Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/yWL19tME5IC5muhLOotnBLPkXSs.roa
File: yWL19tME5IC5muhLOotnBLPkXSs.roa (raw, json)
Hash identifier: 1ubqnfqrjRNBjPa4r2yitfGdQs7BG+P09VZrR4MQPCI=
Subject key identifier: C9:62:F5:F6:D3:04:E4:80:B9:9A:E8:4B:3A:8B:67:04:B3:E4:5D:2B
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 7545FC
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/yWL19tME5IC5muhLOotnBLPkXSs.roa
Signing time: Thu 24 Mar 2022 08:03:49 +0000
ROA not before: Thu 24 Mar 2022 08:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35533
IP address blocks: 194.187.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7685628 (0x7545fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Mar 24 08:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c962f5f6d304e480b99ae84b3a8b6704b3e45d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:32:fc:11:f4:65:c0:25:db:39:93:6d:d9:8e:
2c:db:85:6b:52:4d:bc:e6:0e:67:3b:f1:9e:9f:5a:
33:92:e1:46:ac:08:dd:83:62:32:8d:ff:ff:ae:ce:
05:af:71:e3:f1:ab:ba:64:90:a2:00:cd:cc:a2:84:
e1:37:2f:4e:64:e4:07:08:74:3d:04:f2:6c:1c:7e:
8f:c9:75:ee:2e:cf:bf:61:95:9f:0a:7e:7c:c1:1c:
44:94:a5:ae:04:5d:31:26:a3:c9:89:00:f8:4e:a9:
2d:a3:e1:0e:40:df:42:e9:64:b5:15:5d:1b:e2:6a:
23:93:8b:eb:a4:b1:57:3e:d4:5a:6b:4c:12:da:ed:
43:5d:dc:0b:fb:c0:29:8a:08:b5:9f:da:ab:f6:ea:
e0:12:45:3f:65:02:62:6a:20:aa:55:33:05:b7:dc:
44:ed:e6:27:31:b9:c1:3a:18:af:7b:15:32:b8:60:
b4:c6:a1:d6:7c:4b:42:3d:c9:ab:03:f9:00:ba:bc:
db:52:70:f0:56:68:d1:70:92:20:db:a2:6c:da:b4:
46:c8:6a:c1:be:f5:ea:38:59:ff:e3:95:7e:70:88:
d6:0f:36:84:70:68:59:1b:51:cc:5e:c5:02:4a:65:
64:04:a8:dc:8f:00:6c:37:1e:7f:05:3a:cf:28:0e:
68:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:62:F5:F6:D3:04:E4:80:B9:9A:E8:4B:3A:8B:67:04:B3:E4:5D:2B
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/yWL19tME5IC5muhLOotnBLPkXSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.148.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:ae:fd:91:84:19:db:c7:69:58:e1:eb:2b:92:31:ec:0a:7d:
82:bb:53:8a:3e:04:40:ef:de:24:38:6c:e3:ee:5a:ce:81:7b:
7a:5c:f2:5b:bb:b1:73:f0:9f:dd:6e:e8:29:fa:bf:66:91:c7:
97:7c:21:fa:e9:99:a2:97:54:33:f1:9c:a4:85:9c:27:ba:10:
28:4d:34:a9:5f:b0:ab:db:18:be:48:c6:44:63:28:30:8c:9e:
29:c5:e6:d8:30:83:b6:c2:4e:e0:f0:fb:27:d3:af:5b:eb:07:
54:eb:c3:df:4f:6c:07:39:44:71:53:a2:b6:5c:13:60:e3:ad:
7e:9b:d0:46:e9:c3:2a:b5:52:b8:d6:9e:c9:dc:78:66:e1:b2:
1d:ae:b8:ba:ff:52:80:52:07:ba:4f:c4:79:7d:91:df:7b:44:
64:2b:2c:23:62:fe:fc:4b:75:57:55:66:46:58:e6:2c:4a:45:
21:e3:b4:07:1d:ce:29:a2:f1:3b:1e:59:bc:f3:29:8f:61:84:
60:4a:54:a9:a9:c7:6a:58:20:8f:24:9b:92:d8:9b:77:e2:70:
df:9c:57:3b:db:50:60:cc:88:a9:d1:b6:1a:6e:15:fd:c7:db:
6f:00:a4:59:3b:51:0f:af:a7:2c:b0:fb:0a:cb:27:2b:ca:59:
1c:df:95:36
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDdUX8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNm
MWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVhZGZhMDAwHhcNMjIwMzI0
MDgwMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjOTYyZjVmNmQzMDRl
NDgwYjk5YWU4NGIzYThiNjcwNGIzZTQ1ZDJiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmjL8EfRlwCXbOZNt2Y4s24VrUk285g5nO/Gen1ozkuFGrAjd
g2Iyjf//rs4Fr3Hj8au6ZJCiAM3MooThNy9OZOQHCHQ9BPJsHH6PyXXuLs+/YZWf
Cn58wRxElKWuBF0xJqPJiQD4Tqkto+EOQN9C6WS1FV0b4mojk4vrpLFXPtRaa0wS
2u1DXdwL+8Apigi1n9qr9urgEkU/ZQJiaiCqVTMFt9xE7eYnMbnBOhivexUyuGC0
xqHWfEtCPcmrA/kAurzbUnDwVmjRcJIg26Js2rRGyGrBvvXqOFn/45V+cIjWDzaE
cGhZG1HMXsUCSmVkBKjcjwBsNx5/BTrPKA5o+wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMli9fbTBOSAuZroSzqLZwSz5F0rMB8GA1UdIwQYMBaAFM8d9mZ9o45XolsZ
RfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
engzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJjLzEv
eVdMMTl0TUU1SUM1bXVoTE9vdG5CTFBrWFNzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
NTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJjLzEvengzMlpuMmpqbGVp
V3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwruUMA0GCSqGSIb3DQEBCwUAA4IB
AQC8rv2RhBnbx2lY4esrkjHsCn2Cu1OKPgRA794kOGzj7lrOgXt6XPJbu7Fz8J/d
bugp+r9mkceXfCH66Zmil1Qz8ZykhZwnuhAoTTSpX7Cr2xi+SMZEYygwjJ4pxebY
MIO2wk7g8Psn069b6wdU68PfT2wHOURxU6K2XBNg461+m9BG6cMqtVK41p7J3Hhm
4bIdrri6/1KAUge6T8R5fZHfe0RkKywjYv78S3VXVWZGWOYsSkUh47QHHc4povE7
Hlm88ymPYYRgSlSpqcdqWCCPJJuS2Jt34nDfnFc721BgzIip0bYabhX9x9tvAKRZ
O1EPr6cssPsKyycrylkc35U2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:06 2023 by rpki-client on console-fra.rpki-client.org