Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/Y7zg7u0N-7ym-mqxcQ07P9lGXGc.roa
File: Y7zg7u0N-7ym-mqxcQ07P9lGXGc.roa (raw, json)
Hash identifier: fucBx4kF6Yqf/6yskBNUUt37ymeuJKaN2AdcOWhOzJM=
Subject key identifier: 63:BC:E0:EE:ED:0D:FB:BC:A6:FA:6A:B1:71:0D:3B:3F:D9:46:5C:67
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 0182A1AC666407CDE01B3BCD8326FAF5278D
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/Y7zg7u0N-7ym-mqxcQ07P9lGXGc.roa
Signing time: Mon 15 Aug 2022 13:23:26 +0000
ROA not before: Mon 15 Aug 2022 13:23:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210392
IP address blocks: 109.95.66.0/24 maxlen: 24
109.95.65.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
109.95.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:ac:66:64:07:cd:e0:1b:3b:cd:83:26:fa:f5:27:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Aug 15 13:23:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63bce0eeed0dfbbca6fa6ab1710d3b3fd9465c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:da:0a:00:e0:31:51:f4:22:32:0b:a7:85:81:
71:15:d6:a6:c0:33:5f:1a:09:c7:bb:50:94:71:92:
5f:9e:b2:0d:f6:66:66:1c:03:da:3a:96:4e:51:c2:
0c:10:ff:43:ea:77:3c:cb:42:d4:a7:c3:1e:4c:68:
7d:b0:57:7e:6f:83:67:a2:43:d1:d7:e2:23:8e:fd:
6b:76:b9:bf:83:bb:1d:2d:16:cc:01:2d:ce:d8:30:
64:7f:bc:92:8c:21:1e:9b:28:ba:69:f7:33:21:59:
b5:18:99:ec:8b:40:a5:42:b3:e1:cf:6b:9d:b6:a9:
11:05:e8:f4:eb:e6:4f:58:ce:9f:a6:86:52:8a:6b:
41:67:2e:96:3e:b3:bd:68:2d:4a:88:c4:53:2e:ac:
93:31:2b:fc:4e:32:ab:43:34:0b:0f:d3:7b:1f:85:
37:6d:97:db:1f:64:98:fc:73:1f:bf:b9:80:5c:25:
dd:fe:19:f9:d5:70:cc:92:27:75:4e:fd:e9:4f:d8:
54:33:15:c0:88:6f:a7:b3:26:0e:d1:aa:e6:cb:e5:
a8:64:42:59:10:a2:14:88:d9:d4:61:70:98:88:0a:
c6:b9:a2:c9:e2:0c:99:85:fc:7e:61:72:1a:a7:38:
1e:52:aa:4e:0f:76:cc:f8:28:51:f7:cb:50:7c:f6:
23:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BC:E0:EE:ED:0D:FB:BC:A6:FA:6A:B1:71:0D:3B:3F:D9:46:5C:67
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/Y7zg7u0N-7ym-mqxcQ07P9lGXGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0-109.95.68.255
Signature Algorithm: sha256WithRSAEncryption
60:cb:f8:7e:cc:46:8c:97:7e:fb:f0:5f:96:a7:b8:7a:12:e0:
05:4e:b5:d4:80:8a:c9:70:60:e8:f1:5b:aa:aa:7d:0e:46:ab:
a8:eb:07:fc:14:d5:f2:d3:7a:c2:a4:16:ce:aa:63:4d:fa:60:
58:76:cd:ae:b1:62:74:1c:0a:03:73:f8:38:01:26:4a:43:9d:
63:72:85:22:a0:c8:61:e5:39:3e:05:e4:ba:fc:02:2c:d4:af:
89:de:1d:4e:fe:57:a4:68:05:61:b8:ca:9c:9b:39:5b:44:98:
89:45:a3:09:12:13:1a:e1:26:85:82:bf:0e:cc:9a:27:cb:0f:
fa:d5:7a:5f:e5:99:fa:03:fd:18:2e:f8:16:b5:d5:c4:47:6c:
5f:09:53:be:81:38:ce:78:f9:71:2a:ac:83:62:ae:51:3b:b1:
44:6d:c7:ef:03:25:17:06:cb:1a:ae:71:21:d6:17:34:de:fa:
73:f6:78:03:98:5f:bb:c3:19:45:2b:ff:34:79:6b:ce:45:dd:
0e:48:d6:95:f9:77:9c:f4:af:7c:83:31:00:f1:dd:b3:15:c7:
bd:bd:55:cc:42:ed:18:33:17:c8:6c:df:84:20:53:17:00:69:
3d:3c:32:78:23:b3:15:cf:23:7b:5d:b7:32:08:98:d0:75:b5:
1f:48:5d:9f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYKhrGZkB83gGzvNgyb69SeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjIwODE1MTMyMzI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2JjZTBlZWVkMGRmYmJjYTZmYTZhYjE3MTBkM2IzZmQ5NDY1YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9oKAOAxUfQiMgunhYFxFdamwDNf
GgnHu1CUcZJfnrIN9mZmHAPaOpZOUcIMEP9D6nc8y0LUp8MeTGh9sFd+b4NnokPR
1+Ijjv1rdrm/g7sdLRbMAS3O2DBkf7ySjCEemyi6afczIVm1GJnsi0ClQrPhz2ud
tqkRBej06+ZPWM6fpoZSimtBZy6WPrO9aC1KiMRTLqyTMSv8TjKrQzQLD9N7H4U3
bZfbH2SY/HMfv7mAXCXd/hn51XDMkid1Tv3pT9hUMxXAiG+nsyYO0army+WoZEJZ
EKIUiNnUYXCYiArGuaLJ4gyZhfx+YXIapzgeUqpOD3bM+ChR98tQfPYjZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGO84O7tDfu8pvpqsXENOz/ZRlxnMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvWTd6Zzd1ME4tN3ltLW1xeGNRMDdQOWxHWEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtX0ED
BABtX0QwDQYJKoZIhvcNAQELBQADggEBAGDL+H7MRoyXfvvwX5anuHoS4AVOtdSA
islwYOjxW6qqfQ5Gq6jrB/wU1fLTesKkFs6qY036YFh2za6xYnQcCgNz+DgBJkpD
nWNyhSKgyGHlOT4F5Lr8AizUr4neHU7+V6RoBWG4ypybOVtEmIlFowkSExrhJoWC
vw7MmifLD/rVel/lmfoD/Rgu+Ba11cRHbF8JU76BOM54+XEqrINirlE7sURtx+8D
JRcGyxqucSHWFzTe+nP2eAOYX7vDGUUr/zR5a85F3Q5I1pX5d5z0r3yDMQDx3bMV
x729VcxC7RgzF8hs34QgUxcAaT08MngjsxXPI3tdtzIImNB1tR9IXZ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:33 2024 by rpki-client on console-ams.rpki-client.org