Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/YitBx3O6xSo2oH4NPq-jmLumzHM.roa
File: YitBx3O6xSo2oH4NPq-jmLumzHM.roa (raw, json)
Hash identifier: +lTjAx0l5vs0KbCZHUjgG+Wn24rczBYsF8cps/ExkBQ=
Subject key identifier: 62:2B:41:C7:73:BA:C5:2A:36:A0:7E:0D:3E:AF:A3:98:BB:A6:CC:73
Certificate issuer: /CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Certificate serial: 18CAB4FC
Authority key identifier: 9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/YitBx3O6xSo2oH4NPq-jmLumzHM.roa
Signing time: Fri 01 Apr 2022 14:19:01 +0000
ROA not before: Fri 01 Apr 2022 14:19:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1200
IP address blocks: 91.236.189.0/24 maxlen: 24
193.105.101.0/24 maxlen: 24
185.55.139.0/24 maxlen: 24
185.55.138.0/24 maxlen: 24
185.55.137.0/24 maxlen: 24
185.55.136.0/22 maxlen: 22
185.55.136.0/24 maxlen: 24
91.200.16.0/22 maxlen: 22
195.69.144.0/22 maxlen: 22
195.60.82.128/26 maxlen: 26
80.249.208.0/21 maxlen: 21
2001:67c:1a8::/48 maxlen: 48
2a02:4b60::/32 maxlen: 32
2001:7f8:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415937788 (0x18cab4fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Validity
Not Before: Apr 1 14:19:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=622b41c773bac52a36a07e0d3eafa398bba6cc73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:d6:dd:0d:22:5f:2a:b1:c1:b8:79:5f:b7:92:
3e:67:fd:31:ed:24:af:8d:da:42:00:db:8c:85:a0:
de:a1:7d:de:d7:4b:84:b3:7c:17:64:e6:72:67:07:
69:b4:84:15:50:08:3d:82:0d:ac:d9:5b:b3:82:b2:
d1:7e:cf:ab:61:46:ef:a5:ad:07:5a:11:ea:89:ed:
85:4d:ce:9c:ce:a2:3d:c4:e2:74:bc:f4:e1:a7:f5:
39:cd:8d:a1:81:dd:27:f4:df:1c:94:7b:e1:23:23:
0c:14:c9:5a:76:30:91:b8:3c:7c:ec:db:ef:09:8c:
5a:e2:ac:a9:fe:80:76:0a:bd:b7:ca:bf:34:03:06:
a5:23:fd:59:0e:ae:75:0e:c3:bc:bf:c5:b2:6b:9e:
f7:4a:a0:f1:93:2e:63:a3:f4:3b:16:ca:83:ec:95:
52:9f:fc:9d:a3:05:28:31:af:23:48:1d:c4:33:82:
96:7d:23:3a:ed:d3:cd:45:d9:d5:5c:c9:7f:af:fd:
31:9d:5f:df:fa:cb:eb:95:92:a7:05:51:91:c6:dd:
6d:24:f1:c2:5b:86:85:b9:cf:ba:94:77:a6:8f:d2:
50:f6:6e:9d:75:20:23:1d:74:a0:d9:01:b2:33:6c:
6c:5d:d7:2c:a8:37:f0:24:7c:a4:6a:9a:a0:f4:2d:
bb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:2B:41:C7:73:BA:C5:2A:36:A0:7E:0D:3E:AF:A3:98:BB:A6:CC:73
X509v3 Authority Key Identifier:
keyid:9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/YitBx3O6xSo2oH4NPq-jmLumzHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.208.0/21
91.200.16.0/22
91.236.189.0/24
185.55.136.0/22
193.105.101.0/24
195.60.82.128/26
195.69.144.0/22
IPv6:
2001:67c:1a8::/48
2001:7f8:1::/48
2a02:4b60::/32
Signature Algorithm: sha256WithRSAEncryption
