Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/yGcL1gJMixgpHUJRm9NlN6ZWjt4.roa
File: yGcL1gJMixgpHUJRm9NlN6ZWjt4.roa (raw, json)
Hash identifier: vD6qkyt7XlBQ22Xw4PEzkigj1qWHM44QoRB6w07+U2g=
Subject key identifier: C8:67:0B:D6:02:4C:8B:18:29:1D:42:51:9B:D3:65:37:A6:56:8E:DE
Certificate issuer: /CN=e81074e32822c8bef3a7dcb31280825bd27545c9
Certificate serial: 0184C508D3B66EE91BFD7033A83ED250110D
Authority key identifier: E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/yGcL1gJMixgpHUJRm9NlN6ZWjt4.roa
Signing time: Tue 29 Nov 2022 20:16:40 +0000
ROA not before: Tue 29 Nov 2022 20:16:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60815
IP address blocks: 185.20.24.0/23 maxlen: 23
185.20.24.0/22 maxlen: 22
185.20.24.0/24 maxlen: 24
185.20.27.0/24 maxlen: 24
185.20.26.0/24 maxlen: 24
185.20.26.0/23 maxlen: 23
185.20.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c5:08:d3:b6:6e:e9:1b:fd:70:33:a8:3e:d2:50:11:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e81074e32822c8bef3a7dcb31280825bd27545c9
Validity
Not Before: Nov 29 20:16:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8670bd6024c8b18291d42519bd36537a6568ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8a:72:b0:d1:57:42:69:2d:f8:7a:e0:6e:98:
39:30:cb:81:49:30:22:32:17:94:65:9c:e5:ff:39:
97:0b:8b:7b:6c:c9:d4:82:be:2f:d3:0d:8b:4c:e3:
76:c5:0e:04:04:2c:e5:0e:7a:88:93:9e:3b:17:9c:
12:60:f1:98:8d:f5:ac:51:16:7c:dd:c1:a8:66:e9:
b8:0a:7e:bf:61:ce:2f:21:ac:05:e4:70:88:3d:94:
b1:93:ad:c3:3a:7f:c9:0d:34:cd:b0:66:ea:aa:cc:
0f:90:a7:90:68:67:36:6f:e0:f2:a0:b4:0d:bd:44:
72:fb:b0:95:5c:96:23:d4:22:8a:b9:51:75:ff:4b:
be:a8:32:96:6a:bb:63:2f:b5:b4:cb:b8:5d:24:75:
5e:99:bf:dd:9f:e0:7a:f6:05:34:a7:67:7c:74:cd:
63:6c:f4:ca:07:f4:ff:c8:6c:5d:8a:a9:75:20:28:
96:32:37:0a:c0:3b:e5:20:00:bf:f0:f3:ac:ef:67:
ec:17:27:8c:ff:e8:4a:8d:5d:1e:5c:fb:b0:2d:d8:
d2:3e:18:25:08:f6:a0:9a:1c:93:9c:2e:7c:e8:17:
20:50:b2:1f:00:94:b7:96:8e:43:eb:ae:e3:ab:73:
20:67:3d:ea:94:b8:aa:da:bb:fe:a1:b1:83:96:11:
9c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:67:0B:D6:02:4C:8B:18:29:1D:42:51:9B:D3:65:37:A6:56:8E:DE
X509v3 Authority Key Identifier:
keyid:E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/yGcL1gJMixgpHUJRm9NlN6ZWjt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/6BB04ygiyL7zp9yzEoCCW9J1Rck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.24.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:ba:24:5e:71:90:00:ba:7a:c8:09:86:81:58:d6:b1:a7:0c:
