Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/f08716-4d2a-46ed-bded-af3e7d42968d/1/Y3HBCaxoVN6kfhCnalAz1I8emtE.roa
File: Y3HBCaxoVN6kfhCnalAz1I8emtE.roa (raw, json)
Hash identifier: GTD2zJ8aGbcRb66vwJBIb6QYT0aV1+rPF4pytMHY1Mc=
Subject key identifier: 63:71:C1:09:AC:68:54:DE:A4:7E:10:A7:6A:50:33:D4:8F:1E:9A:D1
Certificate issuer: /CN=994aadef709be37b9ccd42cc2b8c732c397150fa
Certificate serial: 05E41F62
Authority key identifier: 99:4A:AD:EF:70:9B:E3:7B:9C:CD:42:CC:2B:8C:73:2C:39:71:50:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUqt73Cb43uczULMK4xzLDlxUPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/f08716-4d2a-46ed-bded-af3e7d42968d/1/Y3HBCaxoVN6kfhCnalAz1I8emtE.roa
Signing time: Sat 01 Jan 2022 10:03:58 +0000
ROA not before: Sat 01 Jan 2022 10:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59780
IP address blocks: 85.115.216.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98836322 (0x5e41f62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=994aadef709be37b9ccd42cc2b8c732c397150fa
Validity
Not Before: Jan 1 10:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6371c109ac6854dea47e10a76a5033d48f1e9ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:86:e2:0a:3b:0a:fc:96:31:56:28:49:8c:
19:ad:a0:8e:d2:67:a9:cb:7b:c2:4d:c8:9d:f0:7c:
c6:85:a2:d1:00:33:18:88:e7:b2:18:23:d7:12:a6:
d7:e6:5a:ff:24:5a:c8:d5:d2:2e:3c:32:7e:45:c9:
9f:bb:02:f9:ec:71:70:22:4d:b9:7f:d8:7c:1b:1c:
51:dc:99:b7:b6:9a:30:41:84:bd:f1:c2:66:ee:25:
78:5f:4b:00:b1:81:14:10:3b:db:34:d0:84:30:fa:
ad:a0:7b:c8:9e:c4:55:1a:36:da:09:33:48:f4:c8:
60:36:e3:19:5d:37:12:c4:14:b0:b6:61:6b:b3:08:
99:3d:7e:03:f4:fc:0b:15:c6:1c:76:59:fc:41:29:
74:9f:1a:bc:d7:6d:37:ad:e3:de:8c:23:5e:34:65:
91:ff:40:f9:f6:05:e8:d8:e5:bc:12:d7:6d:af:04:
41:9b:a1:0f:68:7b:01:43:fc:ed:b4:4c:f6:83:62:
7f:15:7c:86:2e:b0:0d:76:ba:a6:66:5d:ce:7d:dd:
2e:b4:26:19:13:a5:34:cd:0a:0e:e6:22:aa:e2:2f:
32:98:58:14:c4:c6:ca:00:b1:ec:28:16:36:59:65:
9b:f2:6b:11:31:b1:cf:16:3e:7e:9a:d0:a1:df:b4:
75:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:71:C1:09:AC:68:54:DE:A4:7E:10:A7:6A:50:33:D4:8F:1E:9A:D1
X509v3 Authority Key Identifier:
keyid:99:4A:AD:EF:70:9B:E3:7B:9C:CD:42:CC:2B:8C:73:2C:39:71:50:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUqt73Cb43uczULMK4xzLDlxUPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f08716-4d2a-46ed-bded-af3e7d42968d/1/Y3HBCaxoVN6kfhCnalAz1I8emtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f08716-4d2a-46ed-bded-af3e7d42968d/1/mUqt73Cb43uczULMK4xzLDlxUPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.216.0/22
