Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/hYYOy-dZP0Ghfl7IOZrTXDbCdhc.roa
File: hYYOy-dZP0Ghfl7IOZrTXDbCdhc.roa (raw, json)
Hash identifier: 8U67vQ60+m/iwOvO8ZukG4E4NwaPsvOGCAGZdyDn/Tg=
Subject key identifier: 85:86:0E:CB:E7:59:3F:41:A1:7E:5E:C8:39:9A:D3:5C:36:C2:76:17
Certificate issuer: /CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Certificate serial: 03D9D798
Authority key identifier: B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/hYYOy-dZP0Ghfl7IOZrTXDbCdhc.roa
Signing time: Sat 01 Jan 2022 10:02:03 +0000
ROA not before: Sat 01 Jan 2022 10:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39775
IP address blocks: 91.204.16.0/22 maxlen: 24
81.90.208.0/20 maxlen: 24
185.149.124.0/22 maxlen: 24
185.190.0.0/22 maxlen: 24
62.192.32.0/19 maxlen: 24
2a02:1378::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64608152 (0x3d9d798)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Validity
Not Before: Jan 1 10:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85860ecbe7593f41a17e5ec8399ad35c36c27617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:91:9f:ef:20:d0:ac:b3:d3:27:29:b2:f2:
d5:a4:68:06:7c:94:bd:d2:c6:94:d0:9f:e1:b7:af:
99:9a:28:07:1b:44:cb:04:f9:cc:45:24:92:92:50:
96:ea:5b:63:c0:f9:a7:f3:bb:5d:fb:75:40:34:74:
db:f3:15:f7:a2:93:f5:1a:4b:95:0b:62:8f:df:a4:
45:89:35:73:a5:31:fa:a4:02:60:25:7d:94:7d:a2:
87:72:5f:98:35:28:71:6a:48:87:e5:21:5e:6a:b5:
a1:2b:b9:1a:5d:86:9b:86:5d:ad:5c:a3:7e:65:31:
72:2b:78:ef:51:e0:90:57:bc:d7:4d:77:2b:8a:87:
7a:d2:4a:b7:b4:b0:df:41:9c:14:17:02:07:94:7e:
a1:ff:57:51:21:4e:76:2c:4e:b7:ce:1b:9a:a1:bc:
13:5a:1e:9a:49:91:ac:92:67:ac:a6:6e:f6:3c:88:
5c:e4:de:d4:73:ef:8c:08:34:f3:03:53:92:01:55:
8b:a0:c8:47:28:b3:71:96:5f:fb:36:99:b6:59:f5:
11:45:7e:ab:05:2a:2d:dd:2b:56:0c:1d:86:7d:c8:
13:ef:e7:00:7c:e2:6b:fe:7d:20:ed:c1:71:c9:8d:
17:6e:cd:b4:6f:6d:5b:ce:70:e8:88:6c:32:f7:e6:
8b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:86:0E:CB:E7:59:3F:41:A1:7E:5E:C8:39:9A:D3:5C:36:C2:76:17
X509v3 Authority Key Identifier:
keyid:B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/hYYOy-dZP0Ghfl7IOZrTXDbCdhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.32.0/19
81.90.208.0/20
91.204.16.0/22
185.149.124.0/22
185.190.0.0/22
IPv6:
2a02:1378::/32
Signature Algorithm: sha256WithRSAEncryption
04:f7:2a:5d:a9:4c:11:b6:82:9d:5c:f5:fb:ab:81:20:58:b0:
a4:bc:0f:0d:a4:7e:ef:08:86:e4:ff:42:38:44:7c:f0:ee:65:
