Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/533416-5192-4944-ab50-813c76ff40b4/1/yXA3LWV-YlpSlD9r5hnSyoLqUlA.roa
File: yXA3LWV-YlpSlD9r5hnSyoLqUlA.roa (raw, json)
Hash identifier: gB0vCVWe3tWcJgbffI/uWRbCHWDrLmryQYG9GYmc9u4=
Subject key identifier: C9:70:37:2D:65:7E:62:5A:52:94:3F:6B:E6:19:D2:CA:82:EA:52:50
Certificate issuer: /CN=b545e434bba473706da8336fda016bb2e68b3623
Certificate serial: 14DBE135
Authority key identifier: B5:45:E4:34:BB:A4:73:70:6D:A8:33:6F:DA:01:6B:B2:E6:8B:36:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUXkNLukc3BtqDNv2gFrsuaLNiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/533416-5192-4944-ab50-813c76ff40b4/1/yXA3LWV-YlpSlD9r5hnSyoLqUlA.roa
Signing time: Sat 01 Jan 2022 15:54:50 +0000
ROA not before: Sat 01 Jan 2022 15:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200914
IP address blocks: 185.91.159.0/24 maxlen: 24
185.91.156.0/22 maxlen: 22
2a03:8960::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349954357 (0x14dbe135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b545e434bba473706da8336fda016bb2e68b3623
Validity
Not Before: Jan 1 15:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c970372d657e625a52943f6be619d2ca82ea5250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:84:4b:1d:b6:42:b5:05:c0:9c:36:b7:df:dd:
85:24:02:33:0e:a2:96:95:1c:98:33:a1:fa:e1:e6:
a3:01:2f:f1:13:20:0b:ca:52:ed:33:44:41:1d:05:
09:a3:8a:94:59:3e:22:17:00:27:c3:28:48:c3:93:
9e:ac:76:fc:f6:3b:23:17:50:28:8a:d2:68:6f:86:
6e:5e:07:c6:8a:c8:16:a4:ec:12:9f:c1:a7:29:93:
e2:a7:59:76:00:9c:b8:0f:07:c7:66:11:2b:62:ba:
ac:7b:47:3f:cc:cc:0a:91:64:7a:c5:61:52:ac:45:
1f:5b:43:eb:97:7a:e3:7f:50:c3:4d:2a:9f:7c:6d:
e7:27:fb:1c:03:a7:b4:3e:b0:88:ff:e6:bf:2c:e0:
76:70:ab:97:d6:9c:70:2e:46:22:a3:39:5a:ed:80:
a5:4d:ba:f2:4a:b3:d5:a8:81:df:ce:51:70:ec:03:
03:ed:56:57:80:74:0e:66:aa:cc:23:80:3a:35:6f:
8e:ea:30:b8:ff:68:15:ae:5e:0b:cf:f3:1b:b1:b4:
38:ec:08:0c:27:27:11:13:30:39:b6:7f:8f:9b:d8:
df:75:70:94:4c:99:21:99:2a:5e:c7:43:0f:ec:77:
fd:7c:53:80:75:0c:e4:f9:f7:e5:96:60:3d:df:90:
a9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:70:37:2D:65:7E:62:5A:52:94:3F:6B:E6:19:D2:CA:82:EA:52:50
X509v3 Authority Key Identifier:
keyid:B5:45:E4:34:BB:A4:73:70:6D:A8:33:6F:DA:01:6B:B2:E6:8B:36:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUXkNLukc3BtqDNv2gFrsuaLNiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/533416-5192-4944-ab50-813c76ff40b4/1/yXA3LWV-YlpSlD9r5hnSyoLqUlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/533416-5192-4944-ab50-813c76ff40b4/1/tUXkNLukc3BtqDNv2gFrsuaLNiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.156.0/22