9a:43:29:8d:89:9c:92:a8:2d:7a:45:d1:88:a9:09:e0:a5:12:
f8:bc:25:73:f3:65:99:4c:1d:3d:53:96:60:1a:04:c0:d1:b1:
ad:5a:5a:0a:de:40:0b:4e:2a:5f:6a:bf:4e:64:b7:1f:18:3c:
19:59:9f:f1:de:7f:95:1c:39:b4:0f:91:8a:c9:04:8c:3e:e1:
a9:c8:73:0f:e8:c2:22:7c:11:ae:8b:b3:18:16:3b:1a:9e:78:
6d:1c:48:96:fd:59:32:92:7e:72:c2:c5:48:5b:23:f8:38:3f:
d3:8c:59:82:b6:3d:19:b8:8c:61:8f:a6:22:9c:be:86:b0:20:
8c:7c:9f:8c:d3:a3:94:0c:6c:be:67:d7:c8:b7:57:e6:a5:25:
89:cc:f1:6c:5f:b2:cd:8f:f0:46:7b:38:21:87:c0:14:d5:c7:
50:b1:bc:94:03:dc:04:d2:5b:c8:41:53:82:47:d1:e0:e9:45:
0b:4f:1f:9c:e3:5b:66:51:f9:2b:46:70:bc:02:5f:4f:68:3d:
bc:ba:f4:b2:6f:4c:37:e0:e8:42:cf:00:c2:56:87:a7:87:c9:
39:dd:0e:9d:7e:a9:0c:cc:d2:f5:7f:c3:0f:e2:a6:9a:8d:00:
4f:6e:7c:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTFCNO2bukb/XAzqD7SUBENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTA3NGUzMjgyMmM4YmVmM2E3ZGNiMzEyODA4MjViZDI3
NTQ1YzkwHhcNMjIxMTI5MjAxNjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY3MGJkNjAyNGM4YjE4MjkxZDQyNTE5YmQzNjUzN2E2NTY4ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgopysNFXQmkt+Hrgbpg5MMuBSTAi
MheUZZzl/zmXC4t7bMnUgr4v0w2LTON2xQ4EBCzlDnqIk547F5wSYPGYjfWsURZ8
3cGoZum4Cn6/Yc4vIawF5HCIPZSxk63DOn/JDTTNsGbqqswPkKeQaGc2b+DyoLQN
vURy+7CVXJYj1CKKuVF1/0u+qDKWartjL7W0y7hdJHVemb/dn+B69gU0p2d8dM1j
bPTKB/T/yGxdiql1ICiWMjcKwDvlIAC/8POs72fsFyeM/+hKjV0eXPuwLdjSPhgl
CPagmhyTnC586BcgULIfAJS3lo5D667jq3MgZz3qlLiq2rv+obGDlhGc/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhnC9YCTIsYKR1CUZvTZTemVo7eMB8GA1UdIwQY
MBaAFOgQdOMoIsi+86fcsxKAglvSdUXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQt
M2U0ZTg0ZjM1Y2QwLzEveUdjTDFnSk1peGdwSFVKUm05TmxONlpXanQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQtM2U0ZTg0ZjM1Y2Qw
LzEvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRQYMA0G
CSqGSIb3DQEBCwUAA4IBAQA/uiRecZAAunrICYaBWNaxpwyaQymNiZySqC16RdGI
qQngpRL4vCVz82WZTB09U5ZgGgTA0bGtWloK3kALTipfar9OZLcfGDwZWZ/x3n+V
HDm0D5GKyQSMPuGpyHMP6MIifBGui7MYFjsannhtHEiW/Vkykn5ywsVIWyP4OD/T
jFmCtj0ZuIxhj6YinL6GsCCMfJ+M06OUDGy+Z9fIt1fmpSWJzPFsX7LNj/BGezgh
h8AU1cdQsbyUA9wE0lvIQVOCR9Hg6UULTx+c41tmUfkrRnC8Al9PaD28uvSyb0w3
4OhCzwDCVoenh8k53Q6dfqkMzNL1f8MP4qaajQBPbnw8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:53 2024 by rpki-client on console-ams.rpki-client.org