Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/02_xyFWeiN-2KvBWVQMaxDDB66s.roa
File: 02_xyFWeiN-2KvBWVQMaxDDB66s.roa (raw, json)
Hash identifier: gCHf4enaxapUio5StncGtWuwDMYZYHl9BYgh6I7oLZ0=
Subject key identifier: D3:6F:F1:C8:55:9E:88:DF:B6:2A:F0:56:55:03:1A:C4:30:C1:EB:AB
Certificate issuer: /CN=99b0425b71c2b51cd7ebe47d3efe7cb9861b4d82
Certificate serial: 018248B7869A71ABAC9ED95B73D5DE7484B3
Authority key identifier: 99:B0:42:5B:71:C2:B5:1C:D7:EB:E4:7D:3E:FE:7C:B9:86:1B:4D:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/02_xyFWeiN-2KvBWVQMaxDDB66s.roa
Signing time: Fri 29 Jul 2022 06:49:23 +0000
ROA not before: Fri 29 Jul 2022 06:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208611
IP address blocks: 185.122.10.0/24 maxlen: 24
185.122.8.0/24 maxlen: 24
185.122.11.0/24 maxlen: 24
185.122.9.0/24 maxlen: 24
185.194.240.0/24 maxlen: 24
185.194.243.0/24 maxlen: 24
185.194.241.0/24 maxlen: 24
185.194.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:48:b7:86:9a:71:ab:ac:9e:d9:5b:73:d5:de:74:84:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b0425b71c2b51cd7ebe47d3efe7cb9861b4d82
Validity
Not Before: Jul 29 06:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d36ff1c8559e88dfb62af05655031ac430c1ebab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0d:09:2c:9b:32:a0:74:0a:0a:95:a9:ff:19:
db:70:89:5b:f1:a9:78:9d:e8:09:c7:f4:c0:a7:b4:
55:b5:3e:12:a6:22:12:ae:f8:25:1d:6b:29:8a:9c:
c5:01:20:f3:79:29:d6:cc:38:2e:d9:c5:ab:d4:2d:
65:ed:06:eb:ce:32:d0:ce:33:59:80:31:75:5c:9d:
98:79:ee:44:1a:9a:da:04:02:42:c4:87:3a:52:14:
fc:2d:f1:59:c1:99:91:3c:a4:44:b5:8d:40:fc:a1:
dc:b1:61:69:15:8a:2e:7e:dc:49:7a:b5:84:87:fb:
cd:74:bb:1c:15:3a:9f:d5:5b:16:a1:cc:88:3c:01:
bd:12:4e:56:67:87:10:59:f1:67:e8:93:1d:e7:64:
7e:68:a9:ad:a8:93:dd:c2:d0:52:ed:11:b4:f8:cd:
ad:f5:d4:ae:14:cc:35:af:f1:fc:d8:b2:50:3c:ea:
7d:39:8d:c3:11:81:24:ae:e8:84:03:45:fe:41:f3:
62:4f:84:33:53:10:17:09:3c:41:1d:9b:8a:b8:4a:
52:ab:39:f1:d1:b2:fd:c1:37:bf:b5:de:9c:31:d7:
10:75:01:06:87:12:02:66:92:2f:d6:fe:c2:01:80:
7c:2f:48:1f:47:86:4b:11:15:ff:7f:57:f3:8f:3d:
87:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6F:F1:C8:55:9E:88:DF:B6:2A:F0:56:55:03:1A:C4:30:C1:EB:AB
X509v3 Authority Key Identifier:
keyid:99:B0:42:5B:71:C2:B5:1C:D7:EB:E4:7D:3E:FE:7C:B9:86:1B:4D:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/02_xyFWeiN-2KvBWVQMaxDDB66s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/mbBCW3HCtRzX6-R9Pv58uYYbTYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.8.0/22
185.194.240.0/22
