Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2y19GVM7KvdtTP565oOaerkiiwI.roa
File: 2y19GVM7KvdtTP565oOaerkiiwI.roa (raw, json)
Hash identifier: yRWUcwdKrXRAdgI0PY6o1pc8kjUCmbt+F/DAgj1tnYo=
Subject key identifier: DB:2D:7D:19:53:3B:2A:F7:6D:4C:FE:7A:E6:83:9A:7A:B9:22:8B:02
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018453FA65E660841BE81A4ACD38462002F7
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2y19GVM7KvdtTP565oOaerkiiwI.roa
Signing time: Mon 07 Nov 2022 21:23:49 +0000
ROA not before: Mon 07 Nov 2022 21:23:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 164.215.96.0/22 maxlen: 22
46.23.100.0/22 maxlen: 22
85.158.148.0/22 maxlen: 22
5.178.2.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
5.10.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:53:fa:65:e6:60:84:1b:e8:1a:4a:cd:38:46:20:02:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 7 21:23:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db2d7d19533b2af76d4cfe7ae6839a7ab9228b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ac:64:e4:b8:e3:3c:6b:98:dd:f4:35:70:48:
d8:29:87:21:0b:6c:8a:20:e1:c7:ad:fe:44:05:07:
42:98:9f:30:1e:51:d1:f4:d2:e2:05:f4:e6:ca:c3:
68:10:0e:27:e2:17:68:b2:51:f9:b6:60:f5:47:fa:
6e:11:eb:e4:23:15:fc:0b:e1:a9:3c:f0:45:ad:bb:
c3:71:95:33:c5:fb:b4:f0:ee:2e:53:35:c5:19:d3:
d5:2a:d7:d2:6c:44:c0:aa:72:d6:50:8e:23:d8:5e:
f8:26:45:97:f9:d6:4c:ae:09:fc:82:b5:9f:a7:73:
69:af:af:ae:76:33:58:10:48:e8:c4:36:6d:5a:46:
08:c1:e9:6d:5d:f5:d5:2f:f5:2c:6b:86:bc:3f:67:
46:6b:9a:fc:7f:e9:c1:0c:fc:3d:30:66:02:52:e8:
b9:8c:5b:43:b5:7b:3c:02:7e:e9:8d:f8:72:bb:e1:
af:63:54:d6:81:58:ae:97:13:05:e8:e7:02:da:f5:
58:64:91:71:0d:d8:7d:17:f1:ad:5c:5b:55:73:9e:
2b:15:21:a7:9b:a3:a2:33:ae:84:e6:0a:f4:f0:eb:
87:44:9b:87:17:bb:cf:90:fd:10:54:25:95:60:ff:
fa:e1:3e:44:c6:2d:1a:f4:bf:e3:7f:aa:6c:c6:d5:
a8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2D:7D:19:53:3B:2A:F7:6D:4C:FE:7A:E6:83:9A:7A:B9:22:8B:02
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2y19GVM7KvdtTP565oOaerkiiwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/20
5.178.2.0/23
46.23.100.0/22
85.158.148.0/22
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
06:b6:1a:8d:c6:a0:3c:54:c9:91:06:a0:73:3b:bf:cc:f2:01:
ca:8c:69:e9:35:65:ef:7a:45:32:d1:d1:55:9c:49:db:f0:a4:
c0:d1:7d:2d:bb:53:88:ad:39:f1:bc:c4:bc:1e:c0:0f:96:a6:
c8:e8:df:61:e0:41:2e:1b:ac:9b:f2:1a:60:05:f0:a5:dc:fb:
6e:c2:bc:85:a1:cd:50:12:ad:6d:1f:fc:f1:5b:10:c2:a5:be:
6f:df:a3:aa:1b:37:be:5a:60:6a:8f:fa:63:98:4d:b9:dc:30:
d2:bb:80:82:fb:36:1d:b6:87:34:0f:0d:eb:84:48:72:5a:0f:
c2:87:62:44:09:3a:a1:3c:69:63:67:ef:74:28:99:db:bf:c1:
d9:42:bd:e8:16:e3:66:ef:ba:b4:b9:42:ca:f9:ac:f6:2c:db:
a7:7e:bd:ee:75:82:f0:78:47:87:56:a9:c7:1b:2c:01:c2:ab:
e9:7a:20:d1:d4:e0:04:74:7f:87:af:2b:06:3a:d2:b5:ab:f1:
06:70:42:95:d9:de:c7:b6:18:85:ac:e6:23:af:7e:93:be:3b:
fe:8b:16:26:47:ca:c2:e5:03:3f:e7:63:50:4b:64:49:6f:4a:
e7:18:85:31:af:70:27:26:92:3a:0c:43:38:a4:fb:a0:9b:af:
f8:29:2a:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYRT+mXmYIQb6BpKzThGIAL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTA3MjEyMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjJkN2QxOTUzM2IyYWY3NmQ0Y2ZlN2FlNjgzOWE3YWI5MjI4YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqxk5LjjPGuY3fQ1cEjYKYchC2yK
IOHHrf5EBQdCmJ8wHlHR9NLiBfTmysNoEA4n4hdoslH5tmD1R/puEevkIxX8C+Gp
PPBFrbvDcZUzxfu08O4uUzXFGdPVKtfSbETAqnLWUI4j2F74JkWX+dZMrgn8grWf
p3Npr6+udjNYEEjoxDZtWkYIweltXfXVL/Usa4a8P2dGa5r8f+nBDPw9MGYCUui5
jFtDtXs8An7pjfhyu+GvY1TWgViulxMF6OcC2vVYZJFxDdh9F/GtXFtVc54rFSGn
m6OiM66E5gr08OuHRJuHF7vPkP0QVCWVYP/64T5Exi0a9L/jf6psxtWokwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNstfRlTOyr3bUz+euaDmnq5IosCMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMnkxOUdWTTdLdmR0VFA1NjVvT2FlcmtpaXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBQrwAwQB
BbICAwQCLhdkAwQCVZ6UAwQCpNdgMA0GCSqGSIb3DQEBCwUAA4IBAQAGthqNxqA8
VMmRBqBzO7/M8gHKjGnpNWXvekUy0dFVnEnb8KTA0X0tu1OIrTnxvMS8HsAPlqbI
6N9h4EEuG6yb8hpgBfCl3PtuwryFoc1QEq1tH/zxWxDCpb5v36OqGze+WmBqj/pj
mE253DDSu4CC+zYdtoc0Dw3rhEhyWg/Ch2JECTqhPGljZ+90KJnbv8HZQr3oFuNm
77q0uULK+az2LNunfr3udYLweEeHVqnHGywBwqvpeiDR1OAEdH+HrysGOtK1q/EG
cEKV2d7HthiFrOYjr36Tvjv+ixYmR8rC5QM/52NQS2RJb0rnGIUxr3AnJpI6DEM4
pPugm6/4KSp+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org