Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/YSU2ZzMYIGcVIa6E09NMn-ok0pI.roa
File: YSU2ZzMYIGcVIa6E09NMn-ok0pI.roa (raw, json)
Hash identifier: 7Vr2OGAaYRPmi71Zqc/kT4/Q4BqKqjqjS2sejNlbCj8=
Subject key identifier: 61:25:36:67:33:18:20:67:15:21:AE:84:D3:D3:4C:9F:EA:24:D2:92
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 0EF670EF
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/YSU2ZzMYIGcVIa6E09NMn-ok0pI.roa
Signing time: Sat 01 Jan 2022 09:53:45 +0000
ROA not before: Sat 01 Jan 2022 09:53:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206892
IP address blocks: 185.199.28.0/22 maxlen: 24
194.39.44.0/22 maxlen: 24
45.95.44.0/22 maxlen: 24
185.161.72.0/22 maxlen: 24
2a07:c280::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 251031791 (0xef670ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 1 09:53:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61253667331820671521ae84d3d34c9fea24d292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:94:1e:d4:ec:1d:22:bd:99:e1:8c:42:2e:59:
16:a3:c5:26:67:f4:f4:15:e1:4c:75:40:1a:84:84:
0f:19:1c:94:7f:af:9e:81:4f:ba:ef:29:5c:1b:a2:
53:af:d4:de:6b:c3:f4:6c:62:2a:e8:4f:05:92:a4:
aa:57:ae:d3:ed:d7:32:4f:f8:a3:2e:32:cc:58:79:
8b:8f:a0:50:cc:fb:ea:35:d3:64:9e:50:ef:5d:c6:
53:e3:e4:29:db:53:5d:44:7a:b8:ae:02:55:7d:94:
5c:fc:21:ad:04:fe:fb:b7:c9:54:58:82:7e:37:1a:
b2:cf:92:ad:ba:ba:16:08:00:d8:72:47:11:ef:1d:
a7:d9:25:f1:79:2f:33:33:bf:02:cf:65:23:96:8f:
73:5e:c2:22:a6:3f:fb:a0:5a:59:c8:3f:a3:3f:10:
f2:82:cb:89:da:8c:3c:33:5c:55:49:48:fd:cd:0a:
5d:4c:23:e3:6e:99:d0:e1:77:5b:3f:9c:0f:ca:a0:
18:fc:97:a8:cd:fb:a7:10:7a:48:00:30:c0:57:a2:
60:9f:2b:37:6b:4e:1a:8a:7a:b7:9e:2c:84:75:e0:
dd:db:2f:aa:89:86:64:8d:05:22:ea:c3:20:19:00:
21:c4:61:dd:5d:6b:fa:9e:2c:b6:4f:17:9c:3c:95:
02:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:25:36:67:33:18:20:67:15:21:AE:84:D3:D3:4C:9F:EA:24:D2:92
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/YSU2ZzMYIGcVIa6E09NMn-ok0pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.44.0/22
185.161.72.0/22
185.199.28.0/22
194.39.44.0/22
IPv6:
2a07:c280::/32
Signature Algorithm: sha256WithRSAEncryption
29:3d:60:2a:3c:50:3e:6b:48:49:b8:f9:cb:37:a2:86:ac:89:
35:c2:cc:c3:a1:63:3f:23:93:2c:6d:1f:45:55:59:20:50:b9:
d5:bd:de:07:c7:47:d1:50:0d:31:c6:54:16:c8:bc:c8:67:dd:
fb:45:9e:53:2d:7e:fd:10:27:1c:99:98:cc:6c:c3:3a:fa:7e:
eb:d5:84:84:0b:51:4e:3f:ab:80:fd:59:3f:cc:af:56:5c:6e:
6d:19:b7:84:00:4b:4e:77:2d:eb:3b:14:5b:2c:b1:c7:cb:12:
44:a4:70:92:03:d7:fe:61:17:97:de:57:e1:dd:df:59:36:4c:
fd:96:a4:65:4f:87:85:ca:78:4d:a4:69:07:a9:d2:3d:95:cb:
85:78:fd:d1:b6:08:bb:9a:77:b7:fa:08:19:0d:9f:78:8e:47:
c3:8f:00:09:65:51:d8:a5:c1:c3:ff:f0:e6:cc:50:1f:fa:35:
6e:f5:30:32:fd:3f:32:25:18:8c:40:f8:74:9b:90:56:55:49:
f8:13:47:78:4b:71:cc:5a:3d:af:d9:3c:49:40:9c:bf:bc:36:
4b:54:db:9a:f9:55:f8:a9:b5:8a:dd:b3:b0:47:bc:45:ac:8f:
06:39:e4:66:e4:3f:a3:2c:69:41:b3:42:ad:5c:a2:e9:52:7a:
0d:b6:75:6f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDvZw7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NzIyYWVhMGVmNGMwNjY3ZGI4MTlmNWQ1YTNkYWVhNjM5OWYwMzhjMB4XDTIyMDEw
MTA5NTM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjEyNTM2NjczMzE4
MjA2NzE1MjFhZTg0ZDNkMzRjOWZlYTI0ZDI5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSUHtTsHSK9meGMQi5ZFqPFJmf09BXhTHVAGoSEDxkclH+v
noFPuu8pXBuiU6/U3mvD9GxiKuhPBZKkqleu0+3XMk/4oy4yzFh5i4+gUMz76jXT
ZJ5Q713GU+PkKdtTXUR6uK4CVX2UXPwhrQT++7fJVFiCfjcass+Srbq6FggA2HJH
Ee8dp9kl8XkvMzO/As9lI5aPc17CIqY/+6BaWcg/oz8Q8oLLidqMPDNcVUlI/c0K
XUwj426Z0OF3Wz+cD8qgGPyXqM37pxB6SAAwwFeiYJ8rN2tOGop6t54shHXg3dsv
qomGZI0FIurDIBkAIcRh3V1r+p4stk8XnDyVAr8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRhJTZnMxggZxUhroTT00yf6iTSkjAfBgNVHSMEGDAWgBRHIq6g70wGZ9uB
n11aPa6mOZ8DjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J5S3VvTzlNQm1mYmdaOWRXajJ1cGptZkE0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvODBjMzg3LWIyMGItNDMwYS1hNWU2LTZlMzA3NGM2YzY2My8x
L1lTVTJaek1ZSUdjVklhNkUwOU5Nbi1vazBwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
ODBjMzg3LWIyMGItNDMwYS1hNWU2LTZlMzA3NGM2YzY2My8xL1J5S3VvTzlNQm1m
YmdaOWRXajJ1cGptZkE0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi1fLAMEArmhSAMEArnHHAMEAsIn
LDANBAIAAjAHAwUAKgfCgDANBgkqhkiG9w0BAQsFAAOCAQEAKT1gKjxQPmtISbj5
yzeihqyJNcLMw6FjPyOTLG0fRVVZIFC51b3eB8dH0VANMcZUFsi8yGfd+0WeUy1+
/RAnHJmYzGzDOvp+69WEhAtRTj+rgP1ZP8yvVlxubRm3hABLTnct6zsUWyyxx8sS
RKRwkgPX/mEXl95X4d3fWTZM/ZakZU+Hhcp4TaRpB6nSPZXLhXj90bYIu5p3t/oI
GQ2feI5Hw48ACWVR2KXBw//w5sxQH/o1bvUwMv0/MiUYjED4dJuQVlVJ+BNHeEtx
zFo9r9k8SUCcv7w2S1TbmvlV+Km1it2zsEe8RayPBjnkZuQ/oyxpQbNCrVyi6VJ6
DbZ1bw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org