Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/xy70YQHfsipcAncLtZduLw8Kd5k.roa
File: xy70YQHfsipcAncLtZduLw8Kd5k.roa (raw, json)
Hash identifier: dFLOubJjVB92Nd9gDPGXqq/SRZpgA85Cx/H9ceT2210=
Subject key identifier: C7:2E:F4:61:01:DF:B2:2A:5C:02:77:0B:B5:97:6E:2F:0F:0A:77:99
Certificate issuer: /CN=99282d77c662e68bb87e83338b76ad6bead93185
Certificate serial: 104681F1
Authority key identifier: 99:28:2D:77:C6:62:E6:8B:B8:7E:83:33:8B:76:AD:6B:EA:D9:31:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSgtd8Zi5ou4foMzi3ata-rZMYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/xy70YQHfsipcAncLtZduLw8Kd5k.roa
Signing time: Sat 01 Jan 2022 05:57:17 +0000
ROA not before: Sat 01 Jan 2022 05:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206784
IP address blocks: 185.176.136.0/22 maxlen: 32
2a0a:1780::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 273056241 (0x104681f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99282d77c662e68bb87e83338b76ad6bead93185
Validity
Not Before: Jan 1 05:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c72ef46101dfb22a5c02770bb5976e2f0f0a7799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c1:a7:e2:c8:02:2e:68:d8:11:a9:57:3c:7b:
bb:ab:15:6b:9e:52:e2:00:18:55:8f:e3:ed:03:94:
97:1d:56:fa:7a:86:87:84:63:10:5c:30:97:41:87:
82:ac:1a:a9:a7:7a:f4:08:22:60:16:98:49:3f:a0:
4f:31:85:df:65:c1:d0:6c:f7:ee:24:26:8e:a9:d7:
9a:b9:eb:db:9b:85:0f:15:16:1d:de:89:19:13:fe:
49:7d:86:85:f6:0b:1e:b2:44:79:52:42:da:60:13:
cb:07:c6:28:20:94:54:4c:72:75:5c:34:3d:7e:00:
e6:9c:56:11:2d:a1:bb:1f:94:b9:74:6e:cd:b2:50:
51:0b:99:b9:9b:ec:f6:ac:ce:8c:f9:8c:27:39:cd:
81:83:7f:48:f0:a0:ec:6b:f8:7d:75:68:e3:eb:51:
e8:8b:36:aa:5a:36:a1:c1:d0:f8:67:07:d8:a1:77:
88:7d:77:14:12:c2:d9:81:a2:bf:03:96:2f:21:12:
e5:bb:06:ca:15:14:a8:6d:4a:43:ed:f1:7a:22:cd:
45:5b:e6:41:e3:d3:1c:5f:01:cc:80:ba:01:73:79:
a1:24:67:cf:e8:c5:ed:eb:6e:77:0d:af:f9:e7:06:
4c:b5:f0:05:0b:e5:5c:22:c9:61:58:49:f6:7c:9d:
1e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2E:F4:61:01:DF:B2:2A:5C:02:77:0B:B5:97:6E:2F:0F:0A:77:99
X509v3 Authority Key Identifier:
keyid:99:28:2D:77:C6:62:E6:8B:B8:7E:83:33:8B:76:AD:6B:EA:D9:31:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSgtd8Zi5ou4foMzi3ata-rZMYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/xy70YQHfsipcAncLtZduLw8Kd5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/mSgtd8Zi5ou4foMzi3ata-rZMYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.136.0/22
IPv6:
2a0a:1780::/29
Signature Algorithm: sha256WithRSAEncryption
