Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/YzxZL5vBYzr9xmrboEtiG_awvFY.roa
File: YzxZL5vBYzr9xmrboEtiG_awvFY.roa (raw, json)
Hash identifier: KC/X7gMpkRPoQMOeOOiqY9LQ4AGlf+4NWi6X4jptR98=
Subject key identifier: 63:3C:59:2F:9B:C1:63:3A:FD:C6:6A:DB:A0:4B:62:1B:F6:B0:BC:56
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 1678A443
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/YzxZL5vBYzr9xmrboEtiG_awvFY.roa
Signing time: Sat 01 Jan 2022 04:01:42 +0000
ROA not before: Sat 01 Jan 2022 04:01:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
176.109.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 377005123 (0x1678a443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Jan 1 04:01:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=633c592f9bc1633afdc66adba04b621bf6b0bc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:33:8d:69:94:0e:9b:50:3b:88:36:4c:fb:e9:
5d:b5:00:2a:58:a6:0d:28:dd:8b:85:32:f8:cd:79:
15:46:c5:c1:9d:0c:12:86:0a:fa:31:50:ac:d4:80:
4c:e8:70:bd:1b:34:26:35:54:54:e2:3a:eb:a1:f6:
78:99:ad:02:4c:e0:a8:08:d1:96:97:69:13:b7:d9:
d6:31:66:35:06:60:c6:1f:6a:07:5f:cc:9a:02:60:
ff:21:b3:fc:ef:50:76:81:7a:2e:61:32:4b:17:61:
f9:0e:47:2b:69:84:8f:51:33:54:c0:7a:96:00:04:
6d:7c:91:92:b3:78:f5:ce:c7:93:23:d3:d7:71:14:
91:d4:d6:47:7d:bc:94:b8:16:f9:b1:f2:96:d6:d8:
e8:72:bf:f7:19:1a:f4:b4:9c:eb:1b:7c:94:84:82:
b0:34:9c:a1:79:a0:00:11:cb:22:7a:1b:91:11:4a:
4b:34:f8:ad:9d:c3:ba:e2:d8:1d:ec:c1:0c:e9:ef:
a7:9c:8a:f4:90:aa:e3:a9:a7:bc:f3:dd:f0:2c:b1:
bd:78:f9:94:40:2e:e9:85:0c:5f:32:cb:9f:82:e1:
96:f1:db:99:d1:1d:64:1d:d0:6b:08:80:d1:c7:87:
a9:46:01:6f:af:09:90:3c:c8:0d:cb:a3:f8:31:a8:
64:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3C:59:2F:9B:C1:63:3A:FD:C6:6A:DB:A0:4B:62:1B:F6:B0:BC:56
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/YzxZL5vBYzr9xmrboEtiG_awvFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.56.0/21
185.176.72.0/22
Signature Algorithm: sha256WithRSAEncryption
57:25:41:2e:da:1d:95:36:63:5c:66:25:f8:51:ab:33:d7:1d:
42:df:92:dd:a6:20:ef:72:b7:84:6a:4c:e9:ab:75:2c:06:98:
d5:bb:52:73:8e:52:5b:db:40:1e:b2:4f:19:a9:08:22:55:1a:
5c:80:34:d1:13:70:3b:56:27:b5:f3:62:a7:67:c9:f7:30:f1:
bc:64:a7:d7:9a:96:4a:1b:e7:3f:a9:3d:20:56:55:4b:f2:31:
19:52:b7:79:73:f4:4e:6b:d2:b2:09:92:5b:92:1d:6a:68:2c:
d8:25:5e:4d:43:20:2c:fd:26:d5:75:cd:91:cc:49:fd:4d:5f:
5b:a7:3f:c3:1a:d6:de:33:94:15:8c:c2:cb:b9:c5:bb:f2:db:
e0:ee:81:0c:df:dc:1b:f8:e6:02:89:c5:46:96:b8:2e:9b:92:
c9:19:a4:21:68:62:b0:78:1d:10:9f:8b:7a:13:16:66:7b:55:
f1:32:81:93:eb:bd:6b:ee:c9:18:dc:b9:b5:80:ac:32:7c:65:
24:55:48:dc:07:aa:a8:1d:5d:2f:7d:18:5d:2d:6b:a5:6c:6a:
22:64:52:6b:0e:76:4d:1e:22:72:31:cb:05:05:55:d4:5b:c4:
bb:12:18:38:07:0a:55:ae:c8:3b:66:46:fb:84:02:f9:7a:89:
6d:01:12:8b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFnikQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2Q5ZDFkOTVjMWViNzE2ZWU4MTk1MDQ1YTc3Y2JhMjE4MWQ3OWVjMB4XDTIyMDEw
MTA0MDE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjMzYzU5MmY5YmMx
NjMzYWZkYzY2YWRiYTA0YjYyMWJmNmIwYmM1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALczjWmUDptQO4g2TPvpXbUAKlimDSjdi4Uy+M15FUbFwZ0M
EoYK+jFQrNSATOhwvRs0JjVUVOI666H2eJmtAkzgqAjRlpdpE7fZ1jFmNQZgxh9q
B1/MmgJg/yGz/O9QdoF6LmEySxdh+Q5HK2mEj1EzVMB6lgAEbXyRkrN49c7HkyPT
13EUkdTWR328lLgW+bHyltbY6HK/9xka9LSc6xt8lISCsDScoXmgABHLInobkRFK
SzT4rZ3DuuLYHezBDOnvp5yK9JCq46mnvPPd8CyxvXj5lEAu6YUMXzLLn4LhlvHb
mdEdZB3QawiA0ceHqUYBb68JkDzIDcuj+DGoZAUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRjPFkvm8FjOv3GatugS2Ib9rC8VjAfBgNVHSMEGDAWgBRj2dHZXB63Fu6B
lQRad8uiGB157DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1k5blIyVndldHhidWdaVUVXbmZMb2hnZGVldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvM2VkOGRkLWQzNmUtNDQwYy04MTQyLWQ4MGM2Yjg1Y2RhNC8x
L1l6eFpMNXZCWXpyOXhtcmJvRXRpR19hd3ZGWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
M2VkOGRkLWQzNmUtNDQwYy04MTQyLWQ4MGM2Yjg1Y2RhNC8xL1k5blIyVndldHhi
dWdaVUVXbmZMb2hnZGVldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA7BtOAMEArmwSDANBgkqhkiG9w0B
AQsFAAOCAQEAVyVBLtodlTZjXGYl+FGrM9cdQt+S3aYg73K3hGpM6at1LAaY1btS
c45SW9tAHrJPGakIIlUaXIA00RNwO1YntfNip2fJ9zDxvGSn15qWShvnP6k9IFZV
S/IxGVK3eXP0TmvSsgmSW5Idamgs2CVeTUMgLP0m1XXNkcxJ/U1fW6c/wxrW3jOU
FYzCy7nFu/Lb4O6BDN/cG/jmAonFRpa4LpuSyRmkIWhisHgdEJ+LehMWZntV8TKB
k+u9a+7JGNy5tYCsMnxlJFVI3AeqqB1dL30YXS1rpWxqImRSaw52TR4icjHLBQVV
1FvEuxIYOAcKVa7IO2ZG+4QC+XqJbQESiw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:10 2024 by rpki-client on console-fra.rpki-client.org