Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/46477a-8708-4b37-875b-670030dcac30/1/YLcFg1NXnPsccYx8Pq0EFs6cQjY.roa
File: YLcFg1NXnPsccYx8Pq0EFs6cQjY.roa (raw, json)
Hash identifier: yya/LhD8VfDY0Z8hux9CFQyIt5fRMF7DrHjG8ynbffE=
Subject key identifier: 60:B7:05:83:53:57:9C:FB:1C:71:8C:7C:3E:AD:04:16:CE:9C:42:36
Certificate issuer: /CN=dd2496feff991276bd1b85336b7697a9800f84c1
Certificate serial: 0468C821
Authority key identifier: DD:24:96:FE:FF:99:12:76:BD:1B:85:33:6B:76:97:A9:80:0F:84:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SSW_v-ZEna9G4Uza3aXqYAPhME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/46477a-8708-4b37-875b-670030dcac30/1/YLcFg1NXnPsccYx8Pq0EFs6cQjY.roa
Signing time: Sat 01 Jan 2022 16:01:32 +0000
ROA not before: Sat 01 Jan 2022 16:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207839
IP address blocks: 84.234.104.0/23 maxlen: 23
84.234.104.0/22 maxlen: 22
84.234.106.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73975841 (0x468c821)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2496feff991276bd1b85336b7697a9800f84c1
Validity
Not Before: Jan 1 16:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60b7058353579cfb1c718c7c3ead0416ce9c4236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f9:b7:14:fa:83:d4:36:d8:53:03:1e:75:7d:
c4:93:32:3d:4b:55:9a:2c:6f:b4:b6:c1:ae:83:91:
f5:fd:fd:4f:34:e7:a9:2a:22:e3:1d:95:bb:0a:3a:
a3:19:7c:56:68:e4:13:ba:d2:e0:4d:94:f4:30:f6:
05:92:79:b2:ff:5a:b1:88:5a:92:13:fb:93:f9:86:
76:a7:32:57:a4:83:21:0f:98:f1:74:b5:b1:0d:55:
cc:0c:8e:30:a8:bd:5f:65:7e:9a:db:63:c5:c6:35:
94:78:16:50:de:b8:12:a1:15:0d:f7:de:b9:fc:6c:
d6:a9:0e:e9:37:64:00:38:6d:28:56:d2:ef:5e:85:
b3:fe:db:87:7f:11:e0:8f:7d:4f:56:e6:83:92:c8:
83:50:f5:3a:3f:a2:59:75:17:bd:cc:06:c0:31:cd:
d5:51:b7:24:f1:f1:f3:e8:5f:73:a1:38:86:a0:cf:
fd:89:a7:31:82:de:5f:e8:35:b7:08:85:b2:b2:02:
80:5e:82:ba:b4:12:fb:47:e5:0a:6f:77:a3:3e:ef:
34:10:5f:87:47:60:bf:72:49:0f:22:7d:ce:1a:6e:
fb:44:c2:68:34:d8:8d:b7:6e:10:88:ec:a8:b2:c0:
20:40:29:4e:a9:b3:08:14:33:73:04:76:ad:16:9f:
be:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B7:05:83:53:57:9C:FB:1C:71:8C:7C:3E:AD:04:16:CE:9C:42:36
X509v3 Authority Key Identifier:
keyid:DD:24:96:FE:FF:99:12:76:BD:1B:85:33:6B:76:97:A9:80:0F:84:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SSW_v-ZEna9G4Uza3aXqYAPhME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/46477a-8708-4b37-875b-670030dcac30/1/YLcFg1NXnPsccYx8Pq0EFs6cQjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/46477a-8708-4b37-875b-670030dcac30/1/3SSW_v-ZEna9G4Uza3aXqYAPhME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.104.0/22
