3d:92:d8:34:eb:01:25:2e:92:75:67:92:73:64:ff:
b6:8b:0e:78:77:2f:71:b7:cf:0d:f1:0d:77:1b:17:8d:88:5e:
3a:f4:ea:99:08:2c:2d:28:8f:7b:99:b5:d6:fb:95:3c:11:07:
9e:62:81:a5:86:9f:0a:37:1c:7b:ff:8d:97:9c:ca:aa:fb:63:
f3:e5:2e:49:77:e4:88:77:ad:ee:59:49:a3:52:5a:02:a7:c8:
af:5c:07:98:15:2a:75:08:e5:bf:56:25:dd:f8:02:b8:07:28:
e3:e4:40:1d:25:15:01:8f:ef:6c:97:81:a3:73:08:70:40:8a:
1f:cb:c7:c8:62:19:11:e7:c7:78:02:ec:33:a4:e0:03:65:38:
fa:96:47:ac:18:01:e5:ce:c0:5e:52:b2:3c:c5:9d:6d:a8:0a:
23:5b:e0:a4:3e:5e:41:9b:dc:59:b9:d8:aa:a0:06:b7:c8:97:
66:c3:06:53
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIEQm0qWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhkMDUxMTBiMjU5
ZjI3MWFiMTdkZDk4ZjY5MmIwM2M0MmNhMWVkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTkjt1pRvCBeHJWhMufL1Oq7V9Oim/zhY1iBZZW2z7oK+FK
MXik9CWxBrMc5O+KRYiOqs4SZQGlvChyjEQDUMhULrWYF/YK/NzgpD76we/FF7/1
EEJ/jxBRG6iQjqQCo+RclXo1KEPPB6XJ7dvS4ITWE9CfBk28YQ7sJCas6HwMlv1J
PCZl0a18o+Mst1amWY3Me+eiN2msd22IoC5A46DDJyH7bhqTGu45BuZE5LbZvHki
u4k2N2kdzmVgOAOdgGwM6WDaqy2kA200nXixW3Dm2r8hA2vRr1eP9+0xO10P2fyX
5/azR4GKPfCzFlqE31TfG7cqRKNVbjBVWr8KtmsCAwEAAaOCAlkwggJVMB0GA1Ud
DgQWBBTI0FEQslnycasX3Zj2krA8Qsoe1TAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3lOQlJFTEpaOG5HckY5Mlk5cEt3UEVMS0h0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBv
BggrBgEFBQcBBwEB/wRgMF4wXAQCAAEwVgMEAMBHOgMEAMB5DQMEAMB5PgMEAMCl
HgMEAMClQgMEAcHqNDAMAwQAwkehAwQAwkeiAwQAwmcEAwQAwmcRAwQAwmfdAwQA
woQeAwQAwoRQAwQBwoRSMA0GCSqGSIb3DQEBCwUAA4IBAQAFocO8aqC5Zuidf1ze
PlrND6Exx/uoZh0hC/NSskm4zI+auR24w90XN3dtosANmVmU7j6sLueV6iJ+pkxl
j5A4FwA90egC/8DgAzQ9ktg06wElLpJ1Z5JzZP+2iw54dy9xt88N8Q13GxeNiF46
9OqZCCwtKI97mbXW+5U8EQeeYoGlhp8KNxx7/42XnMqq+2Pz5S5Jd+SId63uWUmj
UloCp8ivXAeYFSp1COW/ViXd+AK4Byjj5EAdJRUBj+9sl4GjcwhwQIofy8fIYhkR
58d4AuwzpOADZTj6lkesGAHlzsBeUrI8xZ1tqAojW+CkPl5Bm9xZudiqoAa3yJdm
wwZT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org