Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/5bbebc-cf36-43a4-9974-9b6cfd8a2aa3/1/yUN9GT5L7Egdb7Hw4I4mH_n9WqU.roa
File: yUN9GT5L7Egdb7Hw4I4mH_n9WqU.roa (raw, json)
Hash identifier: kN2sOa7o/RJEPOmeU8EB7RANtNW1ToCpdB1aD1mwvrY=
Subject key identifier: C9:43:7D:19:3E:4B:EC:48:1D:6F:B1:F0:E0:8E:26:1F:F9:FD:5A:A5
Certificate issuer: /CN=e68f4c85d7683633c338e03dd8eca447bf3f6785
Certificate serial: 01834582139A194F95207FDE71F9B4F61D63
Authority key identifier: E6:8F:4C:85:D7:68:36:33:C3:38:E0:3D:D8:EC:A4:47:BF:3F:67:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5o9MhddoNjPDOOA92OykR78_Z4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/5bbebc-cf36-43a4-9974-9b6cfd8a2aa3/1/yUN9GT5L7Egdb7Hw4I4mH_n9WqU.roa
Signing time: Fri 16 Sep 2022 08:54:55 +0000
ROA not before: Fri 16 Sep 2022 08:54:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62340
IP address blocks: 185.39.112.0/23 maxlen: 23
185.39.114.0/23 maxlen: 23
92.43.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:45:82:13:9a:19:4f:95:20:7f:de:71:f9:b4:f6:1d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e68f4c85d7683633c338e03dd8eca447bf3f6785
Validity
Not Before: Sep 16 08:54:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9437d193e4bec481d6fb1f0e08e261ff9fd5aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1c:35:cf:79:4d:49:92:b0:90:c9:7a:15:9b:
7d:0a:07:1d:70:7a:f8:2c:dc:14:63:cb:e4:3d:a7:
3e:48:b6:4f:cc:7b:04:a6:60:3e:e7:6d:7b:b8:e8:
43:d5:74:7a:9d:5a:3b:59:a2:e9:51:6f:08:8d:6e:
e1:45:ba:7f:6c:16:74:81:34:06:87:0f:35:40:aa:
56:84:d5:ce:73:25:f8:db:d1:6a:9e:ee:28:c5:0e:
6c:77:81:63:e6:39:ff:db:54:52:b4:c6:fa:5d:2d:
51:ae:19:06:d2:07:5e:4d:94:b5:57:bb:d2:52:18:
89:94:1a:93:3f:92:dc:37:32:84:fc:0f:ca:33:a0:
61:e3:11:00:59:72:c4:c7:9a:d4:f0:10:78:38:f7:
9f:3e:81:f7:bf:45:80:44:d3:55:98:dd:fb:84:40:
1a:fd:55:cc:f7:a9:b8:67:5b:17:99:75:87:00:c5:
2d:cb:62:2c:d9:a0:e1:72:82:81:6c:16:77:6a:7c:
41:4e:c0:bb:df:79:55:27:56:ca:32:cf:0b:19:81:
ce:c0:4e:30:d4:fa:4b:c8:17:39:6b:45:c0:e3:40:
d5:da:26:58:8f:3e:08:4c:54:f9:df:85:ff:fc:a7:
99:21:9f:56:65:94:14:ec:dc:6b:99:76:cd:df:0a:
f2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:43:7D:19:3E:4B:EC:48:1D:6F:B1:F0:E0:8E:26:1F:F9:FD:5A:A5
X509v3 Authority Key Identifier:
keyid:E6:8F:4C:85:D7:68:36:33:C3:38:E0:3D:D8:EC:A4:47:BF:3F:67:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5o9MhddoNjPDOOA92OykR78_Z4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/5bbebc-cf36-43a4-9974-9b6cfd8a2aa3/1/yUN9GT5L7Egdb7Hw4I4mH_n9WqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/5bbebc-cf36-43a4-9974-9b6cfd8a2aa3/1/5o9MhddoNjPDOOA92OykR78_Z4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.166.0/23
