Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/yYK4LZzpq6kmm_N40ERslT_-Tco.roa
File: yYK4LZzpq6kmm_N40ERslT_-Tco.roa (raw, json)
Hash identifier: TzbI5ZqwFcCC0hl0hFOFKjHt4TKthdn7Xy6sj+8t4uc=
Subject key identifier: C9:82:B8:2D:9C:E9:AB:A9:26:9B:F3:78:D0:44:6C:95:3F:FE:4D:CA
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0B45D9AF
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/yYK4LZzpq6kmm_N40ERslT_-Tco.roa
Signing time: Thu 21 Apr 2022 19:25:03 +0000
ROA not before: Thu 21 Apr 2022 19:25:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 185.152.92.0/22 maxlen: 24
85.239.36.0/22 maxlen: 24
85.239.48.0/22 maxlen: 22
85.239.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189127087 (0xb45d9af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Apr 21 19:25:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c982b82d9ce9aba9269bf378d0446c953ffe4dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1c:4f:e8:88:1e:48:05:33:49:1e:c3:0d:8e:
b7:b4:c6:6b:18:00:77:ac:d1:d5:9e:84:b8:a4:6b:
aa:fe:08:5f:80:d9:41:c7:79:36:c9:e8:7e:8d:32:
4d:68:da:7e:69:e2:e3:39:40:df:04:9f:d0:dd:44:
f3:3e:74:1a:76:df:22:1b:42:dd:df:64:5d:7f:1d:
53:d8:b7:1b:09:da:48:40:34:4e:08:36:1a:39:eb:
24:79:17:1e:3c:71:2c:0b:94:a4:8a:fd:43:f1:0f:
98:87:33:f7:01:c5:1c:20:4a:56:f4:5d:b3:8b:aa:
22:94:93:54:d6:88:12:de:d6:a3:a9:1e:f1:f6:25:
15:60:a1:87:aa:a5:59:2e:62:8e:54:4a:da:3d:02:
b4:dd:87:30:a9:29:da:9b:32:20:99:a0:8c:94:92:
81:d3:dd:b1:77:18:49:b4:eb:68:fb:35:b1:d1:1c:
5b:b4:24:1e:c4:5d:4f:e9:c4:b1:4b:da:2d:2b:fc:
cd:d4:de:6a:48:0e:40:0f:e6:e9:cc:12:dc:c8:82:
7e:bc:ab:3a:05:da:f4:a4:fb:f9:c8:c5:85:17:82:
5a:b0:b9:57:d3:5f:4e:6f:fe:fa:bd:60:ec:52:bc:
1e:a7:14:f6:7f:d9:b5:9e:92:e2:01:37:74:a4:b1:
13:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:82:B8:2D:9C:E9:AB:A9:26:9B:F3:78:D0:44:6C:95:3F:FE:4D:CA
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/yYK4LZzpq6kmm_N40ERslT_-Tco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.36.0/22
85.239.48.0/22
85.239.56.0/22
185.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:45:7e:c3:95:3a:0a:40:e6:26:db:6c:27:4f:2c:82:f3:28:
73:1d:47:c4:10:6f:ee:90:18:e7:f9:04:42:01:23:a3:81:54:
b8:fb:88:38:25:3c:47:d5:9d:8e:2e:82:d1:1e:ea:b0:ac:16:
6c:e1:5f:2c:0a:a2:a0:93:00:2a:af:a3:e6:17:4a:95:aa:dd:
ff:b6:35:68:da:e6:52:76:76:a1:4f:f5:77:a5:a6:91:fb:92:
e2:17:59:b7:e9:4f:6d:28:22:28:2e:e2:b7:03:41:39:27:38:
87:d5:00:d6:61:63:71:77:a1:9c:a4:41:df:0f:e5:cd:66:ed:
90:6c:0a:26:1a:21:4b:a3:28:5b:cc:ed:09:3f:eb:e4:32:fa:
ba:7e:aa:e8:2a:24:1d:51:76:f4:04:c5:2b:d2:9e:f1:03:c2:
6a:de:4b:28:df:2f:c3:6a:ac:fe:af:34:84:e3:e1:e3:a3:f5:
9b:27:83:ff:3a:d5:61:6a:7d:d5:b9:4a:41:5a:2f:95:93:a3:
71:ab:08:78:0b:26:b9:1c:67:61:28:a8:a4:29:64:ba:3e:9a:
db:a2:b6:e1:41:87:40:02:44:a3:57:de:6e:9c:47:03:bb:24:
78:93:53:bd:b0:f3:ef:7c:7f:f2:b3:c4:08:5b:19:2e:a7:fe:
a6:e5:55:a3
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEC0XZrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDQy
MTE5MjUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk4MmI4MmQ5Y2U5
YWJhOTI2OWJmMzc4ZDA0NDZjOTUzZmZlNGRjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEcT+iIHkgFM0keww2Ot7TGaxgAd6zR1Z6EuKRrqv4IX4DZ
Qcd5Nsnofo0yTWjafmni4zlA3wSf0N1E8z50GnbfIhtC3d9kXX8dU9i3GwnaSEA0
Tgg2GjnrJHkXHjxxLAuUpIr9Q/EPmIcz9wHFHCBKVvRds4uqIpSTVNaIEt7Wo6ke
8fYlFWChh6qlWS5ijlRK2j0CtN2HMKkp2psyIJmgjJSSgdPdsXcYSbTraPs1sdEc
W7QkHsRdT+nEsUvaLSv8zdTeakgOQA/m6cwS3MiCfryrOgXa9KT7+cjFhReCWrC5
V9NfTm/++r1g7FK8HqcU9n/ZtZ6S4gE3dKSxE48CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTJgrgtnOmrqSab83jQRGyVP/5NyjAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L3lZSzRMWnpwcTZrbW1fTjQwRVJzbFRfLVRjby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlXvJAMEAlXvMAMEAlXvOAMEArmY
XDANBgkqhkiG9w0BAQsFAAOCAQEAX0V+w5U6CkDmJttsJ08sgvMocx1HxBBv7pAY
5/kEQgEjo4FUuPuIOCU8R9Wdji6C0R7qsKwWbOFfLAqioJMAKq+j5hdKlard/7Y1
aNrmUnZ2oU/1d6WmkfuS4hdZt+lPbSgiKC7itwNBOSc4h9UA1mFjcXehnKRB3w/l
zWbtkGwKJhohS6MoW8ztCT/r5DL6un6q6CokHVF29ATFK9Ke8QPCat5LKN8vw2qs
/q80hOPh46P1myeD/zrVYWp91blKQVovlZOjcasIeAsmuRxnYSiopClkuj6a26K2
4UGHQAJEo1febpxHA7skeJNTvbDz73x/8rPECFsZLqf+puVVow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org