Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/jYxTPfGkBHML6qISc11T9QJBSVo.roa
File: jYxTPfGkBHML6qISc11T9QJBSVo.roa (raw, json)
Hash identifier: i9sI1dqYrrUNaHR4XTFASX6GORWPbzd1ebqRINOWg1o=
Subject key identifier: 8D:8C:53:3D:F1:A4:04:73:0B:EA:A2:12:73:5D:53:F5:02:41:49:5A
Certificate issuer: /CN=57be8fc79c93504fc21ff70fba469a4cbbe2f029
Certificate serial: 05705480
Authority key identifier: 57:BE:8F:C7:9C:93:50:4F:C2:1F:F7:0F:BA:46:9A:4C:BB:E2:F0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V76Px5yTUE_CH_cPukaaTLvi8Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/jYxTPfGkBHML6qISc11T9QJBSVo.roa
Signing time: Sat 01 Jan 2022 09:56:01 +0000
ROA not before: Sat 01 Jan 2022 09:56:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200970
IP address blocks: 185.145.16.0/22 maxlen: 22
185.145.16.0/24 maxlen: 24
185.145.17.0/24 maxlen: 24
185.145.18.0/24 maxlen: 24
185.145.19.0/24 maxlen: 24
185.89.160.0/24 maxlen: 24
185.89.161.0/24 maxlen: 24
185.89.162.0/24 maxlen: 24
185.89.160.0/22 maxlen: 22
185.89.163.0/24 maxlen: 24
2a05:d9c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91247744 (0x5705480)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57be8fc79c93504fc21ff70fba469a4cbbe2f029
Validity
Not Before: Jan 1 09:56:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d8c533df1a404730beaa212735d53f50241495a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cb:fa:c6:65:92:73:d6:a4:e3:c6:2e:87:07:
09:a7:67:30:85:21:f4:5e:05:69:1e:76:3f:2f:cc:
7f:c5:59:86:d7:c0:67:a1:a7:b2:58:f7:95:33:12:
7f:e1:b7:ef:38:67:a9:45:09:42:18:78:20:1e:89:
db:ff:cd:3e:25:a3:ea:b2:46:2a:0a:4b:64:20:f0:
d4:50:d3:51:a6:19:3b:10:86:16:4c:1d:a8:79:eb:
3e:8a:e6:a9:28:83:57:8f:6e:04:69:8b:fa:ae:bd:
dc:17:98:81:d8:fd:ae:22:a0:e2:d3:e9:f0:8b:af:
7a:d4:3b:23:f1:2a:78:a9:57:d0:a1:f5:35:3a:25:
4a:5a:0b:e1:1a:9e:a7:14:75:38:fb:76:23:fd:93:
a9:14:69:0d:cf:8c:95:b9:c2:b7:60:fd:e1:3e:04:
a8:25:c1:9c:cd:e9:7a:3b:aa:e4:12:69:be:f4:ed:
c3:5b:b8:03:cc:00:4b:67:e4:e2:c6:69:94:7b:f8:
68:66:94:5e:9e:d1:9c:63:fe:aa:ca:05:31:b0:bc:
f0:b5:09:2d:da:e0:3e:0e:a0:e4:71:39:71:eb:96:
bf:8a:97:3d:ba:f1:5c:8b:48:68:90:d9:0d:87:b8:
f9:e0:21:d6:d8:1e:f0:91:27:4b:a5:8d:36:d3:a0:
40:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8C:53:3D:F1:A4:04:73:0B:EA:A2:12:73:5D:53:F5:02:41:49:5A
X509v3 Authority Key Identifier:
keyid:57:BE:8F:C7:9C:93:50:4F:C2:1F:F7:0F:BA:46:9A:4C:BB:E2:F0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V76Px5yTUE_CH_cPukaaTLvi8Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/jYxTPfGkBHML6qISc11T9QJBSVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/V76Px5yTUE_CH_cPukaaTLvi8Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.160.0/22
