Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/YIrVmNx8GCBVhmurKxp7ltrsS_Y.roa
File: YIrVmNx8GCBVhmurKxp7ltrsS_Y.roa (raw, json)
Hash identifier: WGM06QBp7tO/pr4wdYEnoQQuN4Yi1fylW+NP4F8QMEc=
Subject key identifier: 60:8A:D5:98:DC:7C:18:20:55:86:6B:AB:2B:1A:7B:96:DA:EC:4B:F6
Certificate issuer: /CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Certificate serial: 07D0D6BA
Authority key identifier: 1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/YIrVmNx8GCBVhmurKxp7ltrsS_Y.roa
Signing time: Mon 10 Jan 2022 10:57:33 +0000
ROA not before: Mon 10 Jan 2022 10:57:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 45.131.196.0/24 maxlen: 24
45.131.197.0/24 maxlen: 24
45.131.198.0/24 maxlen: 24
45.131.199.0/24 maxlen: 24
185.128.112.0/24 maxlen: 24
185.128.113.0/24 maxlen: 24
185.128.114.0/24 maxlen: 24
185.128.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131126970 (0x7d0d6ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Validity
Not Before: Jan 10 10:57:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=608ad598dc7c182055866bab2b1a7b96daec4bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:98:9a:7e:34:e1:7c:07:01:37:77:11:9f:85:
b8:9a:3e:82:e8:25:cb:68:66:b2:e4:ab:39:32:9f:
23:d6:65:99:0e:df:09:8b:ea:d6:a3:24:7b:c1:09:
fc:d7:1b:ce:6f:86:da:d6:79:1c:bd:8b:39:e1:e0:
ec:e9:de:47:26:9e:f5:7e:18:09:70:b9:77:30:f6:
30:3b:3b:ef:37:fc:d4:41:a1:09:95:8a:15:a4:1e:
a4:93:1b:9b:07:e6:03:36:9b:8a:43:ed:7e:ea:ea:
27:73:23:22:c6:a1:c2:19:82:80:73:62:2d:05:f2:
71:e2:80:bf:22:11:19:81:67:ff:a9:f8:f5:43:96:
83:c5:ee:47:a3:52:e4:9b:34:f5:0e:91:77:01:49:
bd:cf:80:3f:86:ff:01:80:39:bf:04:e2:6e:24:f0:
3b:8c:a5:ee:41:25:e4:c1:9b:bb:f0:cd:cc:95:aa:
2a:43:c8:95:ba:8b:25:b0:33:aa:c8:77:ed:bb:8e:
6c:24:85:6d:d9:71:34:d3:70:02:8f:40:5b:71:f4:
3b:ab:16:5e:70:de:00:77:81:9b:d8:7e:d1:00:8e:
03:dc:fe:9f:55:73:4f:f0:e5:81:31:ab:94:15:fe:
43:95:0b:b6:90:a6:ba:c3:c9:0b:3a:06:e2:7e:fc:
fa:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8A:D5:98:DC:7C:18:20:55:86:6B:AB:2B:1A:7B:96:DA:EC:4B:F6
X509v3 Authority Key Identifier:
keyid:1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/YIrVmNx8GCBVhmurKxp7ltrsS_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/GrXCK_U7cFx6K7JzunPj8MBZW3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.196.0/22
185.128.112.0/22
Signature Algorithm: sha256WithRSAEncryption
51:04:6f:8e:a0:27:48:a3:b0:f7:93:fa:48:bd:f9:7d:cd:e6:
69:6d:95:c0:45:16:18:ad:c9:dc:3d:ba:12:23:12:59:2b:18:
f7:93:7e:a1:34:ac:f6:3c:77:23:0d:7e:46:1c:0e:3d:66:13:
3f:bd:49:9e:60:74:c4:ac:c6:a4:3a:29:78:7e:c1:b3:e1:18:
53:d0:c9:f1:9a:69:df:e9:dc:81:e7:41:ab:71:43:9b:8b:91:
28:1a:10:3a:ad:61:10:b5:19:ac:63:4a:93:04:9d:9b:0c:55:
8a:f1:bc:ac:29:36:4e:ab:24:e2:83:93:69:99:71:4a:35:03:
8a:c2:c7:4a:67:26:78:38:de:0a:ab:a2:7f:39:f2:4d:da:e9:
63:87:dd:b2:06:15:4c:19:44:7d:d5:b4:b7:b3:34:f3:45:ba:
70:6c:80:12:3d:48:6d:37:70:f2:90:15:04:1a:78:76:90:12:
84:8c:e9:a6:f2:5b:c1:25:95:21:13:79:e1:0a:b2:c4:75:c6:
a4:cb:84:31:9e:9d:9d:b6:24:e2:7a:e9:46:38:57:c0:3c:80:
46:67:2b:75:75:ea:e7:ee:87:24:96:b6:0d:86:e8:e9:10:03:
ff:5e:f5:da:bd:8a:96:26:80:5b:2a:39:a5:35:07:12:10:0b:
5d:91:6d:3d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB9DWujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWI1YzIyYmY1M2I3MDVjN2EyYmIyNzNiYTczZTNmMGMwNTk1YjdiMB4XDTIyMDEx
MDEwNTczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA4YWQ1OThkYzdj
MTgyMDU1ODY2YmFiMmIxYTdiOTZkYWVjNGJmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPqYmn404XwHATd3EZ+FuJo+gugly2hmsuSrOTKfI9ZlmQ7f
CYvq1qMke8EJ/Ncbzm+G2tZ5HL2LOeHg7OneRyae9X4YCXC5dzD2MDs77zf81EGh
CZWKFaQepJMbmwfmAzabikPtfurqJ3MjIsahwhmCgHNiLQXyceKAvyIRGYFn/6n4
9UOWg8XuR6NS5Js09Q6RdwFJvc+AP4b/AYA5vwTibiTwO4yl7kEl5MGbu/DNzJWq
KkPIlbqLJbAzqsh37buObCSFbdlxNNNwAo9AW3H0O6sWXnDeAHeBm9h+0QCOA9z+
n1VzT/DlgTGrlBX+Q5ULtpCmusPJCzoG4n78+r0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRgitWY3HwYIFWGa6srGnuW2uxL9jAfBgNVHSMEGDAWgBQatcIr9TtwXHor
snO6c+PwwFlbezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dyWENLX1U3Y0Z4Nks3Snp1blBqOE1CWlczcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvN2M4YmY0LTZhYjYtNDE5OS1iM2E3LWI0YjFmNmY5OGE5MC8x
L1lJclZtTng4R0NCVmhtdXJLeHA3bHRyc1NfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
N2M4YmY0LTZhYjYtNDE5OS1iM2E3LWI0YjFmNmY5OGE5MC8xL0dyWENLX1U3Y0Z4
Nks3Snp1blBqOE1CWlczcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2DxAMEArmAcDANBgkqhkiG9w0B
AQsFAAOCAQEAUQRvjqAnSKOw95P6SL35fc3maW2VwEUWGK3J3D26EiMSWSsY95N+
oTSs9jx3Iw1+RhwOPWYTP71JnmB0xKzGpDopeH7Bs+EYU9DJ8Zpp3+ncgedBq3FD
m4uRKBoQOq1hELUZrGNKkwSdmwxVivG8rCk2Tqsk4oOTaZlxSjUDisLHSmcmeDje
CquifznyTdrpY4fdsgYVTBlEfdW0t7M080W6cGyAEj1IbTdw8pAVBBp4dpAShIzp
pvJbwSWVIRN54QqyxHXGpMuEMZ6dnbYk4nrpRjhXwDyARmcrdXXq5+6HJJa2DYbo
6RAD/1712r2KliaAWyo5pTUHEhALXZFtPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:03 2024 by rpki-client on console-ams.rpki-client.org