Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/yMDydJJvYVkkqVjUGS7VLwUNBHA.roa
File: yMDydJJvYVkkqVjUGS7VLwUNBHA.roa (raw, json)
Hash identifier: MnERfvrRHSHHDcb3q2+f1/9SiuDLaBc3V2kii4I6V5w=
Subject key identifier: C8:C0:F2:74:92:6F:61:59:24:A9:58:D4:19:2E:D5:2F:05:0D:04:70
Certificate issuer: /CN=3fa40fcfa836bb0b5b3e129404cb31e85250b01f
Certificate serial: 01828D7C7BB5835A2EAA6B691F663754022A
Authority key identifier: 3F:A4:0F:CF:A8:36:BB:0B:5B:3E:12:94:04:CB:31:E8:52:50:B0:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P6QPz6g2uwtbPhKUBMsx6FJQsB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/yMDydJJvYVkkqVjUGS7VLwUNBHA.roa
Signing time: Thu 11 Aug 2022 15:18:41 +0000
ROA not before: Thu 11 Aug 2022 15:18:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30798
IP address blocks: 62.204.0.0/19 maxlen: 24
213.185.32.0/19 maxlen: 24
89.236.64.0/18 maxlen: 24
217.112.240.0/20 maxlen: 24
45.154.68.0/22 maxlen: 24
2001:40e8::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:7c:7b:b5:83:5a:2e:aa:6b:69:1f:66:37:54:02:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fa40fcfa836bb0b5b3e129404cb31e85250b01f
Validity
Not Before: Aug 11 15:18:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8c0f274926f615924a958d4192ed52f050d0470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e2:35:4e:cc:aa:9b:8b:fb:bb:86:04:41:cb:
26:82:0f:16:c8:92:29:a9:bd:90:11:53:c3:9d:76:
4b:99:6e:4c:bf:30:22:47:da:a0:60:54:81:bd:66:
7f:09:62:ec:d8:29:23:ac:5d:7c:00:7d:6a:be:cd:
e9:ba:af:a2:5c:1d:21:8f:e5:dc:30:61:40:1c:8b:
df:f6:c0:74:c2:f6:67:83:8b:3d:fa:6a:32:72:30:
79:81:e3:8e:33:b9:bd:f8:dc:83:87:31:d9:a7:cf:
f0:e5:d9:73:74:1a:cc:79:eb:20:7b:9c:8b:5c:be:
11:4c:7d:bf:30:39:85:d6:3b:c0:80:c1:bb:2a:b1:
5d:17:b9:0e:28:1a:34:74:61:0e:87:ad:de:75:6b:
2c:42:f1:7e:e6:dd:41:0d:c0:cf:c7:f9:82:ec:89:
4d:2e:97:1c:92:62:04:86:90:9c:68:36:87:61:fc:
0b:55:1c:6e:92:06:9e:b2:60:9e:7c:31:82:50:97:
1f:50:c1:c7:f6:73:b2:6d:12:84:61:46:19:09:02:
b9:40:ad:73:77:58:e7:56:af:08:d2:d5:36:ea:67:
89:1c:ee:52:3c:85:c3:95:42:49:ea:ce:82:96:70:
55:c2:87:17:cc:38:5e:a9:ad:48:d5:32:19:50:8c:
ae:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C0:F2:74:92:6F:61:59:24:A9:58:D4:19:2E:D5:2F:05:0D:04:70
X509v3 Authority Key Identifier:
keyid:3F:A4:0F:CF:A8:36:BB:0B:5B:3E:12:94:04:CB:31:E8:52:50:B0:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P6QPz6g2uwtbPhKUBMsx6FJQsB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/yMDydJJvYVkkqVjUGS7VLwUNBHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/P6QPz6g2uwtbPhKUBMsx6FJQsB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.68.0/22
62.204.0.0/19
89.236.64.0/18
213.185.32.0/19