185.145.16.0/22
IPv6:
2a05:d9c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:bc:b8:63:85:77:20:b6:7f:99:64:50:b0:df:ec:7d:fe:84:
32:8e:dd:fe:08:66:2a:61:c7:92:81:c7:02:35:9b:d2:e7:6c:
3f:02:7f:9c:4d:7c:c3:06:1e:48:85:05:a2:84:a8:a6:2f:1c:
d7:75:e9:13:6b:b6:f4:55:71:5d:96:64:ed:a7:d1:ce:20:af:
25:eb:64:79:ba:dc:a5:6d:a5:06:eb:2a:16:a0:e2:93:37:72:
e0:50:be:8c:78:5f:c7:ff:1e:75:e4:80:99:ff:dc:c7:1f:cd:
e0:ec:2a:d8:18:6b:ec:dd:1f:30:52:3d:9d:a3:8e:93:48:74:
62:54:81:05:39:f3:52:3f:4f:60:04:5b:23:9b:6d:14:c2:99:
d7:b9:c4:f9:95:2d:75:c1:95:07:3d:ce:ec:e3:0c:2c:eb:9d:
fc:54:d4:e1:bb:b5:2a:43:31:67:b1:49:cf:84:8b:3a:e2:ec:
00:41:40:7d:ed:f1:09:ee:02:92:d4:17:bc:50:10:39:60:7c:
5e:53:a8:62:f5:1a:47:a2:f6:91:a2:0a:3e:38:8f:91:5a:c7:
aa:b9:ab:d8:7e:e4:34:01:6b:84:a3:d0:cc:fb:b5:a6:0c:5d:
fb:5d:cd:78:b8:86:1a:95:4c:ed:61:1e:56:ef:10:19:fd:56:
82:25:19:03
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBXBUgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
N2JlOGZjNzljOTM1MDRmYzIxZmY3MGZiYTQ2OWE0Y2JiZTJmMDI5MB4XDTIyMDEw
MTA5NTYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQ4YzUzM2RmMWE0
MDQ3MzBiZWFhMjEyNzM1ZDUzZjUwMjQxNDk1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXL+sZlknPWpOPGLocHCadnMIUh9F4FaR52Py/Mf8VZhtfA
Z6Gnslj3lTMSf+G37zhnqUUJQhh4IB6J2//NPiWj6rJGKgpLZCDw1FDTUaYZOxCG
FkwdqHnrPormqSiDV49uBGmL+q693BeYgdj9riKg4tPp8IuvetQ7I/EqeKlX0KH1
NTolSloL4RqepxR1OPt2I/2TqRRpDc+MlbnCt2D94T4EqCXBnM3pejuq5BJpvvTt
w1u4A8wAS2fk4sZplHv4aGaUXp7RnGP+qsoFMbC88LUJLdrgPg6g5HE5ceuWv4qX
PbrxXItIaJDZDYe4+eAh1tge8JEnS6WNNtOgQOECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSNjFM98aQEcwvqohJzXVP1AkFJWjAfBgNVHSMEGDAWgBRXvo/HnJNQT8If
9w+6RppMu+LwKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y3NlB4NXlUVUVfQ0hfY1B1a2FhVEx2aThDay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvMThiZTk3LWRmM2EtNGUxZC1iNTYxLTUzYzY5YzFjZTUwYy8x
L2pZeFRQZkdrQkhNTDZxSVNjMTFUOVFKQlNWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
MThiZTk3LWRmM2EtNGUxZC1iNTYxLTUzYzY5YzFjZTUwYy8xL1Y3NlB4NXlUVUVf
Q0hfY1B1a2FhVEx2aThDay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlZoAMEArmREDANBAIAAjAHAwUD
KgXZwDANBgkqhkiG9w0BAQsFAAOCAQEAhby4Y4V3ILZ/mWRQsN/sff6EMo7d/ghm
KmHHkoHHAjWb0udsPwJ/nE18wwYeSIUFooSopi8c13XpE2u29FVxXZZk7afRziCv
JetkebrcpW2lBusqFqDikzdy4FC+jHhfx/8edeSAmf/cxx/N4Owq2Bhr7N0fMFI9
naOOk0h0YlSBBTnzUj9PYARbI5ttFMKZ17nE+ZUtdcGVBz3O7OMMLOud/FTU4bu1
KkMxZ7FJz4SLOuLsAEFAfe3xCe4CktQXvFAQOWB8XlOoYvUaR6L2kaIKPjiPkVrH
qrmr2H7kNAFrhKPQzPu1pgxd+13NeLiGGpVM7WEeVu8QGf1WgiUZAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:34 2024 by rpki-client on console-fra.rpki-client.org