IPv6:
2a03:8960::/32
Signature Algorithm: sha256WithRSAEncryption
89:16:38:80:f6:b6:ea:91:69:17:c6:b2:69:a9:9b:a8:cf:d6:
ba:9b:24:27:20:59:55:a8:c4:2a:5c:45:1e:2b:88:83:f3:38:
98:60:a2:63:88:37:69:9e:23:46:d7:56:78:3a:0f:bd:20:a0:
50:e7:60:b5:d8:cd:11:90:31:b0:f6:3e:7e:d5:35:0f:ff:e1:
50:23:15:a5:cf:b2:40:72:6b:06:8d:1f:04:3a:3f:ef:b8:17:
89:a2:1b:da:c1:f7:52:d3:f2:46:6a:1d:69:e9:f8:e2:7a:2d:
0d:ae:65:77:ea:fe:72:79:3b:30:78:6d:12:28:ad:ed:0e:b2:
61:6b:13:66:da:94:9e:8e:e0:ee:0d:2d:6e:90:dc:8f:1c:a6:
ac:7b:81:84:90:ca:c5:b2:fd:c4:13:a9:9a:81:c8:e0:16:dd:
5d:f3:ba:d4:4b:60:20:76:a4:60:e2:9e:0a:1e:5d:a9:32:9c:
2d:69:a1:e0:d8:49:24:f6:cd:16:b3:b0:a1:1f:a5:4f:86:27:
a1:eb:81:8a:a4:a8:1b:30:da:86:e9:2a:2b:3b:b3:6c:d0:a9:
7e:0c:3a:4d:6b:46:61:32:d0:e1:d8:8e:74:12:b8:10:3f:76:
8d:c3:17:dc:22:d3:8e:bf:d2:71:e7:e0:28:6d:30:b6:2e:20:
46:b5:8d:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFNvhNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTQ1ZTQzNGJiYTQ3MzcwNmRhODMzNmZkYTAxNmJiMmU2OGIzNjIzMB4XDTIyMDEw
MTE1NTQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk3MDM3MmQ2NTdl
NjI1YTUyOTQzZjZiZTYxOWQyY2E4MmVhNTI1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqESx22QrUFwJw2t9/dhSQCMw6ilpUcmDOh+uHmowEv8RMg
C8pS7TNEQR0FCaOKlFk+IhcAJ8MoSMOTnqx2/PY7IxdQKIrSaG+Gbl4HxorIFqTs
Ep/BpymT4qdZdgCcuA8Hx2YRK2K6rHtHP8zMCpFkesVhUqxFH1tD65d6439Qw00q
n3xt5yf7HAOntD6wiP/mvyzgdnCrl9accC5GIqM5Wu2ApU268kqz1aiB385RcOwD
A+1WV4B0DmaqzCOAOjVvjuowuP9oFa5eC8/zG7G0OOwIDCcnERMwObZ/j5vY33Vw
lEyZIZkqXsdDD+x3/XxTgHUM5Pn35ZZgPd+QqVkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTJcDctZX5iWlKUP2vmGdLKgupSUDAfBgNVHSMEGDAWgBS1ReQ0u6RzcG2o
M2/aAWuy5os2IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RVWGtOTHVrYzNCdHFETnYyZ0Zyc3VhTE5pTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvNTMzNDE2LTUxOTItNDk0NC1hYjUwLTgxM2M3NmZmNDBiNC8x
L3lYQTNMV1YtWWxwU2xEOXI1aG5TeW9McVVsQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
NTMzNDE2LTUxOTItNDk0NC1hYjUwLTgxM2M3NmZmNDBiNC8xL3RVWGtOTHVrYzNC
dHFETnYyZ0Zyc3VhTE5pTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlbnDANBAIAAjAHAwUAKgOJYDAN
BgkqhkiG9w0BAQsFAAOCAQEAiRY4gPa26pFpF8ayaambqM/WupskJyBZVajEKlxF
HiuIg/M4mGCiY4g3aZ4jRtdWeDoPvSCgUOdgtdjNEZAxsPY+ftU1D//hUCMVpc+y
QHJrBo0fBDo/77gXiaIb2sH3UtPyRmodaen44notDa5ld+r+cnk7MHhtEiit7Q6y
YWsTZtqUno7g7g0tbpDcjxymrHuBhJDKxbL9xBOpmoHI4BbdXfO61EtgIHakYOKe
Ch5dqTKcLWmh4NhJJPbNFrOwoR+lT4YnoeuBiqSoGzDahukqKzuzbNCpfgw6TWtG
YTLQ4diOdBK4ED92jcMX3CLTjr/ScefgKG0wti4gRrWNdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:59 2024 by rpki-client on console-fra.rpki-client.org