Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/y1qQds76y6WV-dAaY2eOaYAGa0A.roa
File: y1qQds76y6WV-dAaY2eOaYAGa0A.roa (raw, json)
Hash identifier: 0hokuJX4NhawfwdkDI7SsC10eBXIwhpYxYvx+9B7CNY=
Subject key identifier: CB:5A:90:76:CE:FA:CB:A5:95:F9:D0:1A:63:67:8E:69:80:06:6B:40
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 016212F0
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/y1qQds76y6WV-dAaY2eOaYAGa0A.roa
Signing time: Sat 01 Jan 2022 12:02:53 +0000
ROA not before: Sat 01 Jan 2022 12:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206805
IP address blocks: 45.84.152.0/23 maxlen: 23
45.84.154.0/24 maxlen: 24
178.159.32.0/23 maxlen: 24
185.228.48.0/22 maxlen: 24
193.19.100.0/23 maxlen: 23
185.247.192.0/22 maxlen: 24
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23204592 (0x16212f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Jan 1 12:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb5a9076cefacba595f9d01a63678e6980066b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1f:72:ad:3d:8a:1d:1b:d1:19:d1:6a:02:2e:
8f:0e:47:e7:c3:87:b2:aa:9f:1a:43:53:91:d6:93:
2f:8e:12:ba:51:b9:5c:e4:75:ca:93:ab:21:21:4c:
f8:12:73:1c:e0:40:37:43:77:4c:ac:ff:f6:28:4d:
39:bd:9e:78:0c:70:08:b8:61:20:28:32:24:52:19:
21:b0:8d:f7:ce:5b:f6:50:66:9d:a2:45:53:80:c9:
8d:9d:36:9e:b6:8a:d8:47:93:79:04:3b:4a:a6:8c:
32:7c:33:39:b5:0b:90:0c:e8:3b:f7:c5:ce:24:c1:
73:3f:ef:00:1c:a7:37:98:3b:8e:ca:eb:74:1d:41:
44:06:16:af:44:b4:a3:29:e5:15:bb:12:eb:00:af:
c3:0e:8f:1f:b1:fc:95:89:14:0f:e5:74:b4:9a:09:
17:f6:a0:86:11:68:e4:64:88:b3:3d:1d:cf:18:66:
4c:c7:3d:c0:49:62:17:d6:64:dd:43:3b:1a:c2:14:
2e:c1:9d:95:d8:56:fe:39:6c:d8:38:0a:81:d7:a6:
82:e2:ba:5e:65:54:93:33:18:1a:80:1a:46:5e:e6:
97:f9:ed:e0:df:87:da:f7:fa:0c:14:28:5e:49:26:
ff:18:df:47:c5:35:4e:c2:f5:42:fa:d8:94:e8:97:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5A:90:76:CE:FA:CB:A5:95:F9:D0:1A:63:67:8E:69:80:06:6B:40
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/y1qQds76y6WV-dAaY2eOaYAGa0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0-45.84.154.255
178.159.32.0/23
185.228.48.0/22
185.247.192.0/22
193.19.100.0/23
IPv6:
2a0c:ee00::/39
Signature Algorithm: sha256WithRSAEncryption
63:26:1c:7d:83:00:e3:da:05:d7:fe:0e:bd:69:cf:d0:a1:83:
e9:3b:72:aa:1a:b4:a4:d5:b0:77:ae:bd:72:7e:d1:27:3f:26:
7d:fb:e1:8d:3a:50:27:b6:21:58:15:5b:09:2f:8b:67:f4:f5:
77:97:f5:ac:a9:3c:db:d4:2e:bc:c5:f2:f5:70:cc:54:c4:97:
b0:29:ef:ed:39:c4:15:42:0f:2b:a5:4b:a6:fa:7e:a2:92:03:
4c:cf:34:95:a9:1f:db:aa:0b:3b:74:a5:56:9b:62:e2:78:93:
90:29:01:0a:df:5b:99:7a:ab:c8:c3:dc:4b:0a:ac:b2:d2:ea:
31:b5:d0:6f:ed:ef:9b:d4:fa:c9:f1:69:f4:99:14:21:9b:02:
cb:6a:16:cb:bb:b7:7e:55:e3:f9:25:25:59:e4:f5:74:4b:ea:
f1:42:65:2f:34:75:65:44:9a:e1:d5:63:bb:86:8f:50:55:ef:
53:7c:b2:3f:dd:40:89:3c:f8:dd:4c:6c:32:98:17:1b:9a:c7:
43:97:3b:38:3e:a7:cc:34:de:7b:7f:2b:3c:3d:d2:c6:98:6a:
ce:f6:0e:ca:a8:75:88:ba:94:36:d6:be:7c:37:57:d1:29:ef:
5d:e1:e3:f8:4c:16:c0:c6:a4:8e:32:42:7e:6a:08:53:48:93:
e5:77:86:b2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEAWIS8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDNkNDAxMTE3NWU1ZGY3YTNmNTdkMzhlNzgxNTBhMmMwNWZkZDFkMB4XDTIyMDEw
MTEyMDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I1YTkwNzZjZWZh
Y2JhNTk1ZjlkMDFhNjM2NzhlNjk4MDA2NmI0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQfcq09ih0b0RnRagIujw5H58OHsqqfGkNTkdaTL44SulG5
XOR1ypOrISFM+BJzHOBAN0N3TKz/9ihNOb2eeAxwCLhhICgyJFIZIbCN985b9lBm
naJFU4DJjZ02nraK2EeTeQQ7SqaMMnwzObULkAzoO/fFziTBcz/vABynN5g7jsrr
dB1BRAYWr0S0oynlFbsS6wCvww6PH7H8lYkUD+V0tJoJF/aghhFo5GSIsz0dzxhm
TMc9wEliF9Zk3UM7GsIULsGdldhW/jls2DgKgdemguK6XmVUkzMYGoAaRl7ml/nt
4N+H2vf6DBQoXkkm/xjfR8U1TsL1QvrYlOiXR90CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTLWpB2zvrLpZX50BpjZ45pgAZrQDAfBgNVHSMEGDAWgBTdPUARF15d96P1
fTjngVCiwF/dHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNUMUFFUmRlWGZlajlYMDQ1NEZRb3NCZjNSMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvMzA4NTg5LTkyZmUtNDU5My05M2U0LTJkMGE3OGJlODkyZC8x
L3kxcVFkczc2eTZXVi1kQWFZMmVPYVlBR2EwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
MzA4NTg5LTkyZmUtNDU5My05M2U0LTJkMGE3OGJlODkyZC8xLzNUMUFFUmRlWGZl
ajlYMDQ1NEZRb3NCZjNSMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wLAQCAAEwJjAMAwQDLVSYAwQALVSaAwQBsp8gAwQC
ueQwAwQCuffAAwQBwRNkMA4EAgACMAgDBgEqDO4AADANBgkqhkiG9w0BAQsFAAOC
AQEAYyYcfYMA49oF1/4OvWnP0KGD6Ttyqhq0pNWwd669cn7RJz8mffvhjTpQJ7Yh
WBVbCS+LZ/T1d5f1rKk829QuvMXy9XDMVMSXsCnv7TnEFUIPK6VLpvp+opIDTM80
lakf26oLO3SlVpti4niTkCkBCt9bmXqryMPcSwqsstLqMbXQb+3vm9T6yfFp9JkU
IZsCy2oWy7u3flXj+SUlWeT1dEvq8UJlLzR1ZUSa4dVju4aPUFXvU3yyP91AiTz4
3UxsMpgXG5rHQ5c7OD6nzDTee38rPD3SxphqzvYOyqh1iLqUNta+fDdX0SnvXeHj
+EwWwMakjjJCfmoIU0iT5XeGsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:40 2023 by rpki-client on console-ams.rpki-client.org