Signature Algorithm: sha256WithRSAEncryption
46:de:3f:70:c8:c2:36:b3:22:98:ac:c4:7e:9b:2f:33:22:c2:
77:e0:8b:78:a8:c9:81:69:7e:43:be:0f:cd:a7:f3:ec:d3:74:
7a:eb:9d:9b:ae:d6:be:9c:d3:ac:4f:3c:8e:ca:d5:94:4a:3e:
cb:e4:78:7d:2e:2d:2a:50:23:7b:85:01:93:d7:8b:5f:57:64:
bb:32:e1:7c:97:2a:77:f9:0d:0d:35:3b:06:75:38:e6:ea:f0:
24:83:b7:ff:47:ae:0e:5d:9a:23:3f:25:8d:c3:a4:63:79:fd:
26:d9:99:fe:4f:2a:92:dc:06:4b:8f:8f:19:ac:d0:07:72:c1:
18:5f:7b:56:6e:7c:1f:ed:d3:4b:22:fe:74:2a:e6:c8:11:17:
76:8d:45:f6:21:8d:65:08:bd:7a:c9:00:b3:fe:00:0c:16:50:
55:a4:6b:46:be:2d:8a:f7:d9:bf:da:f4:c3:23:4f:4c:f6:33:
76:18:74:60:83:c2:8d:76:37:2b:06:dc:19:63:2d:fe:66:c9:
57:66:14:a0:ce:cf:56:06:27:a3:3c:97:51:c0:a8:19:02:80:
c7:e2:e3:e5:e8:7e:98:d2:5c:f6:57:fb:c2:52:a2:10:59:10:
73:37:9a:7f:fc:a4:ee:a9:ca:ea:b5:5c:17:d5:53:9f:d3:c3:
9c:23:fe:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBGjIITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDI0OTZmZWZmOTkxMjc2YmQxYjg1MzM2Yjc2OTdhOTgwMGY4NGMxMB4XDTIyMDEw
MTE2MDEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBiNzA1ODM1MzU3
OWNmYjFjNzE4YzdjM2VhZDA0MTZjZTljNDIzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO35txT6g9Q22FMDHnV9xJMyPUtVmixvtLbBroOR9f39TzTn
qSoi4x2Vuwo6oxl8VmjkE7rS4E2U9DD2BZJ5sv9asYhakhP7k/mGdqcyV6SDIQ+Y
8XS1sQ1VzAyOMKi9X2V+mttjxcY1lHgWUN64EqEVDffeufxs1qkO6TdkADhtKFbS
716Fs/7bh38R4I99T1bmg5LIg1D1Oj+iWXUXvcwGwDHN1VG3JPHx8+hfc6E4hqDP
/YmnMYLeX+g1twiFsrICgF6CurQS+0flCm93oz7vNBBfh0dgv3JJDyJ9zhpu+0TC
aDTYjbduEIjsqLLAIEApTqmzCBQzcwR2rRafvh8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRgtwWDU1ec+xxxjHw+rQQWzpxCNjAfBgNVHSMEGDAWgBTdJJb+/5kSdr0b
hTNrdpepgA+EwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNTU1dfdi1aRW5hOUc0VXphM2FYcVlBUGhNRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvNDY0NzdhLTg3MDgtNGIzNy04NzViLTY3MDAzMGRjYWMzMC8x
L1lMY0ZnMU5YblBzY2NZeDhQcTBFRnM2Y1FqWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
NDY0NzdhLTg3MDgtNGIzNy04NzViLTY3MDAzMGRjYWMzMC8xLzNTU1dfdi1aRW5h
OUc0VXphM2FYcVlBUGhNRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlTqaDANBgkqhkiG9w0BAQsFAAOC
AQEARt4/cMjCNrMimKzEfpsvMyLCd+CLeKjJgWl+Q74Pzafz7NN0euudm67WvpzT
rE88jsrVlEo+y+R4fS4tKlAje4UBk9eLX1dkuzLhfJcqd/kNDTU7BnU45urwJIO3
/0euDl2aIz8ljcOkY3n9JtmZ/k8qktwGS4+PGazQB3LBGF97Vm58H+3TSyL+dCrm
yBEXdo1F9iGNZQi9eskAs/4ADBZQVaRrRr4tivfZv9r0wyNPTPYzdhh0YIPCjXY3
KwbcGWMt/mbJV2YUoM7PVgYnozyXUcCoGQKAx+Lj5eh+mNJc9lf7wlKiEFkQczea
f/yk7qnK6rVcF9VTn9PDnCP+BA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:56 2023 by rpki-client on console-ams.rpki-client.org