Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/YQL39PD_AN_OS4AbBPHrnaM3e7s.roa
File: YQL39PD_AN_OS4AbBPHrnaM3e7s.roa (raw, json)
Hash identifier: 3JUSWplWA9QEaAclRT9dqmaIniSnO0vRvMhT8UmIt3k=
Subject key identifier: 61:02:F7:F4:F0:FF:00:DF:CE:4B:80:1B:04:F1:EB:9D:A3:37:7B:BB
Certificate issuer: /CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Certificate serial: 02D4FF
Authority key identifier: F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/YQL39PD_AN_OS4AbBPHrnaM3e7s.roa
Signing time: Tue 28 Jun 2022 09:20:01 +0000
ROA not before: Tue 28 Jun 2022 09:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 195.93.238.0/23 maxlen: 23
91.199.58.0/24 maxlen: 24
2a02:cc9::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 185599 (0x2d4ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Validity
Not Before: Jun 28 09:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6102f7f4f0ff00dfce4b801b04f1eb9da3377bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9e:ea:86:8a:a3:7c:a3:d0:e7:51:9e:97:fc:
2b:6f:ed:82:df:10:b8:86:6a:1f:c3:dd:70:fc:58:
5e:d8:4f:47:d8:94:89:85:9a:97:35:25:cd:d8:b9:
fc:f2:c8:e3:8f:8a:75:08:02:72:95:a3:06:79:0f:
d3:71:fd:e5:65:96:a7:b8:b2:21:29:a7:37:26:e3:
fd:90:33:6a:8b:2c:f4:f2:36:db:63:08:12:8d:00:
1b:fc:6c:c8:21:45:3a:09:78:7d:4a:f1:3e:c6:6a:
9d:cf:95:00:65:9f:fc:7e:ea:99:b8:fc:99:d9:0a:
94:05:09:bf:b1:0a:8f:28:20:77:a1:1d:bf:c6:ad:
d7:99:cf:e3:2d:4a:2c:67:2c:13:3f:34:6d:61:ea:
1f:51:49:09:a0:e0:b3:f7:69:55:08:77:f4:d6:0d:
93:2e:af:50:37:39:0f:e1:20:e4:f9:06:51:0a:c0:
9c:50:dc:f8:9d:be:17:1c:8b:f6:25:b7:eb:65:6f:
12:b5:83:8c:8a:18:8e:8a:45:18:58:38:e4:98:27:
8a:88:ed:74:fb:05:42:06:72:f8:30:90:8a:72:94:
dd:f9:66:25:93:fc:14:85:9d:f9:a2:59:33:84:67:
03:7b:42:b2:b6:6c:89:b3:c3:a9:69:ed:98:60:18:
d5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:02:F7:F4:F0:FF:00:DF:CE:4B:80:1B:04:F1:EB:9D:A3:37:7B:BB
X509v3 Authority Key Identifier:
keyid:F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/YQL39PD_AN_OS4AbBPHrnaM3e7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.58.0/24
195.93.238.0/23
IPv6:
2a02:cc9::/32
Signature Algorithm: sha256WithRSAEncryption
5b:5d:b1:11:62:5b:7d:ea:ab:12:0d:db:1f:d4:92:a0:3f:30:
a4:d7:cb:ff:cf:5a:28:85:4e:d4:74:c3:7c:39:33:33:f7:1d:
7e:3b:6b:08:13:57:db:e1:b4:95:a7:bf:4e:6f:03:31:20:7a:
e9:04:52:3b:ef:07:78:6b:ec:93:47:00:b8:35:81:28:1b:85:
