Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/9aeae7-df10-40a7-b933-081cb7cb88f3/1/yKk20kh-nQWBaBvgbfkK2t2Zi-g.roa
File: yKk20kh-nQWBaBvgbfkK2t2Zi-g.roa (raw, json)
Hash identifier: yYP25hSCsG3gRsYSfmCodzjnoY6dTvRqc5JFcmdPj3Q=
Subject key identifier: C8:A9:36:D2:48:7E:9D:05:81:68:1B:E0:6D:F9:0A:DA:DD:99:8B:E8
Certificate issuer: /CN=b712b25a2304f7ba44c38d0395ddf2ed04f5c7ef
Certificate serial: 07D6D4BC
Authority key identifier: B7:12:B2:5A:23:04:F7:BA:44:C3:8D:03:95:DD:F2:ED:04:F5:C7:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txKyWiME97pEw40Dld3y7QT1x-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/9aeae7-df10-40a7-b933-081cb7cb88f3/1/yKk20kh-nQWBaBvgbfkK2t2Zi-g.roa
Signing time: Sat 01 Jan 2022 06:57:02 +0000
ROA not before: Sat 01 Jan 2022 06:57:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204140
IP address blocks: 185.138.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131519676 (0x7d6d4bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b712b25a2304f7ba44c38d0395ddf2ed04f5c7ef
Validity
Not Before: Jan 1 06:57:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8a936d2487e9d0581681be06df90adadd998be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:87:53:d0:95:cd:01:c6:fd:78:aa:da:89:da:
4d:b8:86:84:d4:b8:3a:24:a7:62:1b:61:61:1a:36:
0c:12:63:bf:f2:54:e0:c2:93:a9:be:21:c7:d9:2c:
b4:ea:3d:30:4b:cc:1f:87:26:4d:35:4d:34:ca:98:
39:81:26:d7:e7:58:82:9b:99:69:f0:e3:9f:a9:c7:
9c:86:7f:25:4d:34:08:b1:4d:16:14:1a:e2:a9:1c:
c3:12:83:2c:c3:9d:63:be:00:db:b4:85:86:8a:02:
6e:5a:73:9c:b1:a8:48:78:f5:d1:b6:6a:90:1b:c3:
e8:51:70:28:87:d8:f3:0e:9e:4b:a2:39:5f:a2:44:
d5:ec:a0:d6:52:2f:61:71:95:d2:3f:52:8d:a9:43:
a9:e7:aa:18:63:84:ae:d8:56:e3:a5:f4:80:40:34:
7d:da:df:ff:9e:bd:3a:a0:51:27:7c:f8:00:0c:02:
22:9b:5b:69:5a:92:6f:81:e3:5b:3d:6a:69:07:f0:
af:cd:3f:33:e0:f9:61:cf:77:00:86:21:da:58:6e:
69:45:bc:94:8e:97:82:cc:6c:1f:54:97:25:0d:b3:
15:ef:ac:3c:be:5f:90:7d:d6:51:12:58:25:1c:95:
66:46:bf:47:f4:37:a4:bf:01:82:4a:17:91:55:47:
a1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A9:36:D2:48:7E:9D:05:81:68:1B:E0:6D:F9:0A:DA:DD:99:8B:E8
X509v3 Authority Key Identifier:
keyid:B7:12:B2:5A:23:04:F7:BA:44:C3:8D:03:95:DD:F2:ED:04:F5:C7:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txKyWiME97pEw40Dld3y7QT1x-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9aeae7-df10-40a7-b933-081cb7cb88f3/1/yKk20kh-nQWBaBvgbfkK2t2Zi-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9aeae7-df10-40a7-b933-081cb7cb88f3/1/txKyWiME97pEw40Dld3y7QT1x-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.148.0/22
