Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/y9Dyx4l_dvahQgm8fyXoFrmPsIE.roa
File: y9Dyx4l_dvahQgm8fyXoFrmPsIE.roa (raw, json)
Hash identifier: GNRCSaC7reevj0WpW0ao6Mh2KmHT/VYPEPgy1EbXqrI=
Subject key identifier: CB:D0:F2:C7:89:7F:76:F6:A1:42:09:BC:7F:25:E8:16:B9:8F:B0:81
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 132F5E93
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/y9Dyx4l_dvahQgm8fyXoFrmPsIE.roa
Signing time: Sat 01 Jan 2022 04:03:00 +0000
ROA not before: Sat 01 Jan 2022 04:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53850
IP address blocks: 185.217.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321871507 (0x132f5e93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 1 04:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbd0f2c7897f76f6a14209bc7f25e816b98fb081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:50:3b:36:49:05:93:37:6d:9e:19:35:96:9a:
fe:f4:8f:a0:97:f0:80:03:6d:51:0c:f4:ed:6c:8b:
28:fb:b1:eb:ba:61:c9:ad:20:1e:b4:4e:c6:2f:eb:
fc:b7:96:fb:8a:de:84:70:df:20:0d:74:6d:64:2e:
cc:0d:e3:f4:ba:aa:ca:38:87:30:3d:fa:d9:85:92:
6a:10:fe:48:eb:2b:a5:77:47:8e:77:dc:2e:22:93:
93:39:73:5d:4d:9b:62:60:19:51:0f:7f:b4:6e:4c:
54:bb:50:05:77:00:97:c8:e0:6a:d2:88:19:c5:9b:
32:85:b6:ce:09:7e:4c:2e:92:5e:f6:aa:01:31:cf:
43:d9:24:09:ab:e5:9b:e4:84:8d:d9:2a:97:c0:d7:
b6:53:95:03:94:94:c1:d7:ec:d2:c0:36:19:bd:7a:
0a:9b:66:6c:b4:ef:85:7c:37:2e:ac:96:6a:8a:35:
6a:5f:7c:a2:27:c0:43:51:0d:44:af:84:54:eb:fe:
3b:f8:a5:14:d6:c5:27:8c:1e:85:a8:09:19:24:85:
4b:d7:0b:04:bd:ee:63:d8:00:67:aa:f0:e6:5f:1d:
d0:86:0c:94:ea:7d:30:7c:3c:f9:96:6c:d7:ec:f4:
0b:3a:39:36:83:bf:20:d7:0b:a9:82:68:52:3c:c1:
78:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D0:F2:C7:89:7F:76:F6:A1:42:09:BC:7F:25:E8:16:B9:8F:B0:81
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/y9Dyx4l_dvahQgm8fyXoFrmPsIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.108.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:02:a1:1d:e6:4d:17:11:1d:fd:91:f7:c4:fb:0e:27:98:c4:
ac:d0:c0:79:ed:92:51:3f:73:f0:11:63:54:e4:91:7b:73:a2:
16:e7:b9:77:5b:ee:2a:97:96:d7:75:92:3f:47:1a:f1:75:63:
dc:ce:d5:9d:96:99:16:ce:2a:1f:e9:e1:15:75:cd:38:50:d8:
8c:48:c3:a5:9f:2d:56:e8:3a:a3:5e:a8:28:d0:3f:74:c2:e7:
be:8b:5e:ca:2e:54:b1:2d:c0:4d:a2:c1:ea:84:df:a4:1b:26:
92:6a:f6:b3:65:2e:bb:b1:9a:8c:09:30:ec:ac:9d:57:fe:1d:
3a:6b:9c:d5:74:ce:de:14:68:38:7d:71:42:1e:83:06:55:66:
50:50:15:dc:6b:a5:99:74:cc:fc:cb:fa:0d:68:eb:88:5d:04:
1f:2f:3d:82:33:5c:b5:37:2b:fe:df:b3:74:05:7b:ae:28:c3:
2d:20:7f:c1:88:ee:a6:d4:1d:b3:be:2a:41:5b:98:a8:c0:ef:
12:0c:c6:24:cd:ee:20:3f:48:1c:e4:b8:1b:ed:db:1c:d1:f0:
c0:a0:9f:67:94:2d:25:61:9a:d7:f1:06:1f:af:0a:b6:d1:f9:
8f:42:75:9e:61:72:79:05:a1:ac:4c:9b:78:3c:4f:81:bf:69:
61:15:dc:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEy9ekzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDEw
MTA0MDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JkMGYyYzc4OTdm
NzZmNmExNDIwOWJjN2YyNWU4MTZiOThmYjA4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRQOzZJBZM3bZ4ZNZaa/vSPoJfwgANtUQz07WyLKPux67ph
ya0gHrROxi/r/LeW+4rehHDfIA10bWQuzA3j9LqqyjiHMD362YWSahD+SOsrpXdH
jnfcLiKTkzlzXU2bYmAZUQ9/tG5MVLtQBXcAl8jgatKIGcWbMoW2zgl+TC6SXvaq
ATHPQ9kkCavlm+SEjdkql8DXtlOVA5SUwdfs0sA2Gb16CptmbLTvhXw3LqyWaoo1
al98oifAQ1ENRK+EVOv+O/ilFNbFJ4wehagJGSSFS9cLBL3uY9gAZ6rw5l8d0IYM
lOp9MHw8+ZZs1+z0Czo5NoO/INcLqYJoUjzBeP8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTL0PLHiX929qFCCbx/JegWuY+wgTAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L3k5RHl4NGxfZHZhaFFnbThmeVhvRnJtUHNJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnZbDANBgkqhkiG9w0BAQsFAAOC
AQEAxwKhHeZNFxEd/ZH3xPsOJ5jErNDAee2SUT9z8BFjVOSRe3OiFue5d1vuKpeW
13WSP0ca8XVj3M7VnZaZFs4qH+nhFXXNOFDYjEjDpZ8tVug6o16oKNA/dMLnvote
yi5UsS3ATaLB6oTfpBsmkmr2s2Uuu7GajAkw7KydV/4dOmuc1XTO3hRoOH1xQh6D
BlVmUFAV3GulmXTM/Mv6DWjriF0EHy89gjNctTcr/t+zdAV7rijDLSB/wYjuptQd
s74qQVuYqMDvEgzGJM3uID9IHOS4G+3bHNHwwKCfZ5QtJWGa1/EGH68KttH5j0J1
nmFyeQWhrEybeDxPgb9pYRXcVw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:25 2023 by rpki-client on console-ams.rpki-client.org