Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/y61J-tQvDloyKpuJKL0QWI3wB_A.roa
File: y61J-tQvDloyKpuJKL0QWI3wB_A.roa (raw, json)
Hash identifier: A8tfdIJVbXAnsp9oMOqTHc+AfV6W3A39jdm+34cEFiA=
Subject key identifier: CB:AD:49:FA:D4:2F:0E:5A:32:2A:9B:89:28:BD:10:58:8D:F0:07:F0
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 3A940A13
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/y61J-tQvDloyKpuJKL0QWI3wB_A.roa
Signing time: Sat 01 Jan 2022 04:52:16 +0000
ROA not before: Sat 01 Jan 2022 04:52:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206442
IP address blocks: 195.136.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 982780435 (0x3a940a13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 04:52:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbad49fad42f0e5a322a9b8928bd10588df007f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:23:84:25:fe:5c:a4:fc:b7:82:9f:f3:df:cc:
43:46:aa:5f:31:99:f4:f4:be:67:b4:d1:1c:7a:11:
ab:36:fa:b4:3f:d6:08:69:8d:a8:12:02:92:6b:52:
37:9b:f9:05:bb:92:38:bb:b4:31:b7:75:37:66:98:
56:30:d4:e1:d8:06:93:80:28:9e:6a:ee:7b:d1:bf:
c5:8e:f8:86:29:42:fe:7c:b2:2b:ac:9a:25:35:f2:
3e:1b:fd:fd:fa:25:9a:cc:3d:73:4e:f6:51:72:46:
c2:2c:a9:1c:da:e8:34:68:18:55:ba:32:e5:c8:b7:
d7:9e:b1:89:13:bc:9d:ce:0e:36:74:0c:4a:23:d5:
6d:65:23:80:30:e5:90:e9:fe:11:67:0d:c1:db:16:
85:8c:61:c2:c3:ec:f6:64:35:86:27:e2:44:de:c6:
13:81:10:9e:86:e0:b9:6b:ea:ba:ac:21:8b:d4:a3:
8c:fe:34:13:41:06:5c:99:2e:b4:33:0a:e7:ac:5c:
8d:2d:8d:5b:d1:c4:97:ab:cf:25:fd:3c:40:26:70:
78:97:d7:fc:c7:52:4b:6b:dc:3b:08:39:57:bf:a8:
ba:8d:7c:21:39:0c:99:2d:fa:ca:c1:5a:1d:d1:db:
4a:ed:b9:46:30:aa:20:1c:cd:1e:53:71:e4:3f:57:
f2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AD:49:FA:D4:2F:0E:5A:32:2A:9B:89:28:BD:10:58:8D:F0:07:F0
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/y61J-tQvDloyKpuJKL0QWI3wB_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.204.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:0c:9e:5c:21:56:2f:e5:be:78:c6:c4:53:8f:da:5d:49:a3:
2c:b1:9c:de:cd:37:53:29:22:73:21:47:92:3d:16:b0:d5:bd:
0b:1c:73:e8:e6:75:d9:70:7d:7d:d3:1d:1c:8e:d4:0b:10:d6:
86:39:5f:95:2d:fd:07:b6:ca:84:d2:63:91:28:e9:14:47:5b:
63:cf:55:c5:66:44:7f:fe:f5:cb:2e:39:18:a1:c8:74:0e:d4:
b8:04:c8:11:52:96:cf:1d:4b:6c:64:23:b3:f9:98:1e:26:dd:
55:06:50:dc:52:81:c6:b9:3f:74:14:d0:cf:60:e8:12:fa:82:
16:66:b8:43:54:b3:4d:49:e7:86:55:cb:94:3d:e5:8b:10:b2:
53:1e:d7:32:fa:1d:e8:bd:ca:f2:5b:45:c6:bf:29:01:89:a2:
e9:f1:d6:33:ae:14:03:3d:84:2f:c3:4d:b3:09:e5:92:c6:14:
13:0f:91:f4:a7:29:8b:f8:6a:85:57:22:13:26:e4:a2:d1:ee:
d5:c5:14:ac:02:1f:9a:94:b0:83:bc:fc:e5:6d:db:ca:91:b7:
39:f9:f2:65:94:bf:f9:57:dc:06:4c:7a:0d:71:51:35:24:69:
f1:05:17:a0:19:f0:a5:b2:d5:fa:43:48:e5:e1:b0:c3:53:1e:
13:71:08:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOpQKEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDY4MzRlNjg4OTBmMzk4NmExYjA0NTdjZTBmNTRhZTAzYzJkNzZiMB4XDTIyMDEw
MTA0NTIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JhZDQ5ZmFkNDJm
MGU1YTMyMmE5Yjg5MjhiZDEwNTg4ZGYwMDdmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQjhCX+XKT8t4Kf89/MQ0aqXzGZ9PS+Z7TRHHoRqzb6tD/W
CGmNqBICkmtSN5v5BbuSOLu0Mbd1N2aYVjDU4dgGk4Aonmrue9G/xY74hilC/nyy
K6yaJTXyPhv9/folmsw9c072UXJGwiypHNroNGgYVboy5ci3156xiRO8nc4ONnQM
SiPVbWUjgDDlkOn+EWcNwdsWhYxhwsPs9mQ1hifiRN7GE4EQnobguWvquqwhi9Sj
jP40E0EGXJkutDMK56xcjS2NW9HEl6vPJf08QCZweJfX/MdSS2vcOwg5V7+ouo18
ITkMmS36ysFaHdHbSu25RjCqIBzNHlNx5D9X8icCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTLrUn61C8OWjIqm4kovRBYjfAH8DAfBgNVHSMEGDAWgBRUaDTmiJDzmGob
BFfOD1SuA8LXazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZHZzA1b2lRODVocUd3Ulh6ZzlVcmdQQzEycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8x
L3k2MUotdFF2RGxveUtwdUpLTDBRV0kzd0JfQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8xL1ZHZzA1b2lRODVo
cUd3Ulh6ZzlVcmdQQzEycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsOIzDANBgkqhkiG9w0BAQsFAAOC
AQEAwwyeXCFWL+W+eMbEU4/aXUmjLLGc3s03UykicyFHkj0WsNW9Cxxz6OZ12XB9
fdMdHI7UCxDWhjlflS39B7bKhNJjkSjpFEdbY89VxWZEf/71yy45GKHIdA7UuATI
EVKWzx1LbGQjs/mYHibdVQZQ3FKBxrk/dBTQz2DoEvqCFma4Q1SzTUnnhlXLlD3l
ixCyUx7XMvod6L3K8ltFxr8pAYmi6fHWM64UAz2EL8NNswnlksYUEw+R9Kcpi/hq
hVciEybkotHu1cUUrAIfmpSwg7z85W3bypG3OfnyZZS/+VfcBkx6DXFRNSRp8QUX
oBnwpbLV+kNI5eGww1MeE3EIyQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:02 2023 by rpki-client on console-ams.rpki-client.org