Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/tYXi94Q1DXRWCmiKb9Cg6v42TzY.roa
File: tYXi94Q1DXRWCmiKb9Cg6v42TzY.roa (raw, json)
Hash identifier: yvZa2yd3Z3Tv8CRaUXZySijnd1M53fcFCi0Oa94Oytc=
Subject key identifier: B5:85:E2:F7:84:35:0D:74:56:0A:68:8A:6F:D0:A0:EA:FE:36:4F:36
Certificate issuer: /CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Certificate serial: 01852FFE7F23F18F82276049A8E12476684B
Authority key identifier: 7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/tYXi94Q1DXRWCmiKb9Cg6v42TzY.roa
Signing time: Tue 20 Dec 2022 14:44:45 +0000
ROA not before: Tue 20 Dec 2022 14:44:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58193
IP address blocks: 185.154.86.0/24 maxlen: 24
178.251.124.0/24 maxlen: 24
178.251.125.0/24 maxlen: 24
2a02:fae0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:fe:7f:23:f1:8f:82:27:60:49:a8:e1:24:76:68:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Validity
Not Before: Dec 20 14:44:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b585e2f784350d74560a688a6fd0a0eafe364f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:51:e7:b0:f9:51:a4:82:23:40:d1:10:01:fb:
34:0b:d8:62:f3:e5:7a:a3:f0:31:8f:b1:ce:dd:27:
ed:e9:40:29:6e:fb:1b:43:fb:36:1b:d5:bb:8f:03:
b8:92:e6:35:aa:a2:6a:de:ca:d3:53:e6:aa:94:ae:
a5:f3:47:2e:67:7d:67:53:1d:b4:e4:91:d0:fd:06:
01:e1:48:23:e7:f4:c7:1c:97:ce:b3:7b:f4:7b:38:
8c:a3:06:fc:63:84:6b:1a:89:07:e9:e2:d6:05:67:
47:64:54:9e:85:09:11:f2:b0:ed:67:ed:6c:20:fc:
a9:d9:40:25:6a:c9:b7:3e:dc:1a:12:3b:fb:0c:68:
66:66:d4:27:41:84:c3:84:f8:26:7a:af:86:03:f7:
b5:c3:d4:3a:67:11:7b:f3:7f:1d:a0:d8:04:96:5c:
28:f7:b5:64:05:d5:43:89:b4:31:31:1a:94:83:40:
25:18:ef:c9:c2:60:7b:92:76:f0:95:37:af:cb:a6:
c3:8f:8c:52:5e:95:44:f3:e4:12:08:0a:cb:fe:8c:
4c:17:77:d1:71:54:db:c3:f7:cf:d3:1e:5d:5b:85:
8a:f8:03:2f:83:38:c3:70:c1:e3:ad:55:94:47:5b:
44:df:a8:10:6d:8f:94:5f:e1:06:1a:cf:57:59:b2:
0d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:85:E2:F7:84:35:0D:74:56:0A:68:8A:6F:D0:A0:EA:FE:36:4F:36
X509v3 Authority Key Identifier:
keyid:7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/tYXi94Q1DXRWCmiKb9Cg6v42TzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.124.0/23
185.154.86.0/24
IPv6:
2a02:fae0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:33:b0:20:f3:6e:1a:6f:c6:23:11:90:26:60:f0:2a:94:61:
3d:08:33:02:e8:d3:b1:48:0a:42:4e:d7:67:85:1b:28:95:81:
50:26:24:cd:78:d1:7c:4b:00:9e:aa:38:e9:30:d3:e9:3a:a1:
d1:23:47:5a:09:bf:bb:9e:51:cd:60:8e:61:b6:4a:82:f3:d0:
af:45:18:37:fb:1d:f5:27:a6:70:c6:f8:1d:e7:5a:6e:db:56:
a2:34:c3:45:65:7f:44:20:b0:58:b6:b6:61:d0:7d:d2:23:76:
18:e9:31:01:c2:70:5a:c0:2b:02:2f:45:c1:af:56:45:6c:ea:
7f:7c:35:70:08:fc:66:6c:26:54:53:0b:bd:05:fd:98:a5:af:
5d:3b:4e:d7:1d:54:43:bd:34:c4:e4:36:ac:17:46:7b:d9:72:
65:a6:5e:35:d3:90:00:24:b4:f6:dc:b8:ba:ff:e8:8a:17:d0:
f8:9f:5b:1e:28:d7:ed:35:ab:e5:48:53:0e:93:3c:93:cb:32:
28:ba:a0:d5:6a:c0:b0:4c:ac:4b:7c:b8:5a:00:22:61:d9:15:
f6:b2:6e:50:4e:94:cb:63:2d:f7:91:7c:a5:68:61:89:46:70:
6f:67:1d:94:96:cb:31:29:07:fe:28:6f:9e:f4:ca:69:5c:24:
30:b3:98:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUv/n8j8Y+CJ2BJqOEkdmhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmExMzViMjA3MmRmY2M0ZWYzYjU0MWMxMzZiYzgwMDFl
ZjQzMDcwHhcNMjIxMjIwMTQ0NDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg1ZTJmNzg0MzUwZDc0NTYwYTY4OGE2ZmQwYTBlYWZlMzY0ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFHnsPlRpIIjQNEQAfs0C9hi8+V6
o/Axj7HO3Sft6UApbvsbQ/s2G9W7jwO4kuY1qqJq3srTU+aqlK6l80cuZ31nUx20
5JHQ/QYB4Ugj5/THHJfOs3v0eziMowb8Y4RrGokH6eLWBWdHZFSehQkR8rDtZ+1s
IPyp2UAlasm3PtwaEjv7DGhmZtQnQYTDhPgmeq+GA/e1w9Q6ZxF7838doNgEllwo
97VkBdVDibQxMRqUg0AlGO/JwmB7knbwlTevy6bDj4xSXpVE8+QSCArL/oxMF3fR
cVTbw/fP0x5dW4WK+AMvgzjDcMHjrVWUR1tE36gQbY+UX+EGGs9XWbINGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLWF4veENQ10Vgpoim/QoOr+Nk82MB8GA1UdIwQY
MBaAFHr6E1sgct/MTvO1QcE2vIAB70MHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQt
ZjVkZWFhOWJmMGY3LzEvdFlYaTk0UTFEWFJXQ21pS2I5Q2c2djQyVHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQtZjVkZWFhOWJmMGY3
LzEvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBsvt8AwQA
uZpWMA0EAgACMAcDBQMqAvrgMA0GCSqGSIb3DQEBCwUAA4IBAQAMM7Ag824ab8Yj
EZAmYPAqlGE9CDMC6NOxSApCTtdnhRsolYFQJiTNeNF8SwCeqjjpMNPpOqHRI0da
Cb+7nlHNYI5htkqC89CvRRg3+x31J6Zwxvgd51pu21aiNMNFZX9EILBYtrZh0H3S
I3YY6TEBwnBawCsCL0XBr1ZFbOp/fDVwCPxmbCZUUwu9Bf2Ypa9dO07XHVRDvTTE
5DasF0Z72XJlpl4105AAJLT23Li6/+iKF9D4n1seKNftNavlSFMOkzyTyzIouqDV
asCwTKxLfLhaACJh2RX2sm5QTpTLYy33kXylaGGJRnBvZx2UlssxKQf+KG+e9Mpp
XCQws5g/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:32 2024 by rpki-client on console-ams.rpki-client.org