Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Y3bcoiUDM5Of-L2bJhzT3-wm61I.roa
File: Y3bcoiUDM5Of-L2bJhzT3-wm61I.roa (raw, json)
Hash identifier: LQz5hYaWxqPTqLDtd0jC6CKEeIyx1jdH54Ns5N6GsiI=
Subject key identifier: 63:76:DC:A2:25:03:33:93:9F:F8:BD:9B:26:1C:D3:DF:EC:26:EB:52
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 05B019C5
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Y3bcoiUDM5Of-L2bJhzT3-wm61I.roa
Signing time: Sat 29 Jan 2022 06:45:57 +0000
ROA not before: Sat 29 Jan 2022 06:45:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 93.152.210.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95427013 (0x5b019c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 29 06:45:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6376dca2250333939ff8bd9b261cd3dfec26eb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ff:a7:57:39:30:5d:32:22:5b:e8:9f:2c:9b:
7b:7c:a9:c6:8d:88:ef:e6:ec:a5:5a:39:c9:47:a6:
e3:6a:bd:70:cb:e2:06:34:e7:4c:e0:c8:59:2d:73:
60:b9:fd:7c:91:75:1c:44:36:5d:50:fe:8d:09:2c:
f6:75:e7:d2:1a:37:ff:51:0a:88:c8:3e:38:5f:79:
25:98:83:c1:73:b0:9b:3c:d3:5a:49:a9:9d:08:87:
69:59:d8:e5:31:89:5b:cd:6e:8e:d7:96:18:71:a3:
93:34:ba:31:ab:dd:72:f7:2a:e4:c0:52:92:16:80:
9a:43:41:65:94:b8:9d:b2:d8:02:7e:68:56:e2:69:
58:f6:4c:2d:59:26:e5:ba:c3:7a:8a:a8:4d:72:3a:
35:19:24:52:15:cd:25:f0:1a:5f:6e:fa:e3:b8:71:
87:9c:91:24:f9:cf:d2:63:a2:e1:9f:1a:18:26:28:
56:08:47:da:22:e3:43:02:35:aa:e8:dc:8b:89:bc:
17:cb:95:4d:05:ab:d9:dd:08:fe:77:29:c3:72:1d:
b9:ac:e3:bc:c8:c9:f7:10:5d:65:4d:dd:9e:35:d4:
e1:eb:2e:68:03:11:81:d0:f2:14:77:4e:ac:6c:1e:
49:88:13:5c:98:49:d8:01:d8:bd:e4:fb:28:45:b7:
e3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:76:DC:A2:25:03:33:93:9F:F8:BD:9B:26:1C:D3:DF:EC:26:EB:52
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Y3bcoiUDM5Of-L2bJhzT3-wm61I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.156.0/24
93.152.210.0/24
93.152.218.0/24
93.152.223.0/24
93.152.226.0/23
93.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:5f:91:c2:04:d4:d5:6a:74:ab:e3:2f:8f:2d:d0:f7:27:f4:
b9:eb:e0:81:7b:2f:a1:e4:7a:e7:1d:71:65:7e:39:1a:43:e3:
0d:b6:9f:84:d4:22:71:9d:b8:b8:74:22:f6:2d:ec:2e:9c:8c:
a7:07:32:16:19:aa:5f:ec:e4:99:a6:8e:9b:4a:81:d3:a8:53:
3d:8b:91:6f:1c:15:24:ea:f5:2e:34:7e:76:8c:c8:24:fe:03:
12:b3:4d:f3:b8:4f:45:74:b9:a6:f9:db:43:97:83:8a:d2:b5:
52:9d:48:a5:e5:35:35:af:97:9b:9c:27:11:79:68:4f:99:60:
a2:f4:d7:07:e8:dd:b0:1e:98:37:78:a0:86:4a:bd:c2:40:07:
37:e0:91:d6:04:4c:00:2c:fe:fc:29:33:b6:40:ed:74:e7:ee:
02:76:09:7d:c4:8c:b7:71:ef:b1:b3:f7:da:02:53:b0:8a:b0:
4b:8b:15:18:6c:81:fb:59:6c:91:b5:93:9d:18:8f:88:11:ec:
5a:61:27:7e:22:fe:e4:0a:2a:88:a4:0e:a2:08:79:e8:88:c4:
22:3e:d4:f4:d9:c0:aa:05:fe:99:ec:9d:9d:ef:08:a3:e8:69:
34:7e:f8:3a:5c:db:95:bc:b0:7c:c4:d7:12:f9:92:8b:6d:4e:
99:6a:d3:4e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBbAZxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDEy
OTA2NDU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM3NmRjYTIyNTAz
MzM5MzlmZjhiZDliMjYxY2QzZGZlYzI2ZWI1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMX/p1c5MF0yIlvonyybe3ypxo2I7+bspVo5yUem42q9cMvi
BjTnTODIWS1zYLn9fJF1HEQ2XVD+jQks9nXn0ho3/1EKiMg+OF95JZiDwXOwmzzT
WkmpnQiHaVnY5TGJW81ujteWGHGjkzS6Mavdcvcq5MBSkhaAmkNBZZS4nbLYAn5o
VuJpWPZMLVkm5brDeoqoTXI6NRkkUhXNJfAaX27647hxh5yRJPnP0mOi4Z8aGCYo
VghH2iLjQwI1qujci4m8F8uVTQWr2d0I/ncpw3IduazjvMjJ9xBdZU3dnjXU4esu
aAMRgdDyFHdOrGweSYgTXJhJ2AHYveT7KEW348MCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRjdtyiJQMzk5/4vZsmHNPf7CbrUjAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L1kzYmNvaVVETTVPZi1MMmJKaHpUMy13bTYxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAE6fnAMEAF2Y0gMEAF2Y2gMEAF2Y
3wMEAV2Y4gMEAF2Y5jANBgkqhkiG9w0BAQsFAAOCAQEADV+RwgTU1Wp0q+Mvjy3Q
9yf0uevggXsvoeR65x1xZX45GkPjDbafhNQicZ24uHQi9i3sLpyMpwcyFhmqX+zk
maaOm0qB06hTPYuRbxwVJOr1LjR+dozIJP4DErNN87hPRXS5pvnbQ5eDitK1Up1I
peU1Na+Xm5wnEXloT5lgovTXB+jdsB6YN3ighkq9wkAHN+CR1gRMACz+/CkztkDt
dOfuAnYJfcSMt3HvsbP32gJTsIqwS4sVGGyB+1lskbWTnRiPiBHsWmEnfiL+5Aoq
iKQOogh56IjEIj7U9NnAqgX+meydne8Io+hpNH74OlzblbywfMTXEvmSi21OmWrT
Tg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org