Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/y6mFpGr73yCfRvq_tpKKeoReEOE.roa
File: y6mFpGr73yCfRvq_tpKKeoReEOE.roa (raw, json)
Hash identifier: CqvG2koFsOw2AOfbSFpBGf53U0JDvpEPOjYvaCAF+Lg=
Subject key identifier: CB:A9:85:A4:6A:FB:DF:20:9F:46:FA:BF:B6:92:8A:7A:84:5E:10:E1
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 01835A2BE9BA89E2530D9EC9A12CDB3D2DAF
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/y6mFpGr73yCfRvq_tpKKeoReEOE.roa
Signing time: Tue 20 Sep 2022 09:12:50 +0000
ROA not before: Tue 20 Sep 2022 09:12:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202103
IP address blocks: 176.39.0.0/19 maxlen: 20
92.52.128.0/18 maxlen: 20
31.134.64.0/19 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:2b:e9:ba:89:e2:53:0d:9e:c9:a1:2c:db:3d:2d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Sep 20 09:12:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cba985a46afbdf209f46fabfb6928a7a845e10e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:84:61:3c:96:45:35:b7:05:f8:8c:5b:ad:6e:
3f:73:fd:19:8a:13:5f:90:72:d1:c4:24:3d:d6:ec:
b2:29:26:f8:a1:85:d2:4a:3a:0c:45:7e:a4:3d:08:
24:03:8d:06:09:a0:b2:74:28:4c:c4:61:9e:da:29:
ba:55:53:ba:59:09:3b:bf:7e:bb:bf:34:8f:df:28:
be:da:80:e0:d3:36:30:4d:fe:17:26:79:cd:5f:d6:
fe:67:43:0c:eb:65:1a:b7:4b:09:1d:62:e6:5d:88:
d0:00:f7:e1:c4:ca:93:78:1c:7c:4a:06:a6:d1:95:
a4:37:92:80:b2:b4:be:b7:3b:54:1b:87:4d:56:18:
13:1e:86:41:56:d8:eb:02:3c:36:22:97:bf:0c:15:
1c:8c:62:95:cc:40:22:04:dc:67:40:19:51:a7:fd:
8e:f4:33:af:3e:39:78:15:c0:44:f6:af:dc:a8:0c:
2a:65:cb:35:11:b2:e4:dd:da:71:44:66:e5:59:77:
04:7c:e2:f2:c2:84:f3:bd:1b:99:df:a3:eb:9a:e1:
b6:34:3c:a4:fd:c4:d3:8e:1d:68:e5:f8:a1:8d:f3:
d9:4e:b4:fc:fd:89:e2:32:be:61:71:a3:ff:05:01:
06:f8:83:70:93:e0:e5:a3:53:ca:a4:da:b0:58:fe:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A9:85:A4:6A:FB:DF:20:9F:46:FA:BF:B6:92:8A:7A:84:5E:10:E1
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/y6mFpGr73yCfRvq_tpKKeoReEOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.64.0/19
92.52.128.0/18
176.39.0.0/19
Signature Algorithm: sha256WithRSAEncryption
12:0a:f5:b2:3c:e3:91:23:91:b4:a1:64:fe:6c:4e:51:6b:be:
ed:5d:e2:ae:42:e8:b3:be:66:10:b3:34:32:75:fd:ef:c2:a3:
e9:21:42:63:ed:f0:35:0f:eb:80:bc:cb:6d:5c:01:1a:f8:42:
0a:84:1e:3d:1a:c8:b7:47:ce:54:08:10:23:8b:1b:2b:2c:36:
bf:9f:27:50:13:b8:9c:0e:39:ba:61:8b:f1:58:af:4c:f6:0a:
b9:be:ad:d5:07:96:e2:6e:6b:8e:8d:47:bd:c6:20:46:93:d5:
d5:a6:2f:54:cc:8f:a5:35:6c:ef:1f:63:e9:56:9f:c6:0c:37:
67:39:82:35:51:4e:85:7c:da:b7:08:b2:33:0d:41:99:05:8d:
8f:17:16:a7:bf:30:9f:dc:83:61:17:04:78:6a:4b:e4:a9:b8:
3b:8c:26:84:94:96:3c:33:55:1d:47:b0:00:ea:59:54:f3:eb:
7f:bd:21:dc:ad:23:72:e0:4d:26:48:8c:35:d8:cd:07:fb:3b:
da:8c:f2:4e:11:21:7d:cb:21:e6:3b:a4:a8:fd:aa:9a:0a:ec:
23:18:7f:66:6f:30:4b:07:cd:44:05:d0:45:e8:e8:b7:3d:34:
e1:3f:2e:9c:d8:7c:1f:3e:cb:97:b2:a6:bf:2e:de:e0:54:16:
2b:e0:80:92
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYNaK+m6ieJTDZ7JoSzbPS2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjIwOTIwMDkxMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmE5ODVhNDZhZmJkZjIwOWY0NmZhYmZiNjkyOGE3YTg0NWUxMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYRhPJZFNbcF+IxbrW4/c/0ZihNf
kHLRxCQ91uyyKSb4oYXSSjoMRX6kPQgkA40GCaCydChMxGGe2im6VVO6WQk7v367
vzSP3yi+2oDg0zYwTf4XJnnNX9b+Z0MM62Uat0sJHWLmXYjQAPfhxMqTeBx8Sgam
0ZWkN5KAsrS+tztUG4dNVhgTHoZBVtjrAjw2Ipe/DBUcjGKVzEAiBNxnQBlRp/2O
9DOvPjl4FcBE9q/cqAwqZcs1EbLk3dpxRGblWXcEfOLywoTzvRuZ36PrmuG2NDyk
/cTTjh1o5fihjfPZTrT8/YniMr5hcaP/BQEG+INwk+Dlo1PKpNqwWP7f4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMuphaRq+98gn0b6v7aSinqEXhDhMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL3k2bUZwR3I3M3lDZlJ2cV90cEtLZW9SZUVPRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAUfhkAD
BAZcNIADBAWwJwAwDQYJKoZIhvcNAQELBQADggEBABIK9bI845EjkbShZP5sTlFr
vu1d4q5C6LO+ZhCzNDJ1/e/Co+khQmPt8DUP64C8y21cARr4QgqEHj0ayLdHzlQI
ECOLGyssNr+fJ1ATuJwOObphi/FYr0z2Crm+rdUHluJua46NR73GIEaT1dWmL1TM
j6U1bO8fY+lWn8YMN2c5gjVRToV82rcIsjMNQZkFjY8XFqe/MJ/cg2EXBHhqS+Sp
uDuMJoSUljwzVR1HsADqWVTz63+9IdytI3LgTSZIjDXYzQf7O9qM8k4RIX3LIeY7
pKj9qpoK7CMYf2ZvMEsHzUQF0EXo6Lc9NOE/LpzYfB8+y5eypr8u3uBUFivggJI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:45 2025 by rpki-client