Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/YIfgNzixqoVfoBTJlYYtxoAKVBw.roa
File: YIfgNzixqoVfoBTJlYYtxoAKVBw.roa (raw, json)
Hash identifier: 9piF7fHEH8gqaqhv+sjZxp7EEN1JYJVRcvQSe+YpnYs=
Subject key identifier: 60:87:E0:37:38:B1:AA:85:5F:A0:14:C9:95:86:2D:C6:80:0A:54:1C
Certificate issuer: /CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Certificate serial: 0184BFCAA99074B275BD98CC110D633DE611
Authority key identifier: 65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/YIfgNzixqoVfoBTJlYYtxoAKVBw.roa
Signing time: Mon 28 Nov 2022 19:50:40 +0000
ROA not before: Mon 28 Nov 2022 19:50:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205614
IP address blocks: 185.171.44.0/22 maxlen: 24
193.22.251.0/24 maxlen: 24
2a0d:1f80::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:ca:a9:90:74:b2:75:bd:98:cc:11:0d:63:3d:e6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Validity
Not Before: Nov 28 19:50:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6087e03738b1aa855fa014c995862dc6800a541c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:40:db:d6:f5:c5:a2:0f:ce:74:a9:4f:1a:29:
1c:8d:97:b8:99:db:bc:ae:fc:87:46:eb:c9:b3:62:
4a:a0:97:e7:ef:3d:56:33:c3:75:5b:b9:3f:ce:41:
19:0f:79:4a:f0:c1:a7:84:8e:ba:f2:a1:b7:fa:d2:
02:e5:48:e7:b1:47:f2:94:e4:e3:d6:b8:89:ac:67:
af:5e:05:89:36:7a:66:06:6d:f6:42:96:c2:01:a1:
5e:97:e0:03:c4:a7:b1:9b:17:aa:17:8f:c7:52:e4:
2e:56:d5:6d:4a:f1:b3:c6:14:2c:22:59:a5:25:48:
48:be:07:7f:86:ca:72:a3:82:d5:cd:02:e5:69:91:
75:60:68:55:62:12:8b:4d:ab:6e:62:97:76:6a:d3:
71:b0:53:04:98:93:ea:92:8e:76:3e:a6:82:09:f3:
42:63:75:0e:ee:09:74:34:ed:62:d3:37:25:d4:fa:
8a:e0:0b:34:a1:6b:29:95:3f:d1:42:b4:f0:7a:d2:
e0:85:49:a4:08:75:05:a5:57:b6:db:82:30:b2:f4:
3c:f4:51:fb:c7:5c:c0:05:7c:85:dd:76:09:0b:a1:
9e:9a:ed:11:27:37:b7:28:5e:99:8a:38:a2:f6:95:
0e:f6:9a:ad:bf:ca:2f:89:a2:d1:bc:3e:43:6b:57:
76:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:87:E0:37:38:B1:AA:85:5F:A0:14:C9:95:86:2D:C6:80:0A:54:1C
X509v3 Authority Key Identifier:
keyid:65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/YIfgNzixqoVfoBTJlYYtxoAKVBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.44.0/22
193.22.251.0/24
IPv6:
2a0d:1f80::/32
Signature Algorithm: sha256WithRSAEncryption
8d:3d:85:4b:3f:6b:22:56:95:f3:5e:91:f6:72:27:d6:80:47:
56:c4:81:93:b1:bf:e9:26:e9:fd:38:c4:b1:bb:69:d3:45:74:
c9:29:8f:23:27:fa:12:58:93:d1:99:d4:bf:3a:a0:43:c2:37:
d9:71:f4:a4:b2:55:97:d5:0e:35:c5:cd:16:9f:7a:5e:24:1a:
64:e0:97:c3:32:7c:72:2c:2b:89:e5:94:3e:a3:65:43:15:e8:
76:a1:86:a3:4a:7c:66:97:c5:73:2a:bb:1d:99:92:bc:39:da:
96:7c:54:9e:75:dd:83:36:83:bc:4b:18:e0:66:e2:8a:a0:3b:
c5:4c:62:d3:44:11:df:6e:31:39:7f:db:b7:5c:f6:b2:d9:71:
db:39:91:17:63:50:73:d0:b0:cd:f4:bd:d0:8f:b1:f5:ed:be:
d2:d8:49:46:0c:ac:3a:14:f5:3d:28:e2:89:45:86:83:75:49:
c0:ff:50:2f:47:62:f9:fa:a1:31:ea:07:7e:95:07:05:e2:6f:
96:c9:0f:a4:1d:d5:bd:1e:32:88:43:df:2c:dd:fa:97:a4:e5:
b5:85:3a:93:88:e3:54:4e:55:96:06:8d:48:02:6a:48:5d:23:
34:58:6a:85:9e:f8:69:a7:fe:bd:8f:ee:90:ba:37:cd:80:af:
75:59:a6:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYS/yqmQdLJ1vZjMEQ1jPeYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDYwOTY2OTVmN2U2NjEwYjE5YjA4ZTFkN2ZkOWM0ZDkx
NGE0ZjAwHhcNMjIxMTI4MTk1MDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDg3ZTAzNzM4YjFhYTg1NWZhMDE0Yzk5NTg2MmRjNjgwMGE1NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUDb1vXFog/OdKlPGikcjZe4mdu8
rvyHRuvJs2JKoJfn7z1WM8N1W7k/zkEZD3lK8MGnhI668qG3+tIC5UjnsUfylOTj
1riJrGevXgWJNnpmBm32QpbCAaFel+ADxKexmxeqF4/HUuQuVtVtSvGzxhQsIlml
JUhIvgd/hspyo4LVzQLlaZF1YGhVYhKLTatuYpd2atNxsFMEmJPqko52PqaCCfNC
Y3UO7gl0NO1i0zcl1PqK4As0oWsplT/RQrTwetLghUmkCHUFpVe224IwsvQ89FH7
x1zABXyF3XYJC6Gemu0RJze3KF6Zijii9pUO9pqtv8oviaLRvD5Da1d29wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGCH4Dc4saqFX6AUyZWGLcaAClQcMB8GA1UdIwQY
MBaAFGUGCWaV9+ZhCxmwjh1/2cTZFKTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgt
YTQxNTI1NThkMThjLzEvWUlmZ056aXhxb1Zmb0JUSmxZWXR4b0FLVkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgtYTQxNTI1NThkMThj
LzEvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuassAwQA
wRb7MA0EAgACMAcDBQAqDR+AMA0GCSqGSIb3DQEBCwUAA4IBAQCNPYVLP2siVpXz
XpH2cifWgEdWxIGTsb/pJun9OMSxu2nTRXTJKY8jJ/oSWJPRmdS/OqBDwjfZcfSk
slWX1Q41xc0Wn3peJBpk4JfDMnxyLCuJ5ZQ+o2VDFeh2oYajSnxml8VzKrsdmZK8
OdqWfFSedd2DNoO8SxjgZuKKoDvFTGLTRBHfbjE5f9u3XPay2XHbOZEXY1Bz0LDN
9L3Qj7H17b7S2ElGDKw6FPU9KOKJRYaDdUnA/1AvR2L5+qEx6gd+lQcF4m+WyQ+k
HdW9HjKIQ98s3fqXpOW1hTqTiONUTlWWBo1IAmpIXSM0WGqFnvhpp/69j+6QujfN
gK91Waao
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:35 2023 by rpki-client on console-fra.rpki-client.org