Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/YL5h1uiPUcXdQNvKpejf00eiz2U.roa
File: YL5h1uiPUcXdQNvKpejf00eiz2U.roa (raw, json)
Hash identifier: 84w4Bvko+NQiBS155B5kCP03LvKncgbAigbR/iybz+8=
Subject key identifier: 60:BE:61:D6:E8:8F:51:C5:DD:40:DB:CA:A5:E8:DF:D3:47:A2:CF:65
Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093
Certificate serial: 075C794E
Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/YL5h1uiPUcXdQNvKpejf00eiz2U.roa
Signing time: Sat 01 Jan 2022 12:05:10 +0000
ROA not before: Sat 01 Jan 2022 12:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199496
IP address blocks: 185.13.76.0/22 maxlen: 32
95.129.248.0/21 maxlen: 32
185.65.156.0/22 maxlen: 32
185.235.220.0/22 maxlen: 32
2a00:83e0::/32 maxlen: 64
2a02:f4c0::/29 maxlen: 64
2a09:d00::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123500878 (0x75c794e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093
Validity
Not Before: Jan 1 12:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60be61d6e88f51c5dd40dbcaa5e8dfd347a2cf65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:a6:4a:f4:5f:4e:d1:86:fa:4c:e2:82:2c:
7c:e9:bb:04:cf:70:e3:5f:9f:e0:63:ff:f7:42:2f:
04:8c:dd:11:40:ec:85:24:bb:03:4b:23:fc:d4:67:
5b:5a:ae:a4:ac:96:fe:d8:3e:52:2d:c5:c9:73:7e:
80:3e:ef:48:69:70:40:c7:be:bd:91:f8:c8:18:98:
07:20:f0:8c:80:7a:20:76:a1:df:df:46:47:34:ac:
0d:e2:97:7e:17:b0:81:d7:83:24:50:c2:6d:de:22:
d4:69:10:56:11:9f:c4:3b:bd:77:0c:dd:cf:e9:76:
05:04:51:7a:70:32:ce:02:bf:e6:d6:38:18:dd:2d:
a9:aa:f1:5b:7e:66:e3:88:aa:4a:f9:59:e5:ff:97:
7c:06:37:55:20:13:ac:a8:67:03:ef:75:0d:d1:47:
0a:13:ae:7e:f6:65:7d:f5:91:f1:f3:88:02:7d:7a:
83:1d:e7:98:c6:5e:86:76:82:2f:40:18:a3:97:e7:
ee:80:de:c3:72:f1:43:0e:06:d3:8c:a3:c1:ab:cb:
bb:62:76:02:ab:7a:84:c7:69:08:2c:c8:a3:2d:00:
76:81:b3:17:ae:d3:94:08:a1:fa:54:b8:5b:99:fa:
53:85:86:a0:7a:aa:ab:cb:53:ce:e3:68:a5:a1:d6:
23:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BE:61:D6:E8:8F:51:C5:DD:40:DB:CA:A5:E8:DF:D3:47:A2:CF:65
X509v3 Authority Key Identifier:
keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/YL5h1uiPUcXdQNvKpejf00eiz2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.248.0/21
185.13.76.0/22
185.65.156.0/22
185.235.220.0/22
IPv6:
2a00:83e0::/32
2a02:f4c0::/29
2a09:d00::/29
Signature Algorithm: sha256WithRSAEncryption
0b:51:d5:64:05:11:1e:99:21:b2:ed:a5:10:92:c3:40:85:d5:
78:c2:cd:8f:2a:01:13:9c:5d:7e:c9:8a:7e:db:3a:16:d4:5a:
1b:49:8a:ea:57:9d:a9:72:39:a9:a1:37:14:83:c0:cd:42:e9:
de:a5:ce:ed:ab:e4:8f:b9:c5:60:44:83:de:fd:f5:d6:d2:23:
87:2a:e2:40:6d:f6:a8:84:54:7b:0f:5a:d9:e3:45:6b:8b:b5:
31:2c:f9:37:18:71:d5:a1:33:24:5a:23:33:94:53:64:9d:f5:
6b:3c:64:28:aa:b6:2b:0a:ad:b6:4b:86:04:2f:2a:4d:dc:fd:
38:04:d8:93:84:07:4b:9e:d6:3a:e8:0d:07:42:46:96:53:fb:
be:ef:ab:4e:45:d5:48:8e:69:4a:d7:90:0b:4a:bb:67:c9:8e:
3f:df:ed:76:a3:2f:50:42:ac:91:31:d8:f8:0c:01:43:89:51:
bd:da:c8:5d:56:64:6f:40:fc:44:5d:bf:29:8f:6e:79:e4:fc:
5a:7e:28:91:8c:2f:7c:02:18:50:24:eb:2d:fd:3d:a5:db:73:
3a:27:53:e0:49:98:57:71:9a:cb:31:bf:df:2b:c7:2d:bf:6a:
19:c2:e8:f6:73:bd:b2:d6:ac:2d:3d:fa:98:6b:43:80:e7:96:
38:5b:ba:6a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEB1x5TjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDA4NzRiMzMzZTM1ZGYxNGZkOTcwZTE4OTU4MWRhMDkzYmM4MDkzMB4XDTIyMDEw
MTEyMDUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBiZTYxZDZlODhm
NTFjNWRkNDBkYmNhYTVlOGRmZDM0N2EyY2Y2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALX6pkr0X07RhvpM4oIsfOm7BM9w41+f4GP/90IvBIzdEUDs
hSS7A0sj/NRnW1qupKyW/tg+Ui3FyXN+gD7vSGlwQMe+vZH4yBiYByDwjIB6IHah
399GRzSsDeKXfhewgdeDJFDCbd4i1GkQVhGfxDu9dwzdz+l2BQRRenAyzgK/5tY4
GN0tqarxW35m44iqSvlZ5f+XfAY3VSATrKhnA+91DdFHChOufvZlffWR8fOIAn16
gx3nmMZehnaCL0AYo5fn7oDew3LxQw4G04yjwavLu2J2Aqt6hMdpCCzIoy0AdoGz
F67TlAih+lS4W5n6U4WGoHqqq8tTzuNopaHWI9MCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBRgvmHW6I9Rxd1A28ql6N/TR6LPZTAfBgNVHSMEGDAWgBQNCHSzM+Nd8U/Z
cOGJWB2gk7yAkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RRaDBzelBqWGZGUDJYRGhpVmdkb0pPOGdKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvYjAzOWJjLTIxM2ItNDU3Yy05NmFlLTMxODFkYjkxMWExMy8x
L1lMNWgxdWlQVWNYZFFOdktwZWpmMDBlaXoyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
YjAzOWJjLTIxM2ItNDU3Yy05NmFlLTMxODFkYjkxMWExMy8xL0RRaDBzelBqWGZG
UDJYRGhpVmdkb0pPOGdKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wHgQCAAEwGAMEA1+B+AMEArkNTAMEArlBnAMEArnr
3DAbBAIAAjAVAwUAKgCD4AMFAyoC9MADBQMqCQ0AMA0GCSqGSIb3DQEBCwUAA4IB
AQALUdVkBREemSGy7aUQksNAhdV4ws2PKgETnF1+yYp+2zoW1FobSYrqV52pcjmp
oTcUg8DNQunepc7tq+SPucVgRIPe/fXW0iOHKuJAbfaohFR7D1rZ40Vri7UxLPk3
GHHVoTMkWiMzlFNknfVrPGQoqrYrCq22S4YELypN3P04BNiThAdLntY66A0HQkaW
U/u+76tORdVIjmlK15ALSrtnyY4/3+12oy9QQqyRMdj4DAFDiVG92shdVmRvQPxE
Xb8pj2555PxafiiRjC98AhhQJOst/T2l23M6J1PgSZhXcZrLMb/fK8ctv2oZwuj2
c72y1qwtPfqYa0OA55Y4W7pq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:03 2023 by rpki-client on console-ams.rpki-client.org