Signature Algorithm: sha256WithRSAEncryption
51:ca:7f:05:69:eb:7d:4a:d1:7e:0e:ba:22:3f:60:51:df:32:
3c:e7:7f:82:fc:1e:48:42:5c:3a:1c:38:30:9b:9e:b0:ba:11:
a5:f5:84:3e:60:a5:61:9d:25:33:aa:41:21:cf:c8:b4:04:63:
db:84:d4:64:94:cf:b9:d9:1b:7c:27:c2:9f:0f:15:ff:5a:86:
7e:15:b2:fc:75:49:d0:4b:c1:80:eb:6e:d3:f0:84:89:fc:ea:
41:fd:fb:d2:aa:52:31:4a:09:77:4f:6b:4c:46:2c:49:a1:be:
60:ad:90:9f:74:d4:9a:b7:8b:7c:ad:e1:90:e9:de:9b:e5:da:
2b:dc:92:84:95:9d:1b:3c:f3:65:60:0b:01:9f:bb:f4:0c:5e:
9a:08:49:35:e5:c9:0e:3b:60:fa:57:25:ea:93:d6:16:65:0e:
32:4a:49:7d:42:a7:1b:f8:8d:6c:90:2f:60:34:49:22:42:f9:
92:d1:cf:82:e9:ea:3d:01:c4:dc:dc:f1:b6:69:fe:3b:2f:b7:
ce:1a:3d:d7:bb:7e:01:ad:59:eb:55:ff:eb:68:a3:57:8d:40:
71:9a:50:17:52:97:8a:d6:37:43:6b:0c:65:93:8c:d0:d0:c7:
30:00:aa:01:6a:7d:d7:2f:10:1f:e6:f9:8e:7e:2b:98:0c:6b:
b3:ea:50:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB9bUvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzEyYjI1YTIzMDRmN2JhNDRjMzhkMDM5NWRkZjJlZDA0ZjVjN2VmMB4XDTIyMDEw
MTA2NTcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhhOTM2ZDI0ODdl
OWQwNTgxNjgxYmUwNmRmOTBhZGFkZDk5OGJlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqHU9CVzQHG/Xiq2onaTbiGhNS4OiSnYhthYRo2DBJjv/JU
4MKTqb4hx9kstOo9MEvMH4cmTTVNNMqYOYEm1+dYgpuZafDjn6nHnIZ/JU00CLFN
FhQa4qkcwxKDLMOdY74A27SFhooCblpznLGoSHj10bZqkBvD6FFwKIfY8w6eS6I5
X6JE1eyg1lIvYXGV0j9SjalDqeeqGGOErthW46X0gEA0fdrf/569OqBRJ3z4AAwC
IptbaVqSb4HjWz1qaQfwr80/M+D5Yc93AIYh2lhuaUW8lI6XgsxsH1SXJQ2zFe+s
PL5fkH3WURJYJRyVZka/R/Q3pL8BgkoXkVVHocsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTIqTbSSH6dBYFoG+Bt+Qra3ZmL6DAfBgNVHSMEGDAWgBS3ErJaIwT3ukTD
jQOV3fLtBPXH7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R4S3lXaU1FOTdwRXc0MERsZDN5N1FUMXgtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvOWFlYWU3LWRmMTAtNDBhNy1iOTMzLTA4MWNiN2NiODhmMy8x
L3lLazIwa2gtblFXQmFCdmdiZmtLMnQyWmktZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
OWFlYWU3LWRmMTAtNDBhNy1iOTMzLTA4MWNiN2NiODhmMy8xL3R4S3lXaU1FOTdw
RXc0MERsZDN5N1FUMXgtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmKlDANBgkqhkiG9w0BAQsFAAOC
AQEAUcp/BWnrfUrRfg66Ij9gUd8yPOd/gvweSEJcOhw4MJuesLoRpfWEPmClYZ0l
M6pBIc/ItARj24TUZJTPudkbfCfCnw8V/1qGfhWy/HVJ0EvBgOtu0/CEifzqQf37
0qpSMUoJd09rTEYsSaG+YK2Qn3TUmreLfK3hkOnem+XaK9yShJWdGzzzZWALAZ+7
9AxemghJNeXJDjtg+lcl6pPWFmUOMkpJfUKnG/iNbJAvYDRJIkL5ktHPgunqPQHE
3Nzxtmn+Oy+3zho917t+Aa1Z61X/62ijV41AcZpQF1KXitY3Q2sMZZOM0NDHMACq
AWp91y8QH+b5jn4rmAxrs+pQIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org