Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/2YyM-3mha5fca_E79xsrCJgv2GQ.roa
File: 2YyM-3mha5fca_E79xsrCJgv2GQ.roa (raw, json)
Hash identifier: +Y0PaokznRUDP9/q71B94sJN0N1XTVWfoDm6L/YBtyg=
Subject key identifier: D9:8C:8C:FB:79:A1:6B:97:DC:6B:F1:3B:F7:1B:2B:08:98:2F:D8:64
Certificate issuer: /CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6
Certificate serial: 018553C0C98D835A5F153E350A17A667C636
Authority key identifier: 1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/2YyM-3mha5fca_E79xsrCJgv2GQ.roa
Signing time: Tue 27 Dec 2022 13:23:41 +0000
ROA not before: Tue 27 Dec 2022 13:23:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198539
IP address blocks: 185.228.112.0/23 maxlen: 23
185.228.114.0/24 maxlen: 24
185.228.115.0/24 maxlen: 24
194.50.142.0/24 maxlen: 24
194.50.143.0/24 maxlen: 24
194.50.141.0/24 maxlen: 24
2a0d:e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:c0:c9:8d:83:5a:5f:15:3e:35:0a:17:a6:67:c6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6
Validity
Not Before: Dec 27 13:23:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d98c8cfb79a16b97dc6bf13bf71b2b08982fd864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:e2:f8:6c:ad:dd:e5:2a:dd:c7:b6:ea:82:
57:7d:83:bb:54:4d:f8:42:8d:7f:de:79:83:e1:9d:
e1:81:73:29:d6:44:0b:9f:60:2e:9f:be:91:df:27:
80:4f:ae:62:47:66:56:c8:7f:bd:58:83:f9:73:c8:
48:6c:a5:88:51:bc:a8:f7:aa:e4:1b:cb:51:df:0a:
5f:41:7f:44:b3:43:f4:3c:f6:7e:b2:ea:a4:ec:9d:
ea:98:09:46:01:9b:73:9a:9f:99:9b:0d:0f:71:42:
17:c2:b9:8d:ba:ec:98:b5:a0:0b:ba:31:e9:f4:79:
e5:24:12:bc:7a:e0:c4:ec:2b:4c:07:13:8e:b6:15:
6a:9c:f1:a1:ba:65:16:58:90:35:d5:72:79:d4:1f:
f6:da:fe:80:6e:4f:24:b7:91:2c:96:b3:8e:bc:9f:
42:48:57:92:97:48:75:6b:4c:ad:59:58:0d:a9:df:
ba:71:13:b8:71:85:c1:b2:f7:4e:c9:3a:66:61:ea:
96:c6:ba:ca:3c:4f:1e:a3:25:88:ab:75:bf:07:e9:
ab:72:93:ff:ce:cc:4e:67:b1:4f:f3:94:a3:7c:ee:
1c:ab:c8:47:e7:a1:51:d7:38:81:b9:7d:98:1c:95:
b5:af:8e:ba:23:d1:cd:3d:0b:fb:e9:64:62:06:1e:
3b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8C:8C:FB:79:A1:6B:97:DC:6B:F1:3B:F7:1B:2B:08:98:2F:D8:64
X509v3 Authority Key Identifier:
keyid:1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/2YyM-3mha5fca_E79xsrCJgv2GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/H3FCtFtc45AW4l4Jsv7Veam9d9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.112.0/22
194.50.141.0-194.50.143.255
IPv6:
2a0d:e00::/29
