Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/yXnFwvYw43sjAFfX2dHj3Hwp0nE.roa
File: yXnFwvYw43sjAFfX2dHj3Hwp0nE.roa (raw, json)
Hash identifier: VGyFmBAPZ9iCNaC+WHVw8YrUBzvE7Q/mdhjvgfkfVA8=
Subject key identifier: C9:79:C5:C2:F6:30:E3:7B:23:00:57:D7:D9:D1:E3:DC:7C:29:D2:71
Certificate issuer: /CN=78b04fbafaa36b71fcd36eca50b5fe0e88dd3551
Certificate serial: 17E9A988
Authority key identifier: 78:B0:4F:BA:FA:A3:6B:71:FC:D3:6E:CA:50:B5:FE:0E:88:DD:35:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eLBPuvqja3H8027KULX-DojdNVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/yXnFwvYw43sjAFfX2dHj3Hwp0nE.roa
Signing time: Sat 01 Jan 2022 09:56:13 +0000
ROA not before: Sat 01 Jan 2022 09:56:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201997
IP address blocks: 185.59.186.0/23 maxlen: 23
185.59.186.0/24 maxlen: 24
185.59.184.0/22 maxlen: 22
185.59.185.0/24 maxlen: 24
185.59.184.0/24 maxlen: 24
185.59.187.0/24 maxlen: 24
2a02:6ca1::/32 maxlen: 32
2a02:6ca4::/32 maxlen: 32
2a02:6ca2::/32 maxlen: 32
2a02:6ca0::/32 maxlen: 32
2a02:6ca0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 401189256 (0x17e9a988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78b04fbafaa36b71fcd36eca50b5fe0e88dd3551
Validity
Not Before: Jan 1 09:56:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c979c5c2f630e37b230057d7d9d1e3dc7c29d271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3e:6b:3e:e5:2f:9f:c0:04:67:14:54:1e:63:
98:df:d2:05:5a:a0:3d:66:c3:82:be:37:50:7c:81:
0d:16:ea:6a:08:47:f0:fb:05:4c:1f:86:21:30:1d:
7c:91:7f:f1:ca:db:1f:69:92:34:4b:56:b6:7a:4b:
38:7f:69:34:cb:35:76:42:ef:b5:6c:df:1e:5a:12:
7e:88:8a:ce:0a:3e:37:eb:c3:07:aa:8d:0d:7c:9c:
45:e6:ba:c8:68:8e:47:6b:e5:25:cf:6e:37:0c:65:
36:aa:d6:c2:ec:08:1c:f4:f4:32:7f:73:63:ee:97:
b7:87:f0:84:4e:01:84:c5:cd:29:fa:24:7a:ae:91:
56:2c:fc:83:3f:7b:9a:cd:a9:60:d1:56:19:6d:06:
3d:c6:01:4d:2f:19:d6:2a:49:6d:a2:1e:9e:f5:2c:
f9:4c:d4:7c:0f:9f:47:9a:e6:08:e7:4d:45:cf:5d:
63:91:c6:af:8d:8a:ef:44:18:b6:d7:46:d4:8c:b8:
27:f8:26:74:00:cf:42:96:56:53:88:c6:e5:81:41:
8b:17:c2:26:bc:e9:f2:3c:ce:17:0d:d3:5d:ad:5a:
8e:9d:88:af:fc:65:6b:ae:65:57:9a:64:69:75:e1:
98:98:c8:c9:57:ba:da:a5:b6:22:e8:5f:b7:ce:a5:
3e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:79:C5:C2:F6:30:E3:7B:23:00:57:D7:D9:D1:E3:DC:7C:29:D2:71
X509v3 Authority Key Identifier:
keyid:78:B0:4F:BA:FA:A3:6B:71:FC:D3:6E:CA:50:B5:FE:0E:88:DD:35:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eLBPuvqja3H8027KULX-DojdNVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/yXnFwvYw43sjAFfX2dHj3Hwp0nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/eLBPuvqja3H8027KULX-DojdNVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.184.0/22
