Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/yzI5PXCDC-kI_dv51qiArQFptws.roa
File: yzI5PXCDC-kI_dv51qiArQFptws.roa (raw, json)
Hash identifier: HQhWHS+B4MSkUYVgT9ZWS6ijTGPnnP2i6sH1BxWlPIY=
Subject key identifier: CB:32:39:3D:70:83:0B:E9:08:FD:DB:F9:D6:A8:80:AD:01:69:B7:0B
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 11872184
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/yzI5PXCDC-kI_dv51qiArQFptws.roa
Signing time: Sun 27 Mar 2022 10:02:59 +0000
ROA not before: Sun 27 Mar 2022 10:02:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60268
IP address blocks: 193.19.97.0/24 maxlen: 24
193.19.96.0/24 maxlen: 24
193.19.96.0/23 maxlen: 23
185.97.132.0/22 maxlen: 24
185.97.132.0/23 maxlen: 24
185.97.132.0/24 maxlen: 24
185.97.133.0/24 maxlen: 24
185.97.134.0/23 maxlen: 24
185.97.134.0/24 maxlen: 24
185.97.135.0/24 maxlen: 24
185.33.171.0/24 maxlen: 24
185.33.169.0/24 maxlen: 24
185.33.170.0/23 maxlen: 24
185.33.170.0/24 maxlen: 24
185.33.168.0/23 maxlen: 24
185.33.168.0/24 maxlen: 24
185.33.168.0/22 maxlen: 22
193.19.72.0/24 maxlen: 24
193.19.73.0/24 maxlen: 24
2a00:cee0:dcc::/48 maxlen: 48
2a00:cee6:cafe::/48 maxlen: 48
2a00:cee6::/32 maxlen: 48
2a00:cee0::/32 maxlen: 48
2a00:cee2:dcc::/48 maxlen: 48
2a00:cee6:dcc::/48 maxlen: 48
2a00:cee2::/32 maxlen: 48
2a00:cee3:dcc::/48 maxlen: 48
2a00:cee5::/32 maxlen: 48
2a00:cee5:cafe::/48 maxlen: 48
2a00:cee2:cafe::/48 maxlen: 48
2a00:cee4:dcc::/48 maxlen: 48
2a00:cee0::/29 maxlen: 29
2a00:cee3::/32 maxlen: 48
2a00:cee1:cafe::/48 maxlen: 48
2a00:cee5:dcc::/48 maxlen: 48
2a00:cee4:cafe::/48 maxlen: 48
2a00:cee0:cafe::/48 maxlen: 48
2a00:cee1::/32 maxlen: 48
2a00:cee3:cafe::/48 maxlen: 48
2a00:cee4::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294068612 (0x11872184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Mar 27 10:02:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb32393d70830be908fddbf9d6a880ad0169b70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1a:5f:85:09:55:ff:6c:4b:db:47:4f:56:62:
8e:74:81:b5:5d:29:ab:64:90:1f:39:9e:bc:94:f0:
90:a4:5d:b4:e4:64:f1:f1:71:b8:ce:36:00:b6:4b:
7d:8f:90:8b:f7:c9:cf:f9:ff:6c:b1:1c:00:d9:a7:
a1:52:c9:b5:c9:9b:83:7b:59:cb:ab:df:98:67:26:
f1:ba:5e:95:02:71:92:fd:ce:e1:46:a9:8e:dd:96:
71:a5:0f:ff:d6:aa:56:3d:cc:24:dc:49:83:8e:78:
e8:1b:ec:be:8a:b2:4e:20:2c:0a:56:f2:d5:56:74:
89:39:59:25:cd:11:5a:95:14:1e:e4:56:13:8b:c8:
bf:73:7b:3d:46:c4:2e:d5:75:e1:a9:ef:18:3f:a4:
f9:01:2b:2e:6a:ae:9b:3d:eb:57:71:08:8f:b6:fe:
06:40:42:48:c8:22:db:c3:da:f3:93:73:9a:38:bc:
6b:c1:d7:1b:89:5f:e2:b3:fc:2d:0c:42:2c:8e:76:
b8:2e:98:e9:a1:23:5d:e3:d7:eb:a6:54:25:4c:b1:
64:a7:ed:5c:3e:53:7a:d3:80:f4:19:64:95:10:bf:
4a:69:75:96:39:19:56:fe:c5:d4:3f:da:f2:40:4b:
6e:0a:5c:4b:8a:98:7e:37:e8:f3:c2:88:98:f3:4d:
0d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:32:39:3D:70:83:0B:E9:08:FD:DB:F9:D6:A8:80:AD:01:69:B7:0B