217.112.240.0/20
IPv6:
2001:40e8::/32
Signature Algorithm: sha256WithRSAEncryption
23:4f:59:21:ff:8e:28:42:8b:c5:5c:50:38:2f:f4:6c:79:54:
73:22:4a:b7:9f:a1:cd:13:31:69:c8:12:ca:1e:5f:96:6d:ec:
db:19:f1:0c:a6:99:f4:d6:b9:45:5e:8e:2f:88:bf:c9:c4:f5:
0a:71:dc:3c:a2:2b:dd:c3:8a:9e:24:29:c7:48:1b:b8:40:3b:
39:c0:7c:e7:3d:98:38:bc:ac:9d:0d:01:86:30:e7:b0:0c:a5:
e8:f6:bf:2a:b2:a9:da:bd:3e:f9:a3:2e:63:08:cf:fd:a0:55:
77:21:9d:c4:f2:65:ab:7c:2b:0c:1f:89:af:47:19:34:cc:77:
eb:91:b8:cb:af:88:d6:92:8d:2b:69:31:d7:96:08:2a:57:62:
2f:ef:ea:00:6c:ea:09:03:f7:5f:20:4b:e4:10:49:12:ea:58:
7f:1c:79:cb:35:d5:60:d5:e7:c9:b6:e7:6f:4e:a5:a7:45:67:
7f:bd:c0:1f:db:47:0b:a7:b3:03:24:e6:cf:a0:4f:ba:b2:05:
31:93:45:83:55:74:ac:c9:21:77:21:b6:8e:16:3e:8f:08:15:
84:ff:c0:b1:36:28:6b:34:c8:32:89:42:01:a4:1d:f6:02:78:
74:96:45:70:e3:36:8c:43:49:ea:7a:d5:8e:bb:8c:c3:64:39:
91:5c:ed:9e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYKNfHu1g1ouqmtpH2Y3VAIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmYTQwZmNmYTgzNmJiMGI1YjNlMTI5NDA0Y2IzMWU4NTI1
MGIwMWYwHhcNMjIwODExMTUxODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGMwZjI3NDkyNmY2MTU5MjRhOTU4ZDQxOTJlZDUyZjA1MGQwNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeI1Tsyqm4v7u4YEQcsmgg8WyJIp
qb2QEVPDnXZLmW5MvzAiR9qgYFSBvWZ/CWLs2CkjrF18AH1qvs3puq+iXB0hj+Xc
MGFAHIvf9sB0wvZng4s9+moycjB5geOOM7m9+NyDhzHZp8/w5dlzdBrMeesge5yL
XL4RTH2/MDmF1jvAgMG7KrFdF7kOKBo0dGEOh63edWssQvF+5t1BDcDPx/mC7IlN
LpcckmIEhpCcaDaHYfwLVRxukgaesmCefDGCUJcfUMHH9nOybRKEYUYZCQK5QK1z
d1jnVq8I0tU26meJHO5SPIXDlUJJ6s6ClnBVwocXzDheqa1I1TIZUIyuZQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMjA8nSSb2FZJKlY1Bku1S8FDQRwMB8GA1UdIwQY
MBaAFD+kD8+oNrsLWz4SlATLMehSULAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDZRUHo2ZzJ1d3RiUGhLVUJNc3g2RkpRc0I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9lMjEwYjktN2EzZi00MTBiLWJhNTYt
MDcyNDA4OTI4OWJiLzEveU1EeWRKSnZZVmtrcVZqVUdTN1ZMd1VOQkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9lMjEwYjktN2EzZi00MTBiLWJhNTYtMDcyNDA4OTI4OWJi
LzEvUDZRUHo2ZzJ1d3RiUGhLVUJNc3g2RkpRc0I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLZpEAwQF
PswAAwQGWexAAwQF1bkgAwQE2XDwMA0EAgACMAcDBQAgAUDoMA0GCSqGSIb3DQEB
CwUAA4IBAQAjT1kh/44oQovFXFA4L/RseVRzIkq3n6HNEzFpyBLKHl+WbezbGfEM
ppn01rlFXo4viL/JxPUKcdw8oivdw4qeJCnHSBu4QDs5wHznPZg4vKydDQGGMOew
DKXo9r8qsqnavT75oy5jCM/9oFV3IZ3E8mWrfCsMH4mvRxk0zHfrkbjLr4jWko0r
aTHXlggqV2Iv7+oAbOoJA/dfIEvkEEkS6lh/HHnLNdVg1efJtudvTqWnRWd/vcAf
20cLp7MDJObPoE+6sgUxk0WDVXSsySF3IbaOFj6PCBWE/8CxNihrNMgyiUIBpB32
Anh0lkVw4zaMQ0nqetWOu4zDZDmRXO2e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:16 2024 by rpki-client on console-ams.rpki-client.org