Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y2TTpbBakFzdbGVTDaCkxz4-490.roa
File: Y2TTpbBakFzdbGVTDaCkxz4-490.roa (raw, json)
Hash identifier: Ucr6ax+TZCKxjzwe7JEk2nZAy/B2/dKodGPnvU7XEgo=
Subject key identifier: 63:64:D3:A5:B0:5A:90:5C:DD:6C:65:53:0D:A0:A4:C7:3E:3E:E3:DD
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0AEFB24A
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y2TTpbBakFzdbGVTDaCkxz4-490.roa
Signing time: Thu 13 Jan 2022 08:52:44 +0000
ROA not before: Thu 13 Jan 2022 08:52:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 185.254.31.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
91.194.55.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183480906 (0xaefb24a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 13 08:52:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6364d3a5b05a905cdd6c65530da0a4c73e3ee3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:59:47:85:2f:2b:a6:5d:5e:0b:48:2c:b7:
e4:1c:7b:48:b0:d6:d8:82:a7:cd:ff:2f:c8:94:ec:
62:df:f4:1e:47:c2:5f:0a:51:1d:1a:94:82:f7:25:
6f:a4:5d:f6:3a:f0:53:be:32:20:e4:59:03:fb:ad:
18:69:8c:b0:ab:54:6c:fe:3b:22:04:63:aa:76:ec:
c8:4e:31:8a:b6:22:35:7d:7e:90:17:b9:0d:92:25:
34:20:eb:21:7f:ae:a9:5e:26:56:db:00:21:dc:f7:
1e:1e:11:39:59:34:eb:c9:ed:4c:94:36:a9:1c:5e:
07:52:57:5f:1e:7d:66:9b:c6:5c:80:4d:ee:40:4e:
d3:e3:9d:0a:1d:8b:15:7d:d7:40:b1:21:3d:bd:2b:
07:26:34:f3:b0:c7:a8:46:66:0e:e8:42:3f:a5:c0:
7f:ae:2e:5d:3c:14:fd:7a:9c:e6:18:31:a7:68:87:
c5:59:6a:b8:11:85:38:aa:98:5f:c1:5b:26:c3:6a:
77:b0:6e:9d:f9:6d:51:f8:a3:73:d3:2c:ba:9f:5b:
2a:37:67:8e:be:41:56:b6:1a:28:68:2e:40:14:0a:
02:93:24:ff:41:0a:d6:fd:01:59:03:6e:2a:2c:83:
b5:06:23:cc:f2:2c:d2:d5:97:f6:fc:db:94:3f:dc:
5e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:64:D3:A5:B0:5A:90:5C:DD:6C:65:53:0D:A0:A4:C7:3E:3E:E3:DD
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Y2TTpbBakFzdbGVTDaCkxz4-490.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/24
109.236.49.0-109.236.51.255
185.86.6.0/24
185.254.31.0/24
193.160.141.0/24
193.160.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:28:7c:1f:2f:ac:51:a0:cc:15:09:3f:ac:08:0c:b4:2b:34:
a2:52:60:99:88:e7:13:d5:8b:44:91:96:02:4e:87:a6:61:d2:
7d:fc:5f:ad:0c:86:32:34:f7:4c:d6:9c:87:90:f5:ca:67:f6:
0b:8b:c6:64:af:45:59:81:fa:5b:c1:40:17:7d:87:ba:f8:75:
45:1a:9d:02:ac:0a:e8:d4:86:6b:a0:0b:f4:8c:6f:97:0e:94:
f1:d2:d5:08:b3:af:63:4a:18:a3:21:63:a1:a1:38:5c:c2:58:
c2:b7:ad:19:1e:9b:18:b5:04:24:f7:1a:58:a2:9c:2b:04:de:
7b:3f:78:c9:c5:cb:f7:f1:3e:92:f7:68:f5:15:06:82:88:50:
a8:9a:3a:bf:78:cb:3a:ac:64:f2:58:f9:03:21:14:80:13:f8:
af:d7:5c:d5:16:2d:f3:45:bf:f6:af:9f:13:0d:92:4b:0f:98:
c2:7f:4d:36:e2:12:85:48:5e:8c:b6:65:04:aa:6b:19:b7:72:
3b:93:87:92:73:f9:88:12:82:7f:60:14:c5:2b:92:23:d3:d0:
f7:cc:48:a4:3d:3a:25:4e:bb:18:5f:09:57:b2:0c:0f:07:fa:
dc:d6:8c:a7:d9:51:78:a2:1e:9d:79:99:21:91:16:30:34:cb:
1b:97:de:a3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIECu+ySjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMB4XDTIyMDEx
MzA4NTI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM2NGQzYTViMDVh
OTA1Y2RkNmM2NTUzMGRhMGE0YzczZTNlZTNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUmWUeFLyumXV4LSCy35Bx7SLDW2IKnzf8vyJTsYt/0HkfC
XwpRHRqUgvclb6Rd9jrwU74yIORZA/utGGmMsKtUbP47IgRjqnbsyE4xirYiNX1+
kBe5DZIlNCDrIX+uqV4mVtsAIdz3Hh4ROVk068ntTJQ2qRxeB1JXXx59ZpvGXIBN
7kBO0+OdCh2LFX3XQLEhPb0rByY087DHqEZmDuhCP6XAf64uXTwU/Xqc5hgxp2iH
xVlquBGFOKqYX8FbJsNqd7BunfltUfijc9Msup9bKjdnjr5BVrYaKGguQBQKApMk
/0EK1v0BWQNuKiyDtQYjzPIs0tWX9vzblD/cXmUCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRjZNOlsFqQXN1sZVMNoKTHPj7j3TAfBgNVHSMEGDAWgBTGFsQZUVLv/tv3
s6/uKqcuGQkOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hoYkVHVkZTN183Yjk3T3Y3aXFuTGhrSkRrMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8x
L1kyVFRwYkJha0Z6ZGJHVlREYUNreHo0LTQ5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183
Yjk3T3Y3aXFuTGhrSkRrMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAFvCNwMEAF2+DDAMAwQAbewxAwQC
bewwAwQAuVYGAwQAuf4fAwQAwaCNAwQAwaCPMA0GCSqGSIb3DQEBCwUAA4IBAQAr
KHwfL6xRoMwVCT+sCAy0KzSiUmCZiOcT1YtEkZYCToemYdJ9/F+tDIYyNPdM1pyH
kPXKZ/YLi8Zkr0VZgfpbwUAXfYe6+HVFGp0CrAro1IZroAv0jG+XDpTx0tUIs69j
ShijIWOhoThcwljCt60ZHpsYtQQk9xpYopwrBN57P3jJxcv38T6S92j1FQaCiFCo
mjq/eMs6rGTyWPkDIRSAE/iv11zVFi3zRb/2r58TDZJLD5jCf0024hKFSF6MtmUE
qmsZt3I7k4eSc/mIEoJ/YBTFK5Ij09D3zEikPTolTrsYXwlXsgwPB/rc1oyn2VF4
oh6deZkhkRYwNMsbl96j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org