Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/yGnGSowUipj2sHGhifeBHxJh4wA.roa
File: yGnGSowUipj2sHGhifeBHxJh4wA.roa (raw, json)
Hash identifier: 46XRzGNLFpyMV3pc+VRpy98RyR0BZHpXPTWy//r+2Fg=
Subject key identifier: C8:69:C6:4A:8C:14:8A:98:F6:B0:71:A1:89:F7:81:1F:12:61:E3:00
Certificate issuer: /CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Certificate serial: 15C5D6F1
Authority key identifier: 2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/yGnGSowUipj2sHGhifeBHxJh4wA.roa
Signing time: Sat 01 Jan 2022 08:01:37 +0000
ROA not before: Sat 01 Jan 2022 08:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57118
IP address blocks: 185.95.216.0/22 maxlen: 24
2a05:fc80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 365287153 (0x15c5d6f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Validity
Not Before: Jan 1 08:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c869c64a8c148a98f6b071a189f7811f1261e300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e7:1a:59:5d:93:c3:19:01:d1:36:5b:4e:38:
67:48:3c:7f:f8:4b:ea:02:95:17:db:16:fe:6c:02:
ae:be:70:3d:f6:df:4e:2f:ee:e1:a6:f9:02:93:c0:
34:47:61:b5:3a:bf:a0:78:48:fc:c3:cf:14:02:1d:
65:6a:42:3a:46:c2:10:a4:13:d0:09:2c:21:d7:1c:
73:fc:93:bb:c8:69:7d:7f:46:cb:c5:59:e0:8c:91:
b2:bc:b6:87:32:b4:5e:5b:8d:c2:6e:36:54:f3:eb:
16:ed:15:19:62:7c:ad:b7:6c:bd:2c:54:13:2c:1f:
5c:93:4a:05:0b:bc:a9:9c:9e:98:79:68:8d:c2:36:
f9:21:5c:a4:bd:f5:e3:5c:51:6d:04:cc:a2:21:1a:
f3:53:5b:82:24:27:22:54:6f:0d:5a:80:3d:08:ac:
e2:fc:c8:aa:76:f4:71:1f:06:fd:e4:a0:8d:b5:67:
7c:28:66:a4:a6:b4:db:8e:4a:c9:b1:d8:37:f9:75:
e7:a1:99:16:74:b9:2b:ce:e5:4c:d4:8f:4e:b4:19:
df:60:39:01:e6:d4:7d:39:fe:cb:c6:78:bc:0a:97:
ea:75:38:92:bb:1b:fb:7f:6d:b1:55:19:46:49:a9:
41:30:a9:3b:2e:93:90:64:96:cb:e6:f5:0a:4c:fd:
5c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:69:C6:4A:8C:14:8A:98:F6:B0:71:A1:89:F7:81:1F:12:61:E3:00
X509v3 Authority Key Identifier:
keyid:2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/yGnGSowUipj2sHGhifeBHxJh4wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.216.0/22
IPv6:
2a05:fc80::/29
Signature Algorithm: sha256WithRSAEncryption
22:f5:be:bf:41:60:b5:b2:9e:54:20:0b:d9:8b:34:d0:bb:0b:
a0:95:5b:96:d3:0f:60:a5:e8:d8:e7:4f:44:87:a9:48:f4:ca:
87:1d:49:1b:2e:b8:f8:8c:c0:4c:d1:70:b1:d4:f0:9e:21:43:
1a:8f:b5:6f:26:b8:93:1d:bb:74:2b:3c:7e:e9:82:eb:82:81:
4d:8f:87:8c:8c:44:7c:c6:f5:59:89:11:20:04:df:6d:11:b0:
48:5d:48:bd:4d:2c:71:22:b4:a7:b1:b9:28:af:b1:0d:4d:82:
d4:19:c6:b0:ee:82:53:7a:ad:65:a6:e6:12:2f:f4:4b:a1:0d:
3a:c9:3d:1f:76:e7:b2:17:19:e5:c4:a5:f5:fc:b5:da:d0:8a:
7b:6c:68:ca:4a:c7:c7:2e:03:7f:ad:7b:e3:18:72:7d:87:20:
c0:1a:b2:af:e9:fd:cd:1d:10:40:f6:12:21:30:00:d1:93:46:
97:74:40:9d:b3:46:0e:8b:56:24:6f:55:10:84:2c:54:6f:6e:
f5:86:62:82:38:d8:65:e6:8e:9d:59:99:7f:32:dc:90:f2:0e:
5a:12:81:35:7d:e2:b1:c8:9a:d6:5b:6d:44:66:10:80:3c:ee:
db:ea:68:9e:eb:95:7c:1d:f2:cf:00:4b:b5:c6:ed:0e:44:6c:
fa:97:8e:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFcXW8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YTBjYzQ2MzAxYzhiMWZkNDYzOTI5MzAxOGZiYTUzNjUzYTI2NWIyMB4XDTIyMDEw
MTA4MDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg2OWM2NGE4YzE0
OGE5OGY2YjA3MWExODlmNzgxMWYxMjYxZTMwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbnGlldk8MZAdE2W044Z0g8f/hL6gKVF9sW/mwCrr5wPfbf
Ti/u4ab5ApPANEdhtTq/oHhI/MPPFAIdZWpCOkbCEKQT0AksIdccc/yTu8hpfX9G
y8VZ4IyRsry2hzK0XluNwm42VPPrFu0VGWJ8rbdsvSxUEywfXJNKBQu8qZyemHlo
jcI2+SFcpL3141xRbQTMoiEa81NbgiQnIlRvDVqAPQis4vzIqnb0cR8G/eSgjbVn
fChmpKa0245KybHYN/l156GZFnS5K87lTNSPTrQZ32A5AebUfTn+y8Z4vAqX6nU4
krsb+39tsVUZRkmpQTCpOy6TkGSWy+b1Ckz9XL8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTIacZKjBSKmPawcaGJ94EfEmHjADAfBgNVHSMEGDAWgBQqDMRjAcix/UY5
KTAY+6U2U6JlsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tnekVZd0hJc2YxR09Ta3dHUHVsTmxPaVpiSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvMjg2MmQxLTJjYzktNDU2NS04NmMyLTJiYjU1OTdhMjQzNS8x
L3lHbkdTb3dVaXBqMnNIR2hpZmVCSHhKaDR3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
Mjg2MmQxLTJjYzktNDU2NS04NmMyLTJiYjU1OTdhMjQzNS8xL0tnekVZd0hJc2Yx
R09Ta3dHUHVsTmxPaVpiSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlf2DANBAIAAjAHAwUDKgX8gDAN
BgkqhkiG9w0BAQsFAAOCAQEAIvW+v0FgtbKeVCAL2Ys00LsLoJVbltMPYKXo2OdP
RIepSPTKhx1JGy64+IzATNFwsdTwniFDGo+1bya4kx27dCs8fumC64KBTY+HjIxE
fMb1WYkRIATfbRGwSF1IvU0scSK0p7G5KK+xDU2C1BnGsO6CU3qtZabmEi/0S6EN
Osk9H3bnshcZ5cSl9fy12tCKe2xoykrHxy4Df6174xhyfYcgwBqyr+n9zR0QQPYS
ITAA0ZNGl3RAnbNGDotWJG9VEIQsVG9u9YZigjjYZeaOnVmZfzLckPIOWhKBNX3i
scia1lttRGYQgDzu2+ponuuVfB3yzwBLtcbtDkRs+peOdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:00 2024 by rpki-client on console-ams.rpki-client.org