2c:a1:df:95:70:3b:e7:5b:8f:14:3b:62:a2:62:77:ba:a3:94:
3d:e8:7a:d5:cb:c4:cf:42:7a:26:dd:16:69:9b:54:c6:70:03:
a1:74:bf:5b:1d:f5:b4:a8:79:4b:31:a9:ef:95:ba:5c:83:7a:
b7:80:9e:68:85:ac:1d:f7:6d:c2:d9:61:6c:1f:7f:f9:61:0e:
df:ea:2d:65:d4:97:68:0d:4a:44:ec:02:4f:15:43:04:1f:79:
42:6f:31:2d:38:12:a0:2d:40:b8:cc:ee:7b:7d:1c:d9:15:67:
67:fb:6b:22:b0:e1:d6:c5:fa:49:49:6c:8b:47:42:f1:16:d9:
45:4b:fe:8e:bb:d2:27:40:e2:21:d5:b3:2d:c1:c2:92:47:c8:
9f:45:d0:f3:37:7a:a2:8e:43:23:2e:17:84:94:d2:ce:d2:ce:
17:33:68:c3:73:5f:dd:bb:5a:43:4a:e3:a0:2c:95:8f:19:15:
fa:d1:18:b8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIDAtT/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY4
ZGQ3YWUxMmQyYTM3ZjIxYWFjNmY4MWI2YWY2N2Q2NjE3Y2EyOGUwHhcNMjIwNjI4
MDkyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MTAyZjdmNGYwZmYw
MGRmY2U0YjgwMWIwNGYxZWI5ZGEzMzc3YmJiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApp7qhoqjfKPQ51Gel/wrb+2C3xC4hmofw91w/Fhe2E9H2JSJ
hZqXNSXN2Ln88sjjj4p1CAJylaMGeQ/Tcf3lZZanuLIhKac3JuP9kDNqiyz08jbb
YwgSjQAb/GzIIUU6CXh9SvE+xmqdz5UAZZ/8fuqZuPyZ2QqUBQm/sQqPKCB3oR2/
xq3Xmc/jLUosZywTPzRtYeofUUkJoOCz92lVCHf01g2TLq9QNzkP4SDk+QZRCsCc
UNz4nb4XHIv2JbfrZW8StYOMihiOikUYWDjkmCeKiO10+wVCBnL4MJCKcpTd+WYl
k/wUhZ35olkzhGcDe0KytmyJs8Opae2YYBjVawIDAQABo4ICIDCCAhwwHQYDVR0O
BBYEFGEC9/Tw/wDfzkuAGwTx652jN3u7MB8GA1UdIwQYMBaAFPjdeuEtKjfyGqxv
gbavZ9ZhfKKOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEFBQcBAQRZMFcwVQYIKwYB
BQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MS1OMTY0UzBxTl9JYXJHLUJ0cTluMW1GOG9vNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVlMy8x
L1lRTDM5UERfQU5fT1M0QWJCUEhybmFNM2U3cy5yb2EwgYIGA1UdHwR7MHkwd6B1
oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
MmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVlMy8xLzEtTjE2NFMwcU5f
SWFyRy1CdHE5bjFtRjhvbzQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBABbxzoDBAHDXe4wDQQCAAIwBwMF
ACoCDMkwDQYJKoZIhvcNAQELBQADggEBAFtdsRFiW33qqxIN2x/UkqA/MKTXy//P
WiiFTtR0w3w5MzP3HX47awgTV9vhtJWnv05vAzEgeukEUjvvB3hr7JNHALg1gSgb
hSyh35VwO+dbjxQ7YqJid7qjlD3oetXLxM9CeibdFmmbVMZwA6F0v1sd9bSoeUsx
qe+VulyDereAnmiFrB33bcLZYWwff/lhDt/qLWXUl2gNSkTsAk8VQwQfeUJvMS04
EqAtQLjM7nt9HNkVZ2f7ayKw4dbF+klJbItHQvEW2UVL/o670idA4iHVsy3BwpJH
yJ9F0PM3eqKOQyMuF4SU0s7SzhczaMNzX927WkNK46AslY8ZFfrRGLg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:55 2023 by rpki-client on console-ams.rpki-client.org