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/yzI5PXCDC-kI_dv51qiArQFptws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.168.0/22
185.97.132.0/22
193.19.72.0/23
193.19.96.0/23
IPv6:
2a00:cee0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:c9:ea:40:ec:60:f8:7e:4a:06:c9:a8:8a:b4:99:e6:63:54:
ff:29:15:b4:19:4c:b7:31:54:cb:ee:d0:fd:58:45:b2:f5:5d:
18:ec:83:b5:0d:04:20:ca:b5:0f:aa:e3:5d:62:d5:4f:ae:b7:
96:3d:8e:76:c1:f2:81:a8:a7:f5:6a:3b:b0:6f:c7:1d:6c:68:
ae:ac:f8:68:59:74:bc:44:c7:60:e6:b9:6b:62:6f:5c:6f:0f:
1e:6b:b2:45:35:6b:d9:6e:6f:3d:1c:12:08:ed:38:29:19:c0:
2d:7b:dc:57:86:79:20:33:db:7c:05:d5:ba:46:04:ca:0c:3b:
95:24:41:37:c7:e5:c8:8d:3e:cf:00:38:5c:89:ff:f7:3d:34:
e9:51:d3:a8:e7:15:3b:66:54:58:06:da:34:5c:19:b3:dc:35:
50:4b:77:02:6f:5f:ab:62:07:4c:40:f2:9a:ee:97:d7:73:47:
a2:f3:77:e1:93:99:52:d3:fe:e9:bc:59:6f:36:06:66:44:25:
4b:2a:05:36:c2:eb:30:22:1e:d3:cb:07:78:fb:c3:fa:99:a7:
e5:43:9d:d1:37:0b:39:87:0e:33:b3:f0:0b:7e:9b:ce:9f:da:
8d:c1:35:db:7c:77:6e:b2:76:70:ec:94:98:75:7a:86:7f:45:
a4:66:a7:3b
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEEYchhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGNhM2YzOGQ4ZTVhMzAxZWFmNjkyNGI5MjRmZThmNTdhYWM2OTBkMB4XDTIyMDMy
NzEwMDI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2IzMjM5M2Q3MDgz
MGJlOTA4ZmRkYmY5ZDZhODgwYWQwMTY5YjcwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYaX4UJVf9sS9tHT1ZijnSBtV0pq2SQHzmevJTwkKRdtORk
8fFxuM42ALZLfY+Qi/fJz/n/bLEcANmnoVLJtcmbg3tZy6vfmGcm8bpelQJxkv3O
4Uapjt2WcaUP/9aqVj3MJNxJg4546BvsvoqyTiAsClby1VZ0iTlZJc0RWpUUHuRW
E4vIv3N7PUbELtV14anvGD+k+QErLmqumz3rV3EIj7b+BkBCSMgi28Pa85Nzmji8
a8HXG4lf4rP8LQxCLI52uC6Y6aEjXePX66ZUJUyxZKftXD5TetOA9BlklRC/Sml1
ljkZVv7F1D/a8kBLbgpcS4qYfjfo88KImPNNDT8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTLMjk9cIML6Qj92/nWqICtAWm3CzAfBgNVHSMEGDAWgBQ4yj842OWjAer2
kkuST+j1eqxpDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09Nb19PTmpsb3dIcTlwSkxra19vOVhxc2FRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYmE2NzU1LTQyNzMtNDhlMS04NTgyLTcxMmZhNjVhMjViYS8x
L3l6STVQWENEQy1rSV9kdjUxcWlBclFGcHR3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YmE2NzU1LTQyNzMtNDhlMS04NTgyLTcxMmZhNjVhMjViYS8xL09Nb19PTmpsb3dI
cTlwSkxra19vOVhxc2FRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEArkhqAMEArlhhAMEAcETSAMEAcET
YDANBAIAAjAHAwUDKgDO4DANBgkqhkiG9w0BAQsFAAOCAQEAOsnqQOxg+H5KBsmo
irSZ5mNU/ykVtBlMtzFUy+7Q/VhFsvVdGOyDtQ0EIMq1D6rjXWLVT663lj2OdsHy
gain9Wo7sG/HHWxorqz4aFl0vETHYOa5a2JvXG8PHmuyRTVr2W5vPRwSCO04KRnA
LXvcV4Z5IDPbfAXVukYEygw7lSRBN8flyI0+zwA4XIn/9z006VHTqOcVO2ZUWAba
NFwZs9w1UEt3Am9fq2IHTEDymu6X13NHovN34ZOZUtP+6bxZbzYGZkQlSyoFNsLr
MCIe08sHePvD+pmn5UOd0TcLOYcOM7PwC36bzp/ajcE123x3brJ2cOyUmHV6hn9F
pGanOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:37 2024 by rpki-client on console-ams.rpki-client.org