Signature Algorithm: sha256WithRSAEncryption
76:b4:f8:49:da:61:3e:03:f5:36:7d:fb:4b:1f:ae:59:40:07:
57:b0:2f:d3:e3:0c:fb:d5:ea:96:2b:38:e6:36:6b:54:ee:14:
76:cf:6b:f4:4d:bd:0c:0c:5e:9a:d1:c6:dc:98:22:f3:d7:19:
68:8a:e5:d2:33:9f:b0:c8:f4:91:c5:4e:66:46:0f:9b:a1:6c:
95:3c:37:1f:4d:75:48:ff:db:76:d1:12:1b:fe:09:1a:2c:f0:
5b:37:28:9e:de:44:d5:64:f4:37:e7:37:ea:3b:5f:ae:bd:b3:
7b:36:90:98:90:f2:6b:cb:c8:56:8e:f3:9c:07:d6:bc:ab:e7:
cd:28:f3:57:74:0c:9d:61:5a:24:31:d5:f0:a0:85:2c:a5:8d:
3f:1f:f2:99:5a:bd:27:60:8e:86:76:4c:cd:bb:62:45:d5:3b:
a3:3b:94:fd:0d:fb:f7:1b:e6:04:e2:cb:33:7b:bc:96:af:2a:
a7:8d:9a:de:72:0a:3f:17:b7:12:2d:5e:12:74:e3:ef:e6:97:
eb:27:6a:3a:80:37:98:30:95:81:bf:b0:fd:4d:63:f6:a4:7c:
29:86:f5:7a:9d:2b:82:3c:fe:20:e6:23:4e:78:4f:cf:80:6c:
28:12:6d:df:f9:14:97:5a:f8:b8:34:c6:8c:b9:77:15:c7:85:
b0:3d:dc:07
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVTwMmNg1pfFT41ChemZ8Y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzE0MmI0NWI1Y2UzOTAxNmUyNWUwOWIyZmVkNTc5YTli
ZDc3ZDYwHhcNMjIxMjI3MTMyMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOThjOGNmYjc5YTE2Yjk3ZGM2YmYxM2JmNzFiMmIwODk4MmZkODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukLi+Gyt3eUq3ce26oJXfYO7VE34
Qo1/3nmD4Z3hgXMp1kQLn2Aun76R3yeAT65iR2ZWyH+9WIP5c8hIbKWIUbyo96rk
G8tR3wpfQX9Es0P0PPZ+suqk7J3qmAlGAZtzmp+Zmw0PcUIXwrmNuuyYtaALujHp
9HnlJBK8euDE7CtMBxOOthVqnPGhumUWWJA11XJ51B/22v6Abk8kt5EslrOOvJ9C
SFeSl0h1a0ytWVgNqd+6cRO4cYXBsvdOyTpmYeqWxrrKPE8eoyWIq3W/B+mrcpP/
zsxOZ7FP85SjfO4cq8hH56FR1ziBuX2YHJW1r466I9HNPQv76WRiBh476QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNmMjPt5oWuX3GvxO/cbKwiYL9hkMB8GA1UdIwQY
MBaAFB9xQrRbXOOQFuJeCbL+1XmpvXfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTkt
ZGZlNDVmNjcyZjgxLzEvMll5TS0zbWhhNWZjYV9FNzl4c3JDSmd2MkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTktZGZlNDVmNjcyZjgx
LzEvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCueRwMAwD
BADCMo0DBATCMoAwDQQCAAIwBwMFAyoNDgAwDQYJKoZIhvcNAQELBQADggEBAHa0
+EnaYT4D9TZ9+0sfrllAB1ewL9PjDPvV6pYrOOY2a1TuFHbPa/RNvQwMXprRxtyY
IvPXGWiK5dIzn7DI9JHFTmZGD5uhbJU8Nx9NdUj/23bREhv+CRos8Fs3KJ7eRNVk
9DfnN+o7X669s3s2kJiQ8mvLyFaO85wH1ryr580o81d0DJ1hWiQx1fCghSyljT8f
8plavSdgjoZ2TM27YkXVO6M7lP0N+/cb5gTiyzN7vJavKqeNmt5yCj8XtxItXhJ0
4+/ml+snajqAN5gwlYG/sP1NY/akfCmG9XqdK4I8/iDmI054T8+AbCgSbd/5FJda
+Lg0xoy5dxXHhbA93Ac=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:34 2024 by rpki-client on console-ams.rpki-client.org