Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/_yUJvVsBohK4qMKY67efDmbxzdo.roa
File: _yUJvVsBohK4qMKY67efDmbxzdo.roa (raw, json)
Hash identifier: Ur9DGW8MLOkJz7wfDppHcDL3rm+KyNjfkHa5esSz5Bc=
Subject key identifier: FF:25:09:BD:5B:01:A2:12:B8:A8:C2:98:EB:B7:9F:0E:66:F1:CD:DA
Certificate issuer: /CN=6c05cf9c327b2fc877be8b561822b065e09690c2
Certificate serial: 088AE2E8
Authority key identifier: 6C:05:CF:9C:32:7B:2F:C8:77:BE:8B:56:18:22:B0:65:E0:96:90:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAXPnDJ7L8h3votWGCKwZeCWkMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/_yUJvVsBohK4qMKY67efDmbxzdo.roa
Signing time: Sat 01 Jan 2022 09:03:00 +0000
ROA not before: Sat 01 Jan 2022 09:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49321
IP address blocks: 194.93.68.0/22 maxlen: 24
185.245.56.0/23 maxlen: 24
2a0d:140::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143319784 (0x88ae2e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c05cf9c327b2fc877be8b561822b065e09690c2
Validity
Not Before: Jan 1 09:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff2509bd5b01a212b8a8c298ebb79f0e66f1cdda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e7:79:ac:d2:3c:ae:30:73:dc:3e:e8:27:e3:
cf:84:78:c3:3c:8a:7e:14:fe:cb:6d:9c:f1:59:f8:
bf:71:dc:bf:c5:4b:a5:ff:4f:1d:1b:62:d1:64:c7:
db:40:6d:5b:f4:40:97:1f:07:13:61:3a:0e:f2:b8:
13:3b:e3:d0:c9:ec:b4:19:da:90:1a:bd:a4:45:81:
82:73:23:24:c3:50:5d:81:57:7b:13:35:37:6b:a7:
b6:ce:5d:a1:22:aa:f9:a5:be:69:54:fd:4c:4a:e8:
17:8b:fa:fd:f0:2f:fc:88:f2:00:85:d0:1d:83:54:
cb:c2:39:4b:80:5f:b7:8c:db:a6:e5:4d:0b:08:98:
e6:4c:5c:f3:46:9c:a4:84:c6:8a:4c:ac:98:a8:fd:
6c:37:e3:2b:06:ed:8f:91:8c:c7:2f:5b:f2:21:40:
7d:83:53:75:4e:8c:d8:9a:92:0e:4d:d1:f8:0d:a2:
db:96:5d:90:b7:5b:6d:9f:77:7b:e7:05:2e:a9:7e:
67:fc:be:7d:fd:de:aa:48:9c:e0:89:10:c8:b3:b2:
18:ce:4d:08:4c:e5:5b:ef:1c:60:ca:84:d6:05:a5:
33:13:15:e4:2c:35:2a:95:08:5c:31:d1:27:71:c7:
3b:a8:0c:88:7c:b7:db:87:2f:91:1c:ca:e2:31:25:
c3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:25:09:BD:5B:01:A2:12:B8:A8:C2:98:EB:B7:9F:0E:66:F1:CD:DA
X509v3 Authority Key Identifier:
keyid:6C:05:CF:9C:32:7B:2F:C8:77:BE:8B:56:18:22:B0:65:E0:96:90:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAXPnDJ7L8h3votWGCKwZeCWkMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/_yUJvVsBohK4qMKY67efDmbxzdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/bAXPnDJ7L8h3votWGCKwZeCWkMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.56.0/23
194.93.68.0/22
IPv6:
2a0d:140::/29