34:73:02:a9:2c:30:21:89:1b:2b:92:34:89:50:05:a3:36:f4:
cb:d7:9e:84:10:f6:f5:e2:62:d1:36:2d:30:04:53:3b:49:3a:
cc:c4:11:6a:d8:15:8f:96:1c:ac:4a:94:ba:78:f4:f7:ea:f0:
8a:5c:35:e8:0b:16:70:28:89:6d:58:07:e4:d8:0d:83:64:e7:
07:bc:4e:3d:f5:f1:df:2d:94:64:f3:4c:b6:ca:ae:50:fd:4e:
74:d0:e3:d7:d7:49:d6:6d:15:80:17:af:04:b7:85:d3:6e:e1:
a0:d9:c9:d3:bd:b0:2c:21:36:2c:62:c5:83:bb:b9:d7:99:9b:
96:a1:ec:38:e2:ab:f0:b2:0b:4c:84:a2:bd:81:ee:18:ae:0f:
1c:c1:1f:24:0e:94:f6:62:54:57:f4:a7:03:d4:3a:d5:7f:56:
6b:a1:1e:78:8a:a3:b2:74:79:2a:28:cf:4e:1e:20:13:d2:9f:
b1:da:a9:71:0c:e3:ff:e1:c6:63:fe:1e:ae:12:c7:14:a7:37:
8f:f1:ea:32:1a:1b:ea:93:e2:e6:f4:a3:d3:8a:02:02:01:2d:
49:d1:81:50:e8:f6:de:58:b8:29:74:72:d1:0b:58:1e:5a:a0:
18:92:c5:66:a5:cc:75:11:3a:b6:a0:db:51:46:40:29:54:39:
c4:a8:eb:70
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEGMq0/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjZmYjc5NTQxNzlhOTY2NmI0Y2I2YWZlMzQ2ZDFlMjFlYzMwZTQ1MB4XDTIyMDQw
MTE0MTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIyYjQxYzc3M2Jh
YzUyYTM2YTA3ZTBkM2VhZmEzOThiYmE2Y2M3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObW3Q0iXyqxwbh5X7eSPmf9Me0kr43aQgDbjIWg3qF93tdL
hLN8F2TmcmcHabSEFVAIPYINrNlbs4Ky0X7Pq2FG76WtB1oR6onthU3OnM6iPcTi
dLz04af1Oc2NoYHdJ/TfHJR74SMjDBTJWnYwkbg8fOzb7wmMWuKsqf6Adgq9t8q/
NAMGpSP9WQ6udQ7DvL/Fsmue90qg8ZMuY6P0OxbKg+yVUp/8naMFKDGvI0gdxDOC
ln0jOu3TzUXZ1VzJf6/9MZ1f3/rL65WSpwVRkcbdbSTxwluGhbnPupR3po/SUPZu
nXUgIx10oNkBsjNsbF3XLKg38CR8pGqaoPQtu9kCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBRiK0HHc7rFKjagfg0+r6OYu6bMczAfBgNVHSMEGDAWgBSfb7eVQXmpZmtM
tq/jRtHiHsMORTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L24yLTNsVUY1cVdaclRMYXY0MGJSNGg3RERrVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvMGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8x
L1lpdEJ4M082eFNvMm9INE5QcS1qbUx1bXpITS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
MGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8xL24yLTNsVUY1cVda
clRMYXY0MGJSNGg3RERrVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwMQQCAAEwKwMEA1D50AMEAlvIEAMEAFvsvQMEArk3
iAMEAMFpZQMFBsM8UoADBALDRZAwHwQCAAIwGQMHACABBnwBqAMHACABB/gAAQMF
ACoCS2AwDQYJKoZIhvcNAQELBQADggEBADRzAqksMCGJGyuSNIlQBaM29MvXnoQQ
9vXiYtE2LTAEUztJOszEEWrYFY+WHKxKlLp49Pfq8IpcNegLFnAoiW1YB+TYDYNk
5we8Tj318d8tlGTzTLbKrlD9TnTQ49fXSdZtFYAXrwS3hdNu4aDZydO9sCwhNixi
xYO7udeZm5ah7Djiq/CyC0yEor2B7hiuDxzBHyQOlPZiVFf0pwPUOtV/VmuhHniK
o7J0eSooz04eIBPSn7HaqXEM4//hxmP+Hq4SxxSnN4/x6jIaG+qT4ub0o9OKAgIB
LUnRgVDo9t5YuCl0ctELWB5aoBiSxWalzHUROrag21FGQClUOcSo63A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:56 2024 by rpki-client on console-ams.rpki-client.org