Signature Algorithm: sha256WithRSAEncryption
29:c9:ae:8c:21:57:a8:e8:b5:c3:ae:62:0e:1d:3c:bc:76:d4:
2e:25:9d:df:d9:5e:de:d0:ee:15:c0:11:1e:2a:b3:38:16:41:
81:23:e8:7e:c9:92:81:28:aa:20:b0:86:2b:a7:f6:f0:f1:83:
62:14:97:ca:0b:95:0c:19:39:5e:b7:ec:d7:9b:07:52:d8:2d:
5d:a1:2d:38:42:6e:fd:9a:55:1e:9c:d8:50:ff:fa:7d:90:0c:
b8:0a:3b:0c:2f:05:7f:da:dc:5c:cd:3f:c0:c4:d3:05:af:3e:
54:55:34:29:be:4c:71:bf:e8:1b:92:ed:60:ad:13:db:f0:99:
d8:f4:4b:bd:f8:12:7b:ce:3b:79:c4:d5:ee:9e:f4:f3:c1:21:
0f:dc:ed:ab:53:17:22:99:94:82:c5:1d:5a:d6:71:8f:df:9b:
04:cf:66:51:b5:88:05:39:36:f2:ae:8d:27:04:f5:6e:59:0e:
51:93:3b:c6:54:0b:46:45:85:e3:8b:85:e3:3f:eb:65:13:3d:
8c:bd:ea:07:d3:d6:86:8d:89:58:16:88:06:8d:5c:64:b2:31:
80:bf:f6:e0:50:60:ef:e5:65:74:f9:16:e8:da:3b:3d:77:a1:
74:e0:fa:42:76:4f:8f:54:03:9a:8a:ea:17:99:ad:a5:8f:22:
e2:48:32:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBeQfYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTRhYWRlZjcwOWJlMzdiOWNjZDQyY2MyYjhjNzMyYzM5NzE1MGZhMB4XDTIyMDEw
MTEwMDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM3MWMxMDlhYzY4
NTRkZWE0N2UxMGE3NmE1MDMzZDQ4ZjFlOWFkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmMhuIKOwr8ljFWKEmMGa2gjtJnqct7wk3InfB8xoWi0QAz
GIjnshgj1xKm1+Za/yRayNXSLjwyfkXJn7sC+exxcCJNuX/YfBscUdyZt7aaMEGE
vfHCZu4leF9LALGBFBA72zTQhDD6raB7yJ7EVRo22gkzSPTIYDbjGV03EsQUsLZh
a7MImT1+A/T8CxXGHHZZ/EEpdJ8avNdtN63j3owjXjRlkf9A+fYF6NjlvBLXba8E
QZuhD2h7AUP87bRM9oNifxV8hi6wDXa6pmZdzn3dLrQmGROlNM0KDuYiquIvMphY
FMTGygCx7CgWNlllm/JrETGxzxY+fprQod+0dUcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRjccEJrGhU3qR+EKdqUDPUjx6a0TAfBgNVHSMEGDAWgBSZSq3vcJvje5zN
QswrjHMsOXFQ+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21VcXQ3M0NiNDN1Y3pVTE1LNHh6TERseFVQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvZjA4NzE2LTRkMmEtNDZlZC1iZGVkLWFmM2U3ZDQyOTY4ZC8x
L1kzSEJDYXhvVk42a2ZoQ25hbEF6MUk4ZW10RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
ZjA4NzE2LTRkMmEtNDZlZC1iZGVkLWFmM2U3ZDQyOTY4ZC8xL21VcXQ3M0NiNDN1
Y3pVTE1LNHh6TERseFVQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlVz2DANBgkqhkiG9w0BAQsFAAOC
AQEAKcmujCFXqOi1w65iDh08vHbULiWd39le3tDuFcARHiqzOBZBgSPofsmSgSiq
ILCGK6f28PGDYhSXyguVDBk5Xrfs15sHUtgtXaEtOEJu/ZpVHpzYUP/6fZAMuAo7
DC8Ff9rcXM0/wMTTBa8+VFU0Kb5Mcb/oG5LtYK0T2/CZ2PRLvfgSe847ecTV7p70
88EhD9ztq1MXIpmUgsUdWtZxj9+bBM9mUbWIBTk28q6NJwT1blkOUZM7xlQLRkWF
44uF4z/rZRM9jL3qB9PWho2JWBaIBo1cZLIxgL/24FBg7+VldPkW6No7PXehdOD6
QnZPj1QDmorqF5mtpY8i4kgyTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:03 2024 by rpki-client on console-fra.rpki-client.org