185.39.112.0/22
Signature Algorithm: sha256WithRSAEncryption
48:fa:bd:2b:42:33:d1:cc:79:8c:c7:a8:46:52:56:97:a8:14:
22:cc:89:e2:2f:76:26:e8:50:2d:34:38:5e:c9:3d:9d:19:c7:
53:fd:b7:fc:1c:da:42:0c:c0:fb:5b:83:d4:50:ac:ff:cf:c0:
cf:6b:ac:f2:63:fb:cd:12:fb:8c:15:97:f3:ca:19:1f:33:c5:
ed:9b:98:c9:8d:02:95:52:c4:b3:cb:77:2c:58:e9:11:87:38:
51:89:49:5b:5c:b5:af:3a:26:ec:49:cd:03:c6:91:91:03:0e:
3b:96:3e:19:d3:ee:0e:77:3c:b9:0d:90:82:fe:71:fb:87:a7:
fc:28:e0:49:37:69:ff:97:95:a2:c3:2f:32:40:4c:54:1d:ec:
8c:e9:5c:51:0e:72:a8:f7:59:8e:97:b0:b7:1d:90:c4:bf:13:
70:a8:41:68:2e:ae:60:27:42:0c:da:57:10:0d:b4:20:a6:b0:
cb:7b:ba:0f:bd:40:fe:2f:41:32:00:4a:b7:b8:1c:d1:55:0d:
c9:8f:3a:71:55:ce:74:2e:9c:47:5d:ee:8f:e5:3a:d3:bb:de:
45:ff:9f:6b:2b:db:66:39:94:be:80:54:1f:e0:93:cf:51:92:
de:76:ea:51:ab:6e:5b:73:de:8f:2b:30:ad:c2:c3:f0:b6:cf:
c8:d0:8d:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNFghOaGU+VIH/ecfm09h1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OGY0Yzg1ZDc2ODM2MzNjMzM4ZTAzZGQ4ZWNhNDQ3YmYz
ZjY3ODUwHhcNMjIwOTE2MDg1NDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQzN2QxOTNlNGJlYzQ4MWQ2ZmIxZjBlMDhlMjYxZmY5ZmQ1YWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhw1z3lNSZKwkMl6FZt9CgcdcHr4
LNwUY8vkPac+SLZPzHsEpmA+5217uOhD1XR6nVo7WaLpUW8IjW7hRbp/bBZ0gTQG
hw81QKpWhNXOcyX429Fqnu4oxQ5sd4Fj5jn/21RStMb6XS1RrhkG0gdeTZS1V7vS
UhiJlBqTP5LcNzKE/A/KM6Bh4xEAWXLEx5rU8BB4OPefPoH3v0WARNNVmN37hEAa
/VXM96m4Z1sXmXWHAMUty2Is2aDhcoKBbBZ3anxBTsC733lVJ1bKMs8LGYHOwE4w
1PpLyBc5a0XA40DV2iZYjz4ITFT534X//KeZIZ9WZZQU7NxrmXbN3wryPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMlDfRk+S+xIHW+x8OCOJh/5/VqlMB8GA1UdIwQY
MBaAFOaPTIXXaDYzwzjgPdjspEe/P2eFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW85TWhkZG9OalBET09BOTJPeWtSNzhfWjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy81YmJlYmMtY2YzNi00M2E0LTk5NzQt
OWI2Y2ZkOGEyYWEzLzEveVVOOUdUNUw3RWdkYjdIdzRJNG1IX245V3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy81YmJlYmMtY2YzNi00M2E0LTk5NzQtOWI2Y2ZkOGEyYWEz
LzEvNW85TWhkZG9OalBET09BOTJPeWtSNzhfWjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXCumAwQC
uSdwMA0GCSqGSIb3DQEBCwUAA4IBAQBI+r0rQjPRzHmMx6hGUlaXqBQizIniL3Ym
6FAtNDheyT2dGcdT/bf8HNpCDMD7W4PUUKz/z8DPa6zyY/vNEvuMFZfzyhkfM8Xt
m5jJjQKVUsSzy3csWOkRhzhRiUlbXLWvOibsSc0DxpGRAw47lj4Z0+4Odzy5DZCC
/nH7h6f8KOBJN2n/l5Wiwy8yQExUHeyM6VxRDnKo91mOl7C3HZDEvxNwqEFoLq5g
J0IM2lcQDbQgprDLe7oPvUD+L0EyAEq3uBzRVQ3JjzpxVc50LpxHXe6P5TrTu95F
/59rK9tmOZS+gFQf4JPPUZLedupRq25bc96PKzCtwsPwts/I0I1m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:48 2024 by rpki-client on console-fra.rpki-client.org