Signature Algorithm: sha256WithRSAEncryption
94:07:4b:93:e8:d2:fa:95:94:1c:32:88:ff:6d:68:a8:ab:0d:
d0:df:f4:d4:00:f2:57:18:53:93:1d:20:d2:13:86:26:17:71:
8e:71:51:b8:4e:51:1a:05:49:89:60:78:fe:ff:ae:7d:c0:c5:
28:ad:f5:c6:18:6d:94:e2:56:fa:c8:83:30:09:1c:c0:fa:1b:
1e:db:5a:91:12:ae:ca:0c:a3:82:90:b7:6c:9e:75:51:fb:4d:
1f:2a:bc:17:e2:42:be:09:a1:fc:44:0f:57:7c:64:9f:8d:16:
86:38:73:7c:80:31:03:6d:4d:fa:30:1f:77:74:d5:58:29:8a:
2c:93:84:17:b7:de:5a:01:16:c0:33:9f:92:ed:94:c2:3c:eb:
cb:ac:40:e7:84:ed:e5:0b:54:de:93:be:b5:92:3a:d0:20:cf:
f8:3a:27:06:bf:11:ee:cb:5a:a4:86:ac:0d:2f:c8:58:16:32:
0b:0f:f4:d2:b7:d2:e5:09:c1:e3:55:29:8e:1c:28:a3:bf:22:
d4:8f:40:ea:28:7d:56:ed:32:ea:45:61:8c:d5:8f:97:7b:1c:
4f:a5:d1:df:a9:45:f6:81:01:be:e5:44:c9:03:00:ce:3a:1d:
34:77:40:57:af:19:f2:4a:e0:19:0e:02:43:b4:85:65:74:de:
42:59:43:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJIt4aacausntlbc9XedISzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjA0MjViNzFjMmI1MWNkN2ViZTQ3ZDNlZmU3Y2I5ODYx
YjRkODIwHhcNMjIwNzI5MDY0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzZmZjFjODU1OWU4OGRmYjYyYWYwNTY1NTAzMWFjNDMwYzFlYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA0JLJsyoHQKCpWp/xnbcIlb8al4
negJx/TAp7RVtT4SpiISrvglHWspipzFASDzeSnWzDgu2cWr1C1l7QbrzjLQzjNZ
gDF1XJ2Yee5EGpraBAJCxIc6UhT8LfFZwZmRPKREtY1A/KHcsWFpFYouftxJerWE
h/vNdLscFTqf1VsWocyIPAG9Ek5WZ4cQWfFn6JMd52R+aKmtqJPdwtBS7RG0+M2t
9dSuFMw1r/H82LJQPOp9OY3DEYEkruiEA0X+QfNiT4QzUxAXCTxBHZuKuEpSqznx
0bL9wTe/td6cMdcQdQEGhxICZpIv1v7CAYB8L0gfR4ZLERX/f1fzjz2HoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNNv8chVnojftirwVlUDGsQwweurMB8GA1UdIwQY
MBaAFJmwQltxwrUc1+vkfT7+fLmGG02CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJCQ1czSEN0UnpYNi1SOVB2NTh1WVliVFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTk4MmQtYWQ1Yi00MTAwLThkOWQt
ZDFlZmNlZWMzNGMxLzEvMDJfeHlGV2VpTi0yS3ZCV1ZRTWF4RERCNjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTk4MmQtYWQ1Yi00MTAwLThkOWQtZDFlZmNlZWMzNGMx
LzEvbWJCQ1czSEN0UnpYNi1SOVB2NTh1WVliVFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXoIAwQC
ucLwMA0GCSqGSIb3DQEBCwUAA4IBAQCUB0uT6NL6lZQcMoj/bWioqw3Q3/TUAPJX
GFOTHSDSE4YmF3GOcVG4TlEaBUmJYHj+/659wMUorfXGGG2U4lb6yIMwCRzA+hse
21qREq7KDKOCkLdsnnVR+00fKrwX4kK+CaH8RA9XfGSfjRaGOHN8gDEDbU36MB93
dNVYKYosk4QXt95aARbAM5+S7ZTCPOvLrEDnhO3lC1Tek761kjrQIM/4OicGvxHu
y1qkhqwNL8hYFjILD/TSt9LlCcHjVSmOHCijvyLUj0DqKH1W7TLqRWGM1Y+XexxP
pdHfqUX2gQG+5UTJAwDOOh00d0BXrxnySuAZDgJDtIVldN5CWUMe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:19 2024 by rpki-client on console-ams.rpki-client.org