Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/nyA78qcpU8TEtfafz29DNvAV47Q.roa
File: nyA78qcpU8TEtfafz29DNvAV47Q.roa (raw, json)
Hash identifier: qeQlJZ0fF7sp9ETErtyg0DdYGvlkbwb8ectawmY/GiM=
Subject key identifier: 9F:20:3B:F2:A7:29:53:C4:C4:B5:F6:9F:CF:6F:43:36:F0:15:E3:B4
Certificate issuer: /CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
Certificate serial: 0D244AD8
Authority key identifier: 1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/nyA78qcpU8TEtfafz29DNvAV47Q.roa
Signing time: Sat 01 Jan 2022 12:56:24 +0000
ROA not before: Sat 01 Jan 2022 12:56:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204958
IP address blocks: 185.232.237.0/24 maxlen: 24
185.232.239.0/24 maxlen: 24
185.232.236.0/24 maxlen: 24
185.232.236.0/22 maxlen: 22
185.232.238.0/24 maxlen: 24
2a07:ff00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220482264 (0xd244ad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
Validity
Not Before: Jan 1 12:56:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f203bf2a72953c4c4b5f69fcf6f4336f015e3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5f:c5:01:a7:3d:a3:eb:97:c3:d5:b3:27:44:
82:3f:72:b9:c8:d9:e9:87:89:27:73:30:66:d4:63:
f6:f5:61:e7:68:ec:da:dd:61:1a:16:65:76:c2:58:
9f:62:0b:6d:55:c6:23:40:c9:17:b5:13:13:83:be:
87:ca:24:3b:41:8f:41:0a:92:52:81:f0:ae:89:50:
b2:6e:1d:2c:08:90:aa:af:0f:e6:d5:f8:05:15:41:
e1:05:b5:10:bf:c0:47:0e:34:be:ae:9e:9c:82:69:
44:a0:cd:28:40:78:a8:1c:bb:25:16:2f:cb:c3:ff:
0e:7b:89:18:1a:08:00:71:ac:44:aa:41:ac:8f:33:
a7:db:fa:e0:ca:45:5e:d4:42:82:40:18:f9:f9:c8:
d7:65:a4:fe:f3:8c:d4:b0:71:69:cb:af:f9:3f:d1:
70:47:d4:93:6b:12:e5:cc:cf:38:31:d8:89:37:ce:
e2:12:5a:4c:88:dd:8f:37:98:07:4e:59:e6:57:4d:
a1:1b:1b:1f:18:1e:67:99:b5:ca:33:98:82:7c:f1:
37:80:f8:e4:45:35:b8:e2:f0:a5:96:b0:13:a5:58:
da:8f:22:32:10:1c:ea:11:c0:f5:44:c4:34:f6:fc:
04:ac:fd:b5:5e:61:09:dc:6e:27:35:b8:bd:df:0c:
1a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:20:3B:F2:A7:29:53:C4:C4:B5:F6:9F:CF:6F:43:36:F0:15:E3:B4
X509v3 Authority Key Identifier:
keyid:1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/nyA78qcpU8TEtfafz29DNvAV47Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.236.0/22
IPv6:
2a07:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
0c:9d:0d:d7:ad:93:89:64:f9:f3:45:ce:ac:72:67:f8:20:d0:
d3:17:9b:1f:e7:50:41:86:12:0f:06:29:11:82:62:a2:77:7c:
47:77:e4:57:b7:05:1a:89:d3:59:21:ce:0f:fb:35:6c:2d:c2:
0c:a5:cc:06:2f:70:11:b9:53:13:ff:ca:79:32:1e:49:99:56:
1b:5d:15:f0:af:5e:fd:3b:49:b9:87:d3:a4:36:5c:c7:6f:59:
20:05:19:f1:cb:3f:6b:e7:f4:ff:35:80:56:50:2f:77:4e:68:
51:ce:09:88:bc:9b:06:33:2a:05:f5:6f:a0:90:27:77:6a:b2:
e7:85:9b:2b:a2:32:ca:9f:b5:1b:9b:da:34:23:d3:94:bf:6c:
a0:11:26:93:5e:07:7d:ce:ab:b4:a0:4d:ad:db:96:f6:9a:2a:
30:02:68:e4:2b:59:6f:69:03:8c:47:f5:f2:12:94:2e:bf:c7:
07:0f:c4:18:92:9c:55:66:97:d9:db:7b:1e:09:de:50:c9:9c:
48:5d:4c:42:77:dc:29:a8:1e:79:7f:06:4c:9a:73:be:54:d0:
50:d5:9c:4f:be:0f:a5:32:23:02:ed:c9:26:56:9a:26:8d:a1:
a5:75:24:eb:da:10:88:b8:20:de:4e:85:a6:b8:be:dd:3a:40:
5a:b5:06:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDSRK2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGQ1Y2QyYTAyNjFlMWU2MDY5ZGQ3NzU4OTRkODI2ZWU4ODM2YzFlMB4XDTIyMDEw
MTEyNTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYyMDNiZjJhNzI5
NTNjNGM0YjVmNjlmY2Y2ZjQzMzZmMDE1ZTNiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1fxQGnPaPrl8PVsydEgj9yucjZ6YeJJ3MwZtRj9vVh52js
2t1hGhZldsJYn2ILbVXGI0DJF7UTE4O+h8okO0GPQQqSUoHwrolQsm4dLAiQqq8P
5tX4BRVB4QW1EL/ARw40vq6enIJpRKDNKEB4qBy7JRYvy8P/DnuJGBoIAHGsRKpB
rI8zp9v64MpFXtRCgkAY+fnI12Wk/vOM1LBxacuv+T/RcEfUk2sS5czPODHYiTfO
4hJaTIjdjzeYB05Z5ldNoRsbHxgeZ5m1yjOYgnzxN4D45EU1uOLwpZawE6VY2o8i
MhAc6hHA9UTENPb8BKz9tV5hCdxuJzW4vd8MGmkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSfIDvypylTxMS19p/Pb0M28BXjtDAfBgNVHSMEGDAWgBQd1c0qAmHh5gad
13WJTYJu6INsHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkWE5LZ0poNGVZR25kZDFpVTJDYnVpRGJCNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvNGZlOTgzLTcxNTItNDkzMy05ZjM2LWQ4NmNhZGQ2MTBiOC8x
L255QTc4cWNwVThURXRmYWZ6MjlETnZBVjQ3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
NGZlOTgzLTcxNTItNDkzMy05ZjM2LWQ4NmNhZGQ2MTBiOC8xL0hkWE5LZ0poNGVZ
R25kZDFpVTJDYnVpRGJCNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArno7DANBAIAAjAHAwUDKgf/ADAN
BgkqhkiG9w0BAQsFAAOCAQEADJ0N162TiWT580XOrHJn+CDQ0xebH+dQQYYSDwYp
EYJiond8R3fkV7cFGonTWSHOD/s1bC3CDKXMBi9wEblTE//KeTIeSZlWG10V8K9e
/TtJuYfTpDZcx29ZIAUZ8cs/a+f0/zWAVlAvd05oUc4JiLybBjMqBfVvoJAnd2qy
54WbK6Iyyp+1G5vaNCPTlL9soBEmk14Hfc6rtKBNrduW9poqMAJo5CtZb2kDjEf1
8hKULr/HBw/EGJKcVWaX2dt7HgneUMmcSF1MQnfcKageeX8GTJpzvlTQUNWcT74P
pTIjAu3JJlaaJo2hpXUk69oQiLgg3k6Fpri+3TpAWrUGGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:02 2024 by rpki-client on console-ams.rpki-client.org