ef:fb:9a:26:4e:1f:0d:13:74:01:49:cc:13:04:a6:82:aa:ac:
a0:4e:33:f1:d6:42:6c:ae:84:75:b4:7f:44:90:7b:04:0e:9b:
f7:1b:92:c7:6c:89:69:78:a7:9d:10:37:13:fe:6f:2b:65:b1:
98:36:3a:7c:ef:48:3d:79:55:f8:29:e8:e4:4c:d2:56:3b:9f:
70:87:44:d8:b6:02:0b:ce:da:c7:ac:ba:c2:b2:07:72:68:12:
90:51:55:ff:f8:06:97:a9:15:4c:d9:f2:c7:e7:7d:95:36:b8:
46:65:d0:0c:00:a4:f8:21:07:19:01:9c:92:28:0e:2d:5e:c7:
0c:92:4d:66:73:88:52:7c:d6:de:ca:07:2a:e2:69:e9:29:64:
bf:39:9a:c1:47:80:9d:e8:10:e0:ce:8a:10:9f:db:9c:c9:06:
48:f3:2a:fc:c3:03:5f:29:ac:dd:58:45:0e:a7:2e:69:1a:17:
74:09:8c:37:86:21:d8:4c:b7:60:f2:e4:eb:9a:7c:7a:59:3c:
a8:89:2b:47:ad:4e:ee:7c:67:66:bf:83:ab:ed:59:c0:b9:53:
f1:1e:5d:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEA9nXmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OThkMWY2ZTMzNmE3YzgxMzUxOTQxYmMwYjlkZWEzOWQ3ZDc2NGRiMB4XDTIyMDEw
MTEwMDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU4NjBlY2JlNzU5
M2Y0MWExN2U1ZWM4Mzk5YWQzNWMzNmMyNzYxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsmkZ/vINCss9MnKbLy1aRoBnyUvdLGlNCf4bevmZooBxtE
ywT5zEUkkpJQlupbY8D5p/O7Xft1QDR02/MV96KT9RpLlQtij9+kRYk1c6Ux+qQC
YCV9lH2ih3JfmDUocWpIh+UhXmq1oSu5Gl2Gm4ZdrVyjfmUxcit471HgkFe81013
K4qHetJKt7Sw30GcFBcCB5R+of9XUSFOdixOt84bmqG8E1oemkmRrJJnrKZu9jyI
XOTe1HPvjAg08wNTkgFVi6DIRyizcZZf+zaZtln1EUV+qwUqLd0rVgwdhn3IE+/n
AHzia/59IO3BccmNF27NtG9tW85w6IhsMvfmi98CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSFhg7L51k/QaF+Xsg5mtNcNsJ2FzAfBgNVHSMEGDAWgBS5jR9uM2p8gTUZ
QbwLneo519dk2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VZMGZiak5xZklFMUdVRzhDNTNxT2RmWFpOcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvOWRhYzJmLTMwMWUtNDA2ZC1iOGQwLTAzODU3ZWY1YjM4Ny8x
L2hZWU95LWRaUDBHaGZsN0lPWnJUWERiQ2RoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
OWRhYzJmLTMwMWUtNDA2ZC1iOGQwLTAzODU3ZWY1YjM4Ny8xL3VZMGZiak5xZklF
MUdVRzhDNTNxT2RmWFpOcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBT7AIAMEBFFa0AMEAlvMEAMEArmV
fAMEArm+ADANBAIAAjAHAwUAKgITeDANBgkqhkiG9w0BAQsFAAOCAQEABPcqXalM
EbaCnVz1+6uBIFiwpLwPDaR+7wiG5P9COER88O5l7/uaJk4fDRN0AUnMEwSmgqqs
oE4z8dZCbK6EdbR/RJB7BA6b9xuSx2yJaXinnRA3E/5vK2WxmDY6fO9IPXlV+Cno
5EzSVjufcIdE2LYCC87ax6y6wrIHcmgSkFFV//gGl6kVTNnyx+d9lTa4RmXQDACk
+CEHGQGckigOLV7HDJJNZnOIUnzW3soHKuJp6SlkvzmawUeAnegQ4M6KEJ/bnMkG
SPMq/MMDXyms3VhFDqcuaRoXdAmMN4Yh2Ey3YPLk65p8elk8qIkrR61O7nxnZr+D
q+1ZwLlT8R5daw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:58 2024 by rpki-client on console-ams.rpki-client.org