Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/yVxSNX0mlTn9zNeHbFL1iRczClk.roa
File: yVxSNX0mlTn9zNeHