Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/yXXjQCwD3AsyJ8qZctsDCjvbZbI.roa
File: yXXjQCwD3AsyJ8qZctsDCjvbZbI.roa (raw, json)
Hash identifier: e4KtT9okdrksmH2rDMBA2ONnNwi7xlrwr46wu7CAIG4=
Subject key identifier: C9:75:E3:40:2C:03:DC:0B:32:27:CA:99:72:DB:03:0A:3B:DB:65:B2
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 01855D3F165D1B1BB66781B197AF494F771A
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/yXXjQCwD3AsyJ8qZctsDCjvbZbI.roa
Signing time: Thu 29 Dec 2022 09:38:13 +0000
ROA not before: Thu 29 Dec 2022 09:38:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212815
IP address blocks: 185.171.202.0/24 maxlen: 24
2a10:4640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:3f:16:5d:1b:1b:b6:67:81:b1:97:af:49:4f:77:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Dec 29 09:38:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c975e3402c03dc0b3227ca9972db030a3bdb65b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bc:28:0e:a3:27:8a:d3:2d:a7:de:f3:59:cb:
43:81:b0:c8:31:fe:92:38:c0:a2:69:2a:63:d2:ae:
bf:5f:6c:70:87:a0:b1:e4:79:8d:92:92:9a:63:b5:
09:65:07:71:72:81:ce:cd:f5:3d:5e:dc:c2:a8:99:
44:91:97:e6:4a:f2:ed:20:42:7d:7b:93:0e:fc:6b:
2d:1c:63:e6:c4:1a:54:da:bb:b3:7f:8d:77:c3:a6:
d1:ab:cf:67:25:65:1e:8c:17:23:dc:00:d7:f9:12:
41:b2:6d:c3:04:22:11:8d:ee:45:72:82:f8:a4:15:
11:b5:f5:d5:20:54:9e:bb:bb:df:1d:e3:71:5e:9c:
a9:8c:34:20:7b:26:3c:5e:38:ad:ec:e8:1a:fb:70:
91:d3:27:63:20:67:85:7b:8e:fd:f7:3e:7b:eb:29:
09:62:19:d7:cb:b0:a8:4d:f7:b0:f6:9d:14:e1:94:
fa:da:86:aa:c9:87:59:e4:1f:ef:a8:42:fe:2d:ec:
00:f6:a5:3b:cd:cd:2f:98:e1:66:11:b7:5c:22:a6:
eb:a1:57:ee:e8:de:33:43:14:15:a2:43:3e:cf:e0:
dd:a0:bf:94:44:02:d5:6c:9d:5c:a5:af:66:06:ef:
43:6a:a3:ab:bb:74:de:bb:95:46:e8:6f:18:42:55:
44:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:75:E3:40:2C:03:DC:0B:32:27:CA:99:72:DB:03:0A:3B:DB:65:B2
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/yXXjQCwD3AsyJ8qZctsDCjvbZbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.202.0/24
IPv6:
2a10:4640::/32
Signature Algorithm: sha256WithRSAEncryption
c3:f2:58:90:14:89:f5:46:5e:8f:de:bb:a8:99:0b:3b:db:89:
a9:91:41:47:84:77:1a:e4:e8:68:69:52:a9:19:59:1e:4e:df:
2a:05:93:ae:dd:0a:77:e4:74:1a:95:2c:ca:30:55:06:9f:a2:
0d:3c:b6:c9:0e:50:57:79:4b:b7:20:7c:d9:f7:95:e1:5f:46:
54:38:8a:65:5b:c0:a0:c3:fe:2f:28:de:fa:a2:db:65:4e:7f:
ee:a5:24:db:b0:ac:f9:fb:c1:9c:65:b4:67:c3:7c:62:50:78:
83:3b:5f:8f:3f:ba:fe:c3:9b:db:f9:34:bd:24:0c:24:d2:a4:
79:e7:86:90:0a:6f:61:ee:ae:fc:b8:d1:58:25:f0:65:4f:b8:
e7:ef:95:c0:2d:fc:b3:3e:2e:85:fb:d0:2e:bb:93:87:5b:f3:
9b:16:db:30:76:49:14:da:a6:61:fb:82:1c:40:8b:4c:22:f2:
56:cf:d4:77:97:87:77:de:b1:23:cb:28:71:4e:29:13:47:8f:
91:54:79:4f:48:ab:c3:c0:f6:65:ca:c4:f5:5d:93:cb:3a:7d:
cf:96:36:01:15:8a:80:78:d5:2b:c4:3e:1d:3d:29:b4:08:7d:
f0:4b:4d:8d:ef:52:0d:ff:83:5e:5a:c5:05:5d:52:7f:b3:e8:
4b:65:3b:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVdPxZdGxu2Z4Gxl69JT3caMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjIxMjI5MDkzODEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc1ZTM0MDJjMDNkYzBiMzIyN2NhOTk3MmRiMDMwYTNiZGI2NWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7woDqMnitMtp97zWctDgbDIMf6S
OMCiaSpj0q6/X2xwh6Cx5HmNkpKaY7UJZQdxcoHOzfU9XtzCqJlEkZfmSvLtIEJ9
e5MO/GstHGPmxBpU2ruzf413w6bRq89nJWUejBcj3ADX+RJBsm3DBCIRje5FcoL4
pBURtfXVIFSeu7vfHeNxXpypjDQgeyY8Xjit7Oga+3CR0ydjIGeFe4799z576ykJ
YhnXy7CoTfew9p0U4ZT62oaqyYdZ5B/vqEL+LewA9qU7zc0vmOFmEbdcIqbroVfu
6N4zQxQVokM+z+DdoL+URALVbJ1cpa9mBu9DaqOru3Teu5VG6G8YQlVEFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMl140AsA9wLMifKmXLbAwo722WyMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEveVhYalFDd0QzQXN5SjhxWmN0c0RDanZiWmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuavKMA0E
AgACMAcDBQAqEEZAMA0GCSqGSIb3DQEBCwUAA4IBAQDD8liQFIn1Rl6P3ruomQs7
24mpkUFHhHca5OhoaVKpGVkeTt8qBZOu3Qp35HQalSzKMFUGn6INPLbJDlBXeUu3
IHzZ95XhX0ZUOIplW8Cgw/4vKN76ottlTn/upSTbsKz5+8GcZbRnw3xiUHiDO1+P
P7r+w5vb+TS9JAwk0qR554aQCm9h7q78uNFYJfBlT7jn75XALfyzPi6F+9Auu5OH
W/ObFtswdkkU2qZh+4IcQItMIvJWz9R3l4d33rEjyyhxTikTR4+RVHlPSKvDwPZl
ysT1XZPLOn3PljYBFYqAeNUrxD4dPSm0CH3wS02N71IN/4NeWsUFXVJ/s+hLZTta
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:08 2023 by rpki-client on console-fra.rpki-client.org