Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/SY-ofIawkb-ikEY4Qvni6tMDm2Q.roa
File: SY-ofIawkb-ikEY4Qvni6tMDm2Q.roa (raw, json)
Hash identifier: F83TLt+VrZebulC2I+HjA2KeL+UjxZySbxxgb1eGRjU=
Subject key identifier: 49:8F:A8:7C:86:B0:91:BF:A2:90:46:38:42:F9:E2:EA:D3:03:9B:64
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 0B0B8CCF
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/SY-ofIawkb-ikEY4Qvni6tMDm2Q.roa
Signing time: Sat 01 Jan 2022 10:57:42 +0000
ROA not before: Sat 01 Jan 2022 10:57:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208988
IP address blocks: 185.44.4.0/22 maxlen: 22
37.10.110.0/23 maxlen: 23
85.190.184.0/21 maxlen: 21
91.208.17.0/24 maxlen: 24
185.123.4.0/22 maxlen: 22
37.10.68.0/23 maxlen: 23
94.126.36.0/22 maxlen: 22
31.214.150.0/23 maxlen: 23
185.50.108.0/22 maxlen: 22
62.221.228.0/22 maxlen: 22
185.125.232.0/22 maxlen: 22
128.0.120.0/23 maxlen: 23
85.222.208.0/20 maxlen: 20
2a01:71a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 185306319 (0xb0b8ccf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Jan 1 10:57:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=498fa87c86b091bfa290463842f9e2ead3039b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0a:26:4c:77:23:53:11:a9:56:b7:ec:18:42:
4e:e6:2b:f5:d3:52:f4:b1:f5:cb:83:77:62:8f:bb:
bf:80:8b:93:3e:fe:d7:ba:ea:d1:36:76:82:79:ee:
d8:08:07:28:7b:10:0c:48:4f:a7:e6:39:7b:f1:99:
c2:2a:94:45:63:9c:db:1c:a9:3a:f3:c3:84:1f:a4:
ad:a7:fc:a7:3e:61:78:fe:d4:a1:9b:4a:c9:fc:6b:
f2:59:67:cb:c0:a1:98:3e:f5:56:5a:77:ce:80:35:
24:1f:d5:66:28:b4:de:73:ed:71:22:c6:88:13:1a:
53:6c:0c:e1:a8:4e:e6:3e:03:dc:01:a9:3e:d2:d7:
1a:cb:8a:61:15:36:c0:f1:0b:49:b6:fb:64:33:cf:
42:48:ba:86:b0:3d:6b:83:97:3e:08:0a:72:4f:86:
66:56:4c:b2:8c:eb:35:e4:b0:7c:a5:eb:35:67:d4:
c2:a0:ca:1c:90:b1:82:ad:8d:c9:4b:ab:67:0d:8a:
c5:ba:dd:29:81:de:f2:19:bd:07:78:28:bb:ad:6f:
70:11:83:40:fc:40:d7:c9:a7:89:01:fa:30:3c:3d:
09:fd:60:17:46:9f:f8:51:0d:23:a8:0d:94:d3:58:
38:c3:e8:1a:28:b3:e3:bf:1b:0d:48:15:b5:ac:1b:
6a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:8F:A8:7C:86:B0:91:BF:A2:90:46:38:42:F9:E2:EA:D3:03:9B:64
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/SY-ofIawkb-ikEY4Qvni6tMDm2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.150.0/23
37.10.68.0/23
37.10.110.0/23
62.221.228.0/22
85.190.184.0/21
85.222.208.0/20
91.208.17.0/24
94.126.36.0/22
128.0.120.0/23
185.44.4.0/22
185.50.108.0/22
185.123.4.0/22
185.125.232.0/22
IPv6:
2a01:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
50:51:9b:10:b6:b2:b4:c9:36:89:7b:91:ff:1a:e9:7f:72:a2:
ae:15:9e:00:96:5f:c5:be:a5:4d:a4:90:86:1f:b0:d6:46:aa:
99:52:8f:5e:43:d4:e6:e0:fa:17:01:ac:0d:14:7b:0e:0a:4a:
16:a2:31:e2:3f:2d:25:78:59:f2:73:d9:30:ac:13:d7:d8:7c:
15:5c:bb:de:6c:58:ff:88:1a:07:e1:d9:da:f7:07:33:84:4d:
03:25:50:71:60:d2:90:ec:7c:ea:db:67:79:6c:30:50:13:66:
0f:08:b0:59:20:66:99:66:64:65:fe:f8:12:a0:f4:46:bc:18:
b6:10:01:a4:ce:36:91:6f:00:45:e6:ef:26:47:94:ba:71:c8:
fa:bb:ec:aa:2e:e4:fc:f3:68:7a:58:4d:94:3c:78:27:1e:b0:
8c:d0:68:2e:1c:4e:46:9b:e0:cd:84:32:16:27:f6:f9:0e:4e:
c2:e9:e0:b8:c4:1f:e4:d7:e9:fd:5a:94:c6:83:b4:12:5b:75:
62:62:40:3f:c2:39:c2:4c:13:ae:8a:70:be:77:00:61:60:07:
01:e2:b0:f4:8a:2c:63:2d:5e:c6:4f:4e:39:db:24:de:ae:fd:
28:f3:ab:95:56:cc:48:6c:ea:57:4a:73:82:87:d8:58:c0:6f:
ae:ff:54:f4
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIECwuMzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODZkMTg0MDQ5M2VlZTM0NWY4YzAyYWQ4YWE3ZjBmMGY0MWJhNDUwMB4XDTIyMDEw
MTEwNTc0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk4ZmE4N2M4NmIw
OTFiZmEyOTA0NjM4NDJmOWUyZWFkMzAzOWI2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoKJkx3I1MRqVa37BhCTuYr9dNS9LH1y4N3Yo+7v4CLkz7+
17rq0TZ2gnnu2AgHKHsQDEhPp+Y5e/GZwiqURWOc2xypOvPDhB+kraf8pz5heP7U
oZtKyfxr8llny8ChmD71Vlp3zoA1JB/VZii03nPtcSLGiBMaU2wM4ahO5j4D3AGp
PtLXGsuKYRU2wPELSbb7ZDPPQki6hrA9a4OXPggKck+GZlZMsozrNeSwfKXrNWfU
wqDKHJCxgq2NyUurZw2KxbrdKYHe8hm9B3gou61vcBGDQPxA18mniQH6MDw9Cf1g
F0af+FENI6gNlNNYOMPoGiiz478bDUgVtawbaskCAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBRJj6h8hrCRv6KQRjhC+eLq0wObZDAfBgNVHSMEGDAWgBRobRhAST7uNF+M
Aq2Kp/Dw9BukUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FHMFlRRWstN2pSZmpBS3RpcWZ3OFBRYnBGQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvZTQyZWNmLTc4ZmYtNGI1OC04NzYwLTgyNmQwNWNjZmUyNS8x
L1NZLW9mSWF3a2ItaWtFWTRRdm5pNnRNRG0yUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
ZTQyZWNmLTc4ZmYtNGI1OC04NzYwLTgyNmQwNWNjZmUyNS8xL2FHMFlRRWstN2pS
ZmpBS3RpcWZ3OFBRYnBGQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEAR/WlgMEASUKRAMEASUKbgMEAj7d
5AMEA1W+uAMEBFXe0AMEAFvQEQMEAl5+JAMEAYAAeAMEArksBAMEArkybAMEArl7
BAMEArl96DANBAIAAjAHAwUAKgFxoDANBgkqhkiG9w0BAQsFAAOCAQEAUFGbELay
tMk2iXuR/xrpf3KirhWeAJZfxb6lTaSQhh+w1kaqmVKPXkPU5uD6FwGsDRR7DgpK
FqIx4j8tJXhZ8nPZMKwT19h8FVy73mxY/4gaB+HZ2vcHM4RNAyVQcWDSkOx86ttn
eWwwUBNmDwiwWSBmmWZkZf74EqD0RrwYthABpM42kW8ARebvJkeUunHI+rvsqi7k
/PNoelhNlDx4Jx6wjNBoLhxORpvgzYQyFif2+Q5OwunguMQf5Nfp/VqUxoO0Elt1
YmJAP8I5wkwTropwvncAYWAHAeKw9IosYy1exk9OOdsk3q79KPOrlVbMSGzqV0pz
gofYWMBvrv9U9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:46 2024 by rpki-client on console-ams.rpki-client.org