IPv6:
2a02:6ca0::-2a02:6ca2:ffff:ffff:ffff:ffff:ffff:ffff
2a02:6ca4::/32
Signature Algorithm: sha256WithRSAEncryption
31:f4:40:46:87:9c:a2:67:1c:93:c4:32:6a:ea:2e:6b:5d:d1:
d6:dd:23:b4:2e:49:89:04:5c:3f:06:dc:33:ca:9a:40:85:f2:
19:0f:53:0e:02:28:fb:79:59:b5:49:15:c5:4a:54:9e:bf:4a:
99:15:38:e9:3f:79:0a:ef:0d:3d:4b:e1:88:d4:6d:93:a6:5e:
4e:ac:aa:0a:14:3c:b9:b3:0f:96:23:24:79:93:4a:ae:15:d7:
77:cb:8f:e2:5b:23:2c:a1:e5:08:96:34:dd:6a:bc:ec:ec:60:
fe:4d:bb:5f:b6:6d:a9:d5:16:e1:d4:c7:45:3c:81:57:95:b7:
dc:eb:96:1e:3f:e9:fa:3a:1e:d8:0e:fd:0c:53:bf:6e:53:70:
e8:59:95:aa:da:3f:32:ce:7c:9b:83:71:ac:ac:9a:3d:9a:5d:
bb:74:59:0e:11:25:38:f7:62:a0:79:cd:9f:8a:33:cd:78:c4:
2f:0a:2f:17:da:47:d4:ce:7c:ee:f8:82:99:d7:44:cd:d9:73:
42:dc:5d:6e:f8:9e:0a:d5:3a:c2:e2:58:bd:89:ac:1d:8a:16:
9c:57:d2:52:83:55:b2:22:7b:bf:fe:36:ed:a7:a0:75:71:30:
3c:8f:b2:2d:a3:2a:38:87:0d:c0:fd:34:93:3d:a5:eb:fb:0f:
73:53:e3:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEF+mpiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OGIwNGZiYWZhYTM2YjcxZmNkMzZlY2E1MGI1ZmUwZTg4ZGQzNTUxMB4XDTIyMDEw
MTA5NTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk3OWM1YzJmNjMw
ZTM3YjIzMDA1N2Q3ZDlkMWUzZGM3YzI5ZDI3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8+az7lL5/ABGcUVB5jmN/SBVqgPWbDgr43UHyBDRbqaghH
8PsFTB+GITAdfJF/8crbH2mSNEtWtnpLOH9pNMs1dkLvtWzfHloSfoiKzgo+N+vD
B6qNDXycRea6yGiOR2vlJc9uNwxlNqrWwuwIHPT0Mn9zY+6Xt4fwhE4BhMXNKfok
eq6RViz8gz97ms2pYNFWGW0GPcYBTS8Z1ipJbaIenvUs+UzUfA+fR5rmCOdNRc9d
Y5HGr42K70QYttdG1Iy4J/gmdADPQpZWU4jG5YFBixfCJrzp8jzOFw3TXa1ajp2I
r/xla65lV5pkaXXhmJjIyVe62qW2Iuhft86lPrUCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBTJecXC9jDjeyMAV9fZ0ePcfCnScTAfBgNVHSMEGDAWgBR4sE+6+qNrcfzT
bspQtf4OiN01UTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VMQlB1dnFqYTNIODAyN0tVTFgtRG9qZE5WRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvYzQxYzc0LTBiODItNDBlNy1hMGJmLTBhYWUxY2NkODc0Yi8x
L3lYbkZ3dll3NDNzakFGZlgyZEhqM0h3cDBuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
YzQxYzc0LTBiODItNDBlNy1hMGJmLTBhYWUxY2NkODc0Yi8xL2VMQlB1dnFqYTNI
ODAyN0tVTFgtRG9qZE5WRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wDAQCAAEwBgMEArk7uDAdBAIAAjAXMA4DBQUqAmyg
AwUAKgJsogMFACoCbKQwDQYJKoZIhvcNAQELBQADggEBADH0QEaHnKJnHJPEMmrq
Lmtd0dbdI7QuSYkEXD8G3DPKmkCF8hkPUw4CKPt5WbVJFcVKVJ6/SpkVOOk/eQrv
DT1L4YjUbZOmXk6sqgoUPLmzD5YjJHmTSq4V13fLj+JbIyyh5QiWNN1qvOzsYP5N
u1+2banVFuHUx0U8gVeVt9zrlh4/6fo6HtgO/QxTv25TcOhZlaraPzLOfJuDcays
mj2aXbt0WQ4RJTj3YqB5zZ+KM814xC8KLxfaR9TOfO74gpnXRM3Zc0LcXW74ngrV
OsLiWL2JrB2KFpxX0lKDVbIie7/+Nu2noHVxMDyPsi2jKjiHDcD9NJM9pev7D3NT
48s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:54 2023 by rpki-client on console-fra.rpki-client.org