52:ac:73:58:d3:7c:2a:27:0d:6f:05:cd:77:2a:5a:77:16:b3:
b3:97:cd:c6:0b:67:c5:13:f6:c4:6e:ed:ab:a6:da:73:a0:b3:
7e:d6:49:f2:82:51:d9:7f:65:c9:9c:2c:f5:73:19:6e:5c:49:
ab:7b:89:03:4b:bf:d4:0c:5b:f9:f9:86:c1:1d:26:c2:22:ca:
53:ab:60:b3:c5:90:53:52:98:c9:50:86:fc:04:f8:f0:73:45:
a2:36:0e:0e:ca:4f:1f:33:9f:a7:d8:ba:46:a1:e4:08:4c:13:
bf:5e:ef:c4:b1:86:c1:db:cf:28:cb:f6:f1:dd:c3:08:8a:27:
e6:21:46:a1:e2:c5:7d:46:69:89:3b:c6:66:32:a6:87:bd:f2:
02:c1:71:7f:5f:9b:09:92:54:a5:0c:58:e5:69:e5:0f:d3:ba:
9e:8b:d9:cf:9b:5b:2e:2e:e7:79:02:f6:68:d3:d9:13:0b:9b:
37:eb:e0:a0:da:da:1a:f0:eb:32:de:52:dc:f8:a8:67:14:db:
06:31:e6:f9:5c:33:5b:31:74:45:44:66:03:d5:1f:08:9d:7e:
e9:3c:a3:ce:b3:03:6f:83:be:e4:60:96:87:d3:66:74:af:bf:
c0:b9:a9:93:73:c4:8a:0f:e7:00:99:fa:07:90:5d:7f:8b:01:
8d:eb:51:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEEaB8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTI4MmQ3N2M2NjJlNjhiYjg3ZTgzMzM4Yjc2YWQ2YmVhZDkzMTg1MB4XDTIyMDEw
MTA1NTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzcyZWY0NjEwMWRm
YjIyYTVjMDI3NzBiYjU5NzZlMmYwZjBhNzc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbBp+LIAi5o2BGpVzx7u6sVa55S4gAYVY/j7QOUlx1W+nqG
h4RjEFwwl0GHgqwaqad69AgiYBaYST+gTzGF32XB0Gz37iQmjqnXmrnr25uFDxUW
Hd6JGRP+SX2GhfYLHrJEeVJC2mATywfGKCCUVExydVw0PX4A5pxWES2hux+UuXRu
zbJQUQuZuZvs9qzOjPmMJznNgYN/SPCg7Gv4fXVo4+tR6Is2qlo2ocHQ+GcH2KF3
iH13FBLC2YGivwOWLyES5bsGyhUUqG1KQ+3xeiLNRVvmQePTHF8BzIC6AXN5oSRn
z+jF7etudw2v+ecGTLXwBQvlXCLJYVhJ9nydHlcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTHLvRhAd+yKlwCdwu1l24vDwp3mTAfBgNVHSMEGDAWgBSZKC13xmLmi7h+
gzOLdq1r6tkxhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TZ3RkOFppNW91NGZvTXppM2F0YS1yWk1ZVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvNjFjNjFkLTVlZDgtNDc2Ni05YjRiLTA1NmI5YzIzMWYzNC8x
L3h5NzBZUUhmc2lwY0FuY0x0WmR1THc4S2Q1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
NjFjNjFkLTVlZDgtNDc2Ni05YjRiLTA1NmI5YzIzMWYzNC8xL21TZ3RkOFppNW91
NGZvTXppM2F0YS1yWk1ZVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmwiDANBAIAAjAHAwUDKgoXgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUqxzWNN8KicNbwXNdypadxazs5fNxgtnxRP2xG7t
q6bac6CzftZJ8oJR2X9lyZws9XMZblxJq3uJA0u/1Axb+fmGwR0mwiLKU6tgs8WQ
U1KYyVCG/AT48HNFojYODspPHzOfp9i6RqHkCEwTv17vxLGGwdvPKMv28d3DCIon
5iFGoeLFfUZpiTvGZjKmh73yAsFxf1+bCZJUpQxY5WnlD9O6novZz5tbLi7neQL2
aNPZEwubN+vgoNraGvDrMt5S3PioZxTbBjHm+VwzWzF0RURmA9UfCJ1+6TyjzrMD
b4O+5GCWh9NmdK+/wLmpk3PEig/nAJn6B5Bdf4sBjetRZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:45 2024 by rpki-client on console-ams.rpki-client.org