Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/yN18D4wK9qkHEnT0D67dpFW_N3M.roa
File: yN18D4wK9qkHEnT0D67dpFW_N3M.roa (raw, json)
Hash identifier: 2khZcNfSmJRmc1WOpk9sXNtRwHfQqmce9pyY5uBU7rU=
Subject key identifier: C8:DD:7C:0F:8C:0A:F6:A9:07:12:74:F4:0F:AE:DD:A4:55:BF:37:73
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 08898521
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/yN18D4wK9qkHEnT0D67dpFW_N3M.roa
Signing time: Tue 28 Jun 2022 13:37:04 +0000
ROA not before: Tue 28 Jun 2022 13:37:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.96.0/21 maxlen: 24
144.178.224.0/20 maxlen: 24
144.178.120.0/21 maxlen: 24
185.184.204.0/22 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.64.0/19 maxlen: 24
2a02:fe9::/32 maxlen: 48
2a02:fe8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143230241 (0x8898521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jun 28 13:37:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8dd7c0f8c0af6a9071274f40faedda455bf3773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8c:22:c1:ba:32:f6:8f:aa:29:28:d5:3b:e4:
56:52:0b:66:f5:d1:8f:1f:0a:6e:cf:3f:5c:5b:87:
ee:eb:53:66:f7:e2:d7:19:ec:fb:dd:38:bb:42:eb:
80:d0:3b:94:9f:b2:54:f0:6c:19:3c:5f:0b:a4:46:
ec:46:e4:1d:37:a3:51:cf:51:27:95:71:09:50:43:
35:e9:24:9b:15:8c:ab:8f:70:da:c1:f6:f7:56:14:
26:80:f2:df:4d:f2:ea:97:01:d9:a6:87:6f:03:0b:
a8:7b:6d:0f:34:f9:a3:00:56:66:b8:4c:f5:9e:20:
15:31:74:47:d8:4a:2e:10:fc:2a:d4:e2:d6:0b:68:
69:0e:a5:99:f9:87:ee:d7:e7:ad:cc:1f:9e:fd:86:
1a:d4:4d:bf:d0:66:a3:2f:4f:ce:a8:a9:86:6a:73:
74:46:c1:28:9c:06:4a:06:c5:07:5c:c1:93:72:71:
3e:81:2c:0a:d4:c8:5c:a5:0f:83:df:ee:74:c2:16:
52:85:b1:29:48:86:26:28:0b:82:48:ad:0e:a4:19:
b5:9d:c9:a2:68:df:ac:37:12:59:c9:9c:1a:1b:82:
e4:a6:c1:64:db:c9:b1:86:54:05:fe:75:24:27:58:
2d:f5:f1:38:35:3c:c7:fe:b3:fb:73:27:c3:04:4a:
4c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DD:7C:0F:8C:0A:F6:A9:07:12:74:F4:0F:AE:DD:A4:55:BF:37:73
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/yN18D4wK9qkHEnT0D67dpFW_N3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.120.0/21
144.178.192.0-144.178.247.255
185.184.204.0/22
IPv6:
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
84:9f:e6:eb:81:ad:f7:f3:77:9a:e8:24:f0:f2:d1:50:99:b4:
d6:ca:93:55:88:3c:98:f1:b3:c4:21:89:a7:26:1a:4a:e5:e1:
a3:d4:bf:5f:d7:52:87:36:30:00:bc:a3:e6:3b:52:6b:20:f8:
17:0e:6c:ff:8a:49:ed:8f:de:dc:cc:5d:13:67:27:d0:5f:84:
7a:1b:b2:a9:d2:30:f6:c0:83:59:5d:c8:35:06:bd:50:87:2e:
59:b3:9b:90:12:50:d6:7e:c2:bf:5c:8c:7a:6d:4e:55:8d:4a:
58:df:4d:a4:69:5e:ad:03:cc:4b:18:09:93:5c:31:d4:40:36:
ac:59:d6:f4:74:5a:e0:91:33:c5:0a:9f:c8:e5:75:c9:f7:2e:
50:c8:dc:fb:c5:67:51:e9:09:46:1c:2a:94:e2:f6:31:cd:50:
3b:f5:eb:9f:cb:06:e5:68:b4:0f:c8:29:77:9f:9a:09:f6:c1:
b7:70:0f:e5:86:57:be:99:68:72:6d:32:5b:c6:36:73:04:d5:
20:49:4a:93:a9:87:99:56:09:a1:6e:ff:b5:0d:84:5d:3f:37:
ab:f0:d2:7f:74:61:34:05:08:1f:5a:39:1d:af:d8:d1:2e:1c:
c2:a7:c6:92:91:d7:62:79:22:75:0a:da:0e:28:36:9e:ed:d1:
70:38:f7:bd
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIECImFITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODY1ODBlMThhZDZmZjhkYzk0MmJlODgzYzE2ZGU4YjczMWY5NjA1MB4XDTIyMDYy
ODEzMzcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhkZDdjMGY4YzBh
ZjZhOTA3MTI3NGY0MGZhZWRkYTQ1NWJmMzc3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCMIsG6MvaPqiko1TvkVlILZvXRjx8Kbs8/XFuH7utTZvfi
1xns+904u0LrgNA7lJ+yVPBsGTxfC6RG7EbkHTejUc9RJ5VxCVBDNekkmxWMq49w
2sH291YUJoDy303y6pcB2aaHbwMLqHttDzT5owBWZrhM9Z4gFTF0R9hKLhD8KtTi
1gtoaQ6lmfmH7tfnrcwfnv2GGtRNv9Bmoy9PzqiphmpzdEbBKJwGSgbFB1zBk3Jx
PoEsCtTIXKUPg9/udMIWUoWxKUiGJigLgkitDqQZtZ3JomjfrDcSWcmcGhuC5KbB
ZNvJsYZUBf51JCdYLfXxODU8x/6z+3MnwwRKTFkCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBTI3XwPjAr2qQcSdPQPrt2kVb83czAfBgNVHSMEGDAWgBSoZYDhitb/jclC
vog8Ft6Lcx+WBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FHV0E0WXJXXzQzSlFyNklQQmJlaTNNZmxnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8x
L3lOMThENHdLOXFrSEVuVDBENjdkcEZXX04zTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8xL3FHV0E0WXJXXzQz
SlFyNklQQmJlaTNNZmxnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswOgQCAAEwNAMEBVkUoAMEA11f+DAMAwQGkLJAAwQD
kLJgAwQDkLJ4MAwDBAaQssADBAOQsvADBAK5uMwwDQQCAAIwBwMFASoCD+gwDQYJ
KoZIhvcNAQELBQADggEBAISf5uuBrffzd5roJPDy0VCZtNbKk1WIPJjxs8Qhiacm
Gkrl4aPUv1/XUoc2MAC8o+Y7Umsg+BcObP+KSe2P3tzMXRNnJ9BfhHobsqnSMPbA
g1ldyDUGvVCHLlmzm5ASUNZ+wr9cjHptTlWNSljfTaRpXq0DzEsYCZNcMdRANqxZ
1vR0WuCRM8UKn8jldcn3LlDI3PvFZ1HpCUYcKpTi9jHNUDv165/LBuVotA/IKXef
mgn2wbdwD+WGV76ZaHJtMlvGNnME1SBJSpOph5lWCaFu/7UNhF0/N6vw0n90YTQF
CB9aOR2v2NEuHMKnxpKR12J5InUK2g4oNp7t0XA4970=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:35 2024 by rpki-client on console-ams.rpki-client.org