Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YK9GSJ6iNJE3DE5Kb61tMCxzyJU.roa
File: YK9GSJ6iNJE3DE5Kb61tMCxzyJU.roa (raw, json)
Hash identifier: DY364Kd3BvyRIXjhUy6XhJduHhsj60HwB7AB1mxZYkk=
Subject key identifier: 60:AF:46:48:9E:A2:34:91:37:0C:4E:4A:6F:AD:6D:30:2C:73:C8:95
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1DCFD406
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YK9GSJ6iNJE3DE5Kb61tMCxzyJU.roa
Signing time: Fri 08 Apr 2022 13:08:44 +0000
ROA not before: Fri 08 Apr 2022 13:08:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 192.145.29.0/24 maxlen: 24
192.145.31.0/24 maxlen: 24
192.145.30.0/24 maxlen: 24
192.145.28.0/24 maxlen: 24
185.252.162.0/24 maxlen: 24
185.252.160.0/24 maxlen: 24
185.252.161.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
193.148.50.0/24 maxlen: 24
194.11.199.0/24 maxlen: 24
194.11.197.0/24 maxlen: 24
193.148.48.0/24 maxlen: 24
193.148.51.0/24 maxlen: 24
193.148.49.0/24 maxlen: 24
194.11.196.0/24 maxlen: 24
194.11.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 500159494 (0x1dcfd406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 8 13:08:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60af46489ea23491370c4e4a6fad6d302c73c895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:95:d3:8d:1e:fa:11:f1:8b:56:e9:0d:79:c4:
09:32:cb:8a:16:c9:00:52:35:da:64:fa:56:f6:ca:
64:c5:89:79:28:21:92:af:12:ad:cc:e0:01:cb:1e:
74:df:2d:4a:77:1a:5e:5e:ae:cb:08:74:e5:be:44:
41:4d:b7:0c:9c:7d:db:af:41:5c:33:68:cb:6c:ba:
af:bf:ae:95:06:cf:73:3b:97:32:15:a8:5f:4f:71:
48:d0:1b:5d:84:d6:bd:e1:fe:f3:6c:3c:e5:15:c0:
1d:8a:d3:08:2f:3f:fd:ce:26:c7:c1:f3:21:13:9e:
81:0b:ba:0f:fe:3f:0c:5f:ab:cc:54:7c:40:b5:15:
04:6b:69:5c:18:43:8d:49:bb:c1:ac:1d:1f:87:19:
15:3d:0e:27:49:c7:cd:e0:c3:ce:60:83:3c:09:22:
97:15:12:e8:62:2c:a4:2b:90:74:16:83:44:94:c3:
6f:70:46:b2:31:5a:69:82:39:a2:e6:c4:60:5c:7f:
87:4e:58:db:8f:7c:e3:d2:89:ae:d2:68:d3:86:aa:
ea:fa:2b:e1:c6:c7:1c:0c:b5:41:eb:bc:39:e8:fc:
52:12:1a:d5:c4:a5:e2:71:e6:95:16:21:20:52:cb:
74:65:b1:1e:d6:43:e6:b8:b6:89:4a:55:97:09:c1:
23:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AF:46:48:9E:A2:34:91:37:0C:4E:4A:6F:AD:6D:30:2C:73:C8:95
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YK9GSJ6iNJE3DE5Kb61tMCxzyJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.160.0/22
192.145.28.0/22
193.148.48.0/22
194.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:3f:9c:f1:c8:24:fa:e8:ff:0d:3e:17:2b:af:56:ec:72:21:
b7:32:ad:c3:43:53:62:43:2f:04:84:02:c8:29:44:bd:cf:0f:
ac:aa:82:7e:af:2c:ad:bf:6d:e0:af:a0:9d:68:a7:d4:82:5d:
19:1b:12:fc:c5:1c:8b:25:18:c7:13:d5:45:03:cd:56:a3:6b:
fb:e7:0a:08:85:01:dc:e1:da:da:fe:6f:52:c2:e9:b6:91:26:
6f:98:27:11:06:e3:a7:41:02:51:e1:59:97:32:a0:35:69:65:
95:97:ca:5d:ce:5a:76:66:0f:ad:9c:f4:7b:4b:19:f0:a5:23:
0f:61:bb:83:f0:d0:b2:f4:49:3d:2a:d5:d6:07:10:7d:cf:c1:
a7:d8:f8:cb:a2:ea:21:a3:8e:92:96:53:6d:0a:cb:f8:41:ad:
37:15:cc:2e:8c:62:1a:f0:7b:9b:d4:c8:e5:03:2e:13:45:64:
45:27:2a:cd:d3:55:55:ab:67:b8:0b:14:93:68:dc:6b:ff:1c:
b1:40:05:c9:c5:fa:ac:c8:8f:8b:f8:fa:84:55:32:39:1f:85:
33:44:54:03:c2:76:32:67:c8:35:33:fd:fd:95:76:4d:c9:c8:
0d:10:3f:8f:9a:ae:de:30:45:c8:46:de:7d:ba:8f:fd:04:af:
b2:f8:62:f4
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEHc/UBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQw
ODEzMDg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBhZjQ2NDg5ZWEy
MzQ5MTM3MGM0ZTRhNmZhZDZkMzAyYzczYzg5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSV040e+hHxi1bpDXnECTLLihbJAFI12mT6VvbKZMWJeSgh
kq8SrczgAcsedN8tSncaXl6uywh05b5EQU23DJx9269BXDNoy2y6r7+ulQbPczuX
MhWoX09xSNAbXYTWveH+82w85RXAHYrTCC8//c4mx8HzIROegQu6D/4/DF+rzFR8
QLUVBGtpXBhDjUm7wawdH4cZFT0OJ0nHzeDDzmCDPAkilxUS6GIspCuQdBaDRJTD
b3BGsjFaaYI5oubEYFx/h05Y249849KJrtJo04aq6vor4cbHHAy1Qeu8Oej8UhIa
1cSl4nHmlRYhIFLLdGWxHtZD5ri2iUpVlwnBI6cCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRgr0ZInqI0kTcMTkpvrW0wLHPIlTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1lLOUdTSjZpTkpFM0RFNUtiNjF0TUN4enlKVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEArn8oAMEAsCRHAMEAsGUMAMEAsIL
xDANBgkqhkiG9w0BAQsFAAOCAQEAXz+c8cgk+uj/DT4XK69W7HIhtzKtw0NTYkMv
BIQCyClEvc8PrKqCfq8srb9t4K+gnWin1IJdGRsS/MUciyUYxxPVRQPNVqNr++cK
CIUB3OHa2v5vUsLptpEmb5gnEQbjp0ECUeFZlzKgNWlllZfKXc5admYPrZz0e0sZ
8KUjD2G7g/DQsvRJPSrV1gcQfc/Bp9j4y6LqIaOOkpZTbQrL+EGtNxXMLoxiGvB7
m9TI5QMuE0VkRScqzdNVVatnuAsUk2jca/8csUAFycX6rMiPi/j6hFUyOR+FM0RU
A8J2MmfINTP9/ZV2TcnIDRA/j5qu3jBFyEbefbqP/QSvsvhi9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:36 2024 by rpki-client on console-ams.rpki-client.org