Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/yjZfMnkCD9HKk8NknmJSQEtSNdI.roa
File: yjZfMnkCD9HKk8NknmJSQEtSNdI.roa (raw, json)
Hash identifier: uP9QXC1K/NDWoB8qnpt6aQRZscSkcBXsqNNM4zqsGjU=
Subject key identifier: CA:36:5F:32:79:02:0F:D1:CA:93:C3:64:9E:62:52:40:4B:52:35:D2
Certificate issuer: /CN=b930da21518184145f6d7621b5a13bd54035ac83
Certificate serial: 11CA9EA6
Authority key identifier: B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/yjZfMnkCD9HKk8NknmJSQEtSNdI.roa
Signing time: Sat 01 Jan 2022 05:54:51 +0000
ROA not before: Sat 01 Jan 2022 05:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29405
IP address blocks: 185.152.28.0/22 maxlen: 22
2a07:7d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298491558 (0x11ca9ea6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b930da21518184145f6d7621b5a13bd54035ac83
Validity
Not Before: Jan 1 05:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca365f3279020fd1ca93c3649e6252404b5235d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:8e:70:d3:1a:63:6d:1d:08:97:8f:64:80:
fe:b3:9b:fb:2e:7e:12:84:76:4d:6e:69:64:4d:a2:
20:79:ef:d4:c9:99:79:f8:10:e0:27:b4:50:5f:b3:
bd:33:b4:e1:98:ce:44:32:af:68:10:12:b4:0a:72:
03:ab:1f:e6:c6:8f:9e:26:f0:c4:8a:d3:12:bc:b5:
10:2f:c7:63:9b:ce:48:b9:6c:97:09:f0:33:f7:bd:
3e:20:bb:27:b9:52:03:e4:8d:30:ca:80:a8:e4:c6:
ce:9b:cc:26:d2:d4:d7:84:6e:cf:4e:07:06:e7:fb:
8b:42:77:77:7f:d7:45:c5:99:92:a9:bc:39:7a:e3:
f5:eb:f6:76:ab:4c:80:d3:55:ae:c5:6a:59:4b:63:
56:57:8e:b2:7e:73:44:21:1a:82:02:d7:55:45:ee:
7d:e2:0f:8f:2b:63:ff:6e:38:09:3b:df:99:56:8e:
f4:46:1c:dc:c3:15:02:92:c2:4c:b2:ed:42:53:98:
ef:ee:2d:cb:18:d5:70:96:aa:01:d5:4e:d6:a6:78:
94:66:cf:09:3f:bd:26:fd:88:f0:f2:3d:05:40:f3:
60:6d:b2:19:df:ee:de:8a:9b:59:52:34:9d:e4:d3:
75:a8:ec:70:6d:5e:d3:be:9b:cd:14:da:bd:6e:c6:
3b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:36:5F:32:79:02:0F:D1:CA:93:C3:64:9E:62:52:40:4B:52:35:D2
X509v3 Authority Key Identifier:
keyid:B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/yjZfMnkCD9HKk8NknmJSQEtSNdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/uTDaIVGBhBRfbXYhtaE71UA1rIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.28.0/22
IPv6:
2a07:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
07:2a:7b:da:5a:2a:8c:8f:f1:18:84:6d:29:14:dd:d0:25:c5:
98:ec:c1:40:f7:8b:11:2c:c2:79:c9:28:50:79:9b:8c:42:6b:
fe:00:a8:ed:96:d6:2a:cd:1f:db:82:0a:df:7b:82:46:1f:39:
79:77:c9:f3:c0:0c:e2:ac:38:f7:81:e3:27:9b:10:5f:1a:ac:
87:23:1d:b4:d1:41:cd:a0:6e:3a:80:ba:05:cc:c0:3e:8d:ff:
c1:e2:73:25:1a:a8:f3:d2:d4:ca:d0:c2:74:69:21:2c:83:08:
de:cb:a1:3b:11:1f:e7:05:20:a4:85:c0:20:63:ca:9b:70:2f:
91:27:89:c2:06:9f:df:8a:86:4f:2c:8a:b3:36:6e:63:02:dc:
08:f5:0d:ab:44:db:04:d5:f9:f2:a5:ef:81:70:a4:49:1b:49:
27:31:1e:2f:d3:b2:c2:dc:92:dc:5c:36:a1:13:37:6f:33:d8:
cb:cb:e0:d7:f0:81:3a:2e:da:64:83:e6:76:5f:9e:39:9f:94:
30:bf:97:aa:a6:44:3c:97:f6:32:1d:ff:51:2b:3e:84:32:14:
d9:46:b5:33:9f:d7:fe:05:81:89:b9:ca:97:6f:bd:38:d6:f8:
de:c4:68:4d:fd:52:1d:8b:9c:a9:33:43:57:96:28:d6:d5:c7:
eb:aa:42:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEcqepjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTMwZGEyMTUxODE4NDE0NWY2ZDc2MjFiNWExM2JkNTQwMzVhYzgzMB4XDTIyMDEw
MTA1NTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2EzNjVmMzI3OTAy
MGZkMWNhOTNjMzY0OWU2MjUyNDA0YjUyMzVkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpvjnDTGmNtHQiXj2SA/rOb+y5+EoR2TW5pZE2iIHnv1MmZ
efgQ4Ce0UF+zvTO04ZjORDKvaBAStApyA6sf5saPnibwxIrTEry1EC/HY5vOSLls
lwnwM/e9PiC7J7lSA+SNMMqAqOTGzpvMJtLU14Ruz04HBuf7i0J3d3/XRcWZkqm8
OXrj9ev2dqtMgNNVrsVqWUtjVleOsn5zRCEaggLXVUXufeIPjytj/244CTvfmVaO
9EYc3MMVApLCTLLtQlOY7+4tyxjVcJaqAdVO1qZ4lGbPCT+9Jv2I8PI9BUDzYG2y
Gd/u3oqbWVI0neTTdajscG1e076bzRTavW7GOykCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTKNl8yeQIP0cqTw2SeYlJAS1I10jAfBgNVHSMEGDAWgBS5MNohUYGEFF9t
diG1oTvVQDWsgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VURGFJVkdCaEJSZmJYWWh0YUU3MVVBMXJJTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvNDcwY2RhLWQwZWMtNDMyMy1hZTliLTk5NGFmNWMzNDQwMi8x
L3lqWmZNbmtDRDlIS2s4TmtubUpTUUV0U05kSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
NDcwY2RhLWQwZWMtNDMyMy1hZTliLTk5NGFmNWMzNDQwMi8xL3VURGFJVkdCaEJS
ZmJYWWh0YUU3MVVBMXJJTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmYHDANBAIAAjAHAwUAKgd9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAByp72loqjI/xGIRtKRTd0CXFmOzBQPeLESzCecko
UHmbjEJr/gCo7ZbWKs0f24IK33uCRh85eXfJ88AM4qw494HjJ5sQXxqshyMdtNFB
zaBuOoC6BczAPo3/weJzJRqo89LUytDCdGkhLIMI3suhOxEf5wUgpIXAIGPKm3Av
kSeJwgaf34qGTyyKszZuYwLcCPUNq0TbBNX58qXvgXCkSRtJJzEeL9OywtyS3Fw2
oRM3bzPYy8vg1/CBOi7aZIPmdl+eOZ+UML+XqqZEPJf2Mh3/USs+hDIU2Ua1M5/X
/gWBibnKl2+9ONb43sRoTf1SHYucqTNDV5Yo1tXH66pCLw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:20 2023 by rpki-client on console-fra.rpki-client.org