Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/YKB6J3YWKt0m3W-ghbMMGAmc6ig.roa
File: YKB6J3YWKt0m3W-ghbMMGAmc6ig.roa (raw, json)
Hash identifier: Oi7CKBT7fdgudk/CLmWl55eqY/yUKmOXFyf41W8Rsl8=
Subject key identifier: 60:A0:7A:27:76:16:2A:DD:26:DD:6F:A0:85:B3:0C:18:09:9C:EA:28
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 07965E5E
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/YKB6J3YWKt0m3W-ghbMMGAmc6ig.roa
Signing time: Sat 01 Jan 2022 02:52:50 +0000
ROA not before: Sat 01 Jan 2022 02:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60767
IP address blocks: 45.95.204.0/22 maxlen: 24
2a0e:3940:f000::/36 maxlen: 36
2a0e:3940:d000::/36 maxlen: 36
2a0e:3940:1000::/36 maxlen: 44
2a0e:3940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127295070 (0x7965e5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Jan 1 02:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60a07a2776162add26dd6fa085b30c18099cea28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2c:a6:cd:ca:64:50:c6:7a:c4:48:52:87:d4:
5b:8a:66:bf:f7:66:67:3b:da:2f:3c:90:a3:10:0a:
9f:71:eb:ba:aa:e5:31:f8:52:e3:d8:2e:32:e6:74:
a6:05:db:96:0a:e2:25:1c:49:4d:49:f2:75:fb:b9:
25:0c:59:b1:39:5c:21:94:15:1b:ad:0c:79:e4:8b:
af:f1:11:0c:8e:f2:23:78:e6:02:c9:fc:bd:f9:5a:
4e:6b:59:70:ce:df:30:53:39:27:5c:04:09:39:8e:
bd:ee:e3:19:50:95:59:08:fe:31:b6:0a:a1:63:53:
91:45:65:0b:b1:60:fb:78:a7:93:85:1e:e0:2b:71:
79:75:38:70:90:c2:c2:81:79:c2:c3:b2:1b:22:90:
4d:f8:5d:f0:7d:06:63:3b:9b:97:82:87:44:f7:bf:
a2:15:2c:2e:65:d6:3d:37:54:5d:32:92:2a:ff:eb:
62:9b:7f:18:5f:8d:94:60:d1:c5:d3:35:21:95:fe:
67:01:37:06:02:f4:db:d4:24:3c:ed:2e:9f:b7:e1:
51:db:45:b9:c5:f8:9f:f6:c4:fb:5f:f0:41:19:d3:
08:a6:12:ff:91:48:78:2d:85:08:64:ea:97:4b:67:
fc:52:98:44:bb:5f:6d:97:ed:bb:b5:79:94:8b:f3:
10:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A0:7A:27:76:16:2A:DD:26:DD:6F:A0:85:B3:0C:18:09:9C:EA:28
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/YKB6J3YWKt0m3W-ghbMMGAmc6ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.204.0/22
IPv6:
2a0e:3940::/29
Signature Algorithm: sha256WithRSAEncryption
32:08:13:6d:0b:cb:e8:52:b7:dd:95:52:e8:f3:0b:d6:dd:b0:
e3:fe:df:e2:b0:94:6c:b5:de:04:ba:04:ac:9d:74:88:45:98:
00:a9:b6:52:b5:71:70:3d:53:80:97:36:18:08:93:b0:0d:3d:
46:12:49:d6:84:a9:8c:a5:c9:ec:88:c9:35:46:d0:08:30:70:
a8:61:55:22:14:7b:23:9b:d2:26:72:c3:5f:d2:f6:83:d0:67:
c8:1c:50:24:19:d0:de:bf:aa:86:18:3d:83:65:99:27:1f:72:
cf:a6:29:c4:d8:b7:8c:6b:75:48:f0:f4:78:57:5d:14:ce:d5:
2d:39:d0:92:e3:30:d8:4e:ca:3c:b0:3d:46:67:89:2d:0a:d5:
b7:b2:37:55:2a:16:80:d2:cb:37:88:8e:1f:80:71:09:bf:46:
72:d3:8b:e4:bc:e0:b6:f1:3b:20:82:40:05:91:80:cb:46:d8:
51:f1:57:49:4d:c2:4a:00:06:e3:e2:ec:e8:c6:70:2b:4c:ab:
59:a3:3e:eb:cf:e5:be:12:c9:f6:67:ad:20:8a:fc:8a:c0:53:
66:6c:67:f3:41:33:54:ec:6d:91:b0:27:f9:b0:0d:72:61:a0:
dc:cc:8c:b9:7b:01:96:a9:a9:5a:d2:e1:c2:de:26:60:7f:8e:
88:60:30:80
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB5ZeXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjYxYWE1ZDFiZWZkN2EwZmUzZTRkZmUzYWE4ZGE3M2VmY2ZiYTM0MB4XDTIyMDEw
MTAyNTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBhMDdhMjc3NjE2
MmFkZDI2ZGQ2ZmEwODViMzBjMTgwOTljZWEyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0sps3KZFDGesRIUofUW4pmv/dmZzvaLzyQoxAKn3Hruqrl
MfhS49guMuZ0pgXblgriJRxJTUnydfu5JQxZsTlcIZQVG60MeeSLr/ERDI7yI3jm
Asn8vflaTmtZcM7fMFM5J1wECTmOve7jGVCVWQj+MbYKoWNTkUVlC7Fg+3ink4Ue
4CtxeXU4cJDCwoF5wsOyGyKQTfhd8H0GYzubl4KHRPe/ohUsLmXWPTdUXTKSKv/r
Ypt/GF+NlGDRxdM1IZX+ZwE3BgL029QkPO0un7fhUdtFucX4n/bE+1/wQRnTCKYS
/5FIeC2FCGTql0tn/FKYRLtfbZftu7V5lIvzEG8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRgoHondhYq3Sbdb6CFswwYCZzqKDAfBgNVHSMEGDAWgBQfYapdG+/XoP4+
Tf46qNpz78+6NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyR3FYUnZ2MTZELVBrMy1PcWphYy1fUHVqUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvMGFkNDE0LTNkZjEtNGIzOC04NjllLWM2MjFlOGRmOTVmZi8x
L1lLQjZKM1lXS3QwbTNXLWdoYk1NR0FtYzZpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
MGFkNDE0LTNkZjEtNGIzOC04NjllLWM2MjFlOGRmOTVmZi8xL0gyR3FYUnZ2MTZE
LVBrMy1PcWphYy1fUHVqUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1fzDANBAIAAjAHAwUDKg45QDAN
BgkqhkiG9w0BAQsFAAOCAQEAMggTbQvL6FK33ZVS6PML1t2w4/7f4rCUbLXeBLoE
rJ10iEWYAKm2UrVxcD1TgJc2GAiTsA09RhJJ1oSpjKXJ7IjJNUbQCDBwqGFVIhR7
I5vSJnLDX9L2g9BnyBxQJBnQ3r+qhhg9g2WZJx9yz6YpxNi3jGt1SPD0eFddFM7V
LTnQkuMw2E7KPLA9RmeJLQrVt7I3VSoWgNLLN4iOH4BxCb9GctOL5LzgtvE7IIJA
BZGAy0bYUfFXSU3CSgAG4+Ls6MZwK0yrWaM+68/lvhLJ9metIIr8isBTZmxn80Ez
VOxtkbAn+bANcmGg3MyMuXsBlqmpWtLhwt4mYH+OiGAwgA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:05 2023 by rpki-client on console-fra.rpki-client.org