Signature Algorithm: sha256WithRSAEncryption
78:ec:93:ea:04:1d:d3:80:60:0b:b9:37:0c:35:92:e8:16:d6:
17:63:d0:ba:4e:08:35:a7:1f:16:76:c2:73:30:29:a2:d7:d7:
c2:3b:4f:15:da:9b:14:ee:66:3b:77:7e:78:e7:eb:09:05:1f:
80:f4:16:b8:4e:2f:4f:d3:1e:e3:85:1f:f5:1b:28:92:28:64:
01:89:c0:f2:13:bf:cd:6e:41:96:b8:e9:23:e4:a4:f5:93:80:
dc:a1:98:d4:46:88:b3:62:d8:36:d5:10:18:f2:95:db:71:66:
d0:d5:8d:3b:ff:47:24:6e:b5:6a:b9:14:4c:25:80:37:53:38:
07:48:a7:dd:4d:8b:f6:07:ef:33:5d:97:3f:31:ba:4c:11:ae:
09:e1:ba:18:a2:cc:5b:f5:4b:10:44:44:c8:4d:7d:69:97:97:
bb:5c:86:a2:93:5a:90:e6:7d:e4:6b:c4:e5:a3:92:8e:39:16:
99:71:ea:65:bb:89:9e:94:01:fa:2b:01:43:90:41:ec:3d:14:
7f:b0:28:9d:36:a6:67:95:bd:ed:2c:87:b9:e2:45:d9:b8:65:
3f:41:c7:64:ed:e4:fe:d5:c6:f1:08:fb:5e:8d:45:be:1e:83:
9b:2c:8e:31:03:d3:51:e8:0a:3b:d6:2d:f6:33:33:8c:4f:38:
ca:4c:2c:9e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECIri6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzA1Y2Y5YzMyN2IyZmM4NzdiZThiNTYxODIyYjA2NWUwOTY5MGMyMB4XDTIyMDEw
MTA5MDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYyNTA5YmQ1YjAx
YTIxMmI4YThjMjk4ZWJiNzlmMGU2NmYxY2RkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnneazSPK4wc9w+6Cfjz4R4wzyKfhT+y22c8Vn4v3Hcv8VL
pf9PHRti0WTH20BtW/RAlx8HE2E6DvK4Ezvj0MnstBnakBq9pEWBgnMjJMNQXYFX
exM1N2unts5doSKq+aW+aVT9TEroF4v6/fAv/IjyAIXQHYNUy8I5S4Bft4zbpuVN
CwiY5kxc80acpITGikysmKj9bDfjKwbtj5GMxy9b8iFAfYNTdU6M2JqSDk3R+A2i
25ZdkLdbbZ93e+cFLql+Z/y+ff3eqkic4IkQyLOyGM5NCEzlW+8cYMqE1gWlMxMV
5Cw1KpUIXDHRJ3HHO6gMiHy324cvkRzK4jElwyECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT/JQm9WwGiEriowpjrt58OZvHN2jAfBgNVHSMEGDAWgBRsBc+cMnsvyHe+
i1YYIrBl4JaQwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JBWFBuREo3TDhoM3ZvdFdHQ0t3WmVDV2tNSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvMmY1ZWM3LWFjMmItNGM2Ni05MzY0LTlhNjE4MzE4NjlhZS8x
L195VUp2VnNCb2hLNHFNS1k2N2VmRG1ieHpkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
MmY1ZWM3LWFjMmItNGM2Ni05MzY0LTlhNjE4MzE4NjlhZS8xL2JBWFBuREo3TDho
M3ZvdFdHQ0t3WmVDV2tNSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAbn1OAMEAsJdRDANBAIAAjAHAwUD
Kg0BQDANBgkqhkiG9w0BAQsFAAOCAQEAeOyT6gQd04BgC7k3DDWS6BbWF2PQuk4I
NacfFnbCczApotfXwjtPFdqbFO5mO3d+eOfrCQUfgPQWuE4vT9Me44Uf9Rsokihk
AYnA8hO/zW5BlrjpI+Sk9ZOA3KGY1EaIs2LYNtUQGPKV23Fm0NWNO/9HJG61arkU
TCWAN1M4B0in3U2L9gfvM12XPzG6TBGuCeG6GKLMW/VLEEREyE19aZeXu1yGopNa
kOZ95GvE5aOSjjkWmXHqZbuJnpQB+isBQ5BB7D0Uf7AonTamZ5W97SyHueJF2bhl
P0HHZO3k/tXG8Qj7Xo1Fvh6DmyyOMQPTUegKO9Yt9jMzjE84ykwsng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org