Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/ygGuPrhl2DqIxrdToTyr1Wr3lak.roa
File: ygGuPrhl2DqIxrdToTyr1Wr3lak.roa (raw, json)
Hash identifier: 82ohrvxkqaHvjuY9Y+gZQAFEp+8KORmxit3mqf16e5E=
Subject key identifier: CA:01:AE:3E:B8:65:D8:3A:88:C6:B7:53:A1:3C:AB:D5:6A:F7:95:A9
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0560AD9C
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/ygGuPrhl2DqIxrdToTyr1Wr3lak.roa
Signing time: Sat 01 Jan 2022 15:07:16 +0000
ROA not before: Sat 01 Jan 2022 15:07:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6079
IP address blocks: 85.203.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90221980 (0x560ad9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 1 15:07:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca01ae3eb865d83a88c6b753a13cabd56af795a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:c5:98:eb:71:68:40:02:dc:14:2b:b0:18:
8f:b6:ac:ac:5d:b0:5c:1b:eb:25:14:42:f9:9b:8c:
0d:f5:61:67:08:cd:9a:8b:c8:67:36:89:36:62:69:
6c:a2:69:19:13:05:02:ca:76:88:47:24:6d:89:a9:
e5:27:70:fe:18:d9:93:34:47:51:55:ae:78:d0:ba:
ec:08:87:f7:0b:3f:e1:e9:39:da:6c:79:38:11:8b:
25:8b:78:62:e9:c8:82:8e:89:41:7a:5c:7d:05:b0:
75:ce:7c:d5:20:73:80:1b:8c:59:dc:40:9d:95:f5:
bf:10:32:43:15:3a:d4:c3:58:72:f3:fa:36:7c:35:
5a:c4:d6:c3:ff:6f:16:80:64:82:ce:10:d2:27:c7:
54:f6:d1:ec:12:2e:a1:35:f9:93:c6:14:1c:6a:b0:
b3:fe:f2:e6:cc:29:0e:38:68:2f:ab:0c:ea:58:e5:
42:f4:fa:4f:56:39:de:34:40:9b:39:a5:9f:dc:fa:
a6:fc:55:a8:bf:0a:33:99:61:7b:d4:63:34:2b:2b:
12:39:39:f3:98:e0:e3:d3:40:51:1b:3a:ea:be:ec:
58:2f:32:34:07:65:9c:8a:ef:54:f2:44:cf:43:5e:
c7:fb:0e:c1:11:df:4f:3a:c1:fb:89:ac:ef:85:4d:
9e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:01:AE:3E:B8:65:D8:3A:88:C6:B7:53:A1:3C:AB:D5:6A:F7:95:A9
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/ygGuPrhl2DqIxrdToTyr1Wr3lak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.39.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c6:36:2f:67:23:e0:97:f6:cb:e7:d4:63:54:00:8c:32:18:
79:49:31:84:dc:d1:b0:d1:8d:27:a5:1d:74:f7:32:a0:96:29:
0c:8b:68:79:9e:53:27:79:fc:6e:bd:e5:ff:62:63:60:79:c1:
a8:67:b5:77:b5:47:24:5b:16:9f:9d:b5:e8:56:10:7e:43:b8:
3d:b1:91:9c:4e:3b:b6:78:fa:b6:b8:0c:2d:54:55:71:43:ce:
d8:b1:2c:45:c7:4f:f3:d1:d9:a2:78:34:d7:26:35:93:1d:75:
9a:14:a0:4f:ac:b8:20:c8:ee:49:6a:fd:67:c6:77:61:74:7e:
26:af:b8:9f:e6:6d:2b:15:97:dd:5b:a3:82:86:99:19:dc:56:
57:47:1d:08:94:05:eb:e3:d0:29:43:5e:0b:f5:9a:53:1f:49:
e0:79:6d:13:6a:c3:1a:39:56:36:2f:7c:ce:6b:89:b3:1f:3d:
08:94:b1:ce:7f:82:45:98:8e:a1:af:e6:f2:39:6e:8f:4a:07:
02:22:7b:7b:ee:02:bf:01:93:0f:18:12:a7:4e:c4:35:8c:db:
9b:c7:19:bb:86:10:f6:cc:a2:a8:86:37:d6:30:84:2e:d2:d8:
f3:05:6e:d4:8c:e7:46:73:ad:96:77:d6:16:a6:9d:fe:5e:10:
89:9b:05:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWCtnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2EwMWFlM2ViODY1
ZDgzYTg4YzZiNzUzYTEzY2FiZDU2YWY3OTVhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI9xZjrcWhAAtwUK7AYj7asrF2wXBvrJRRC+ZuMDfVhZwjN
movIZzaJNmJpbKJpGRMFAsp2iEckbYmp5Sdw/hjZkzRHUVWueNC67AiH9ws/4ek5
2mx5OBGLJYt4YunIgo6JQXpcfQWwdc581SBzgBuMWdxAnZX1vxAyQxU61MNYcvP6
Nnw1WsTWw/9vFoBkgs4Q0ifHVPbR7BIuoTX5k8YUHGqws/7y5swpDjhoL6sM6ljl
QvT6T1Y53jRAmzmln9z6pvxVqL8KM5lhe9RjNCsrEjk585jg49NAURs66r7sWC8y
NAdlnIrvVPJEz0Nex/sOwRHfTzrB+4ms74VNnl0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTKAa4+uGXYOojGt1OhPKvVaveVqTAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L3lnR3VQcmhsMkRxSXhyZFRvVHlyMVdyM2xhay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXLJzANBgkqhkiG9w0BAQsFAAOC
AQEAa8Y2L2cj4Jf2y+fUY1QAjDIYeUkxhNzRsNGNJ6UddPcyoJYpDItoeZ5TJ3n8
br3l/2JjYHnBqGe1d7VHJFsWn5216FYQfkO4PbGRnE47tnj6trgMLVRVcUPO2LEs
RcdP89HZong01yY1kx11mhSgT6y4IMjuSWr9Z8Z3YXR+Jq+4n+ZtKxWX3VujgoaZ
GdxWV0cdCJQF6+PQKUNeC/WaUx9J4HltE2rDGjlWNi98zmuJsx89CJSxzn+CRZiO
oa/m8jluj0oHAiJ7e+4CvwGTDxgSp07ENYzbm8cZu4YQ9syiqIY31jCELtLY8wVu
1IznRnOtlnfWFqad/l4QiZsFMg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:07 2023 by rpki-client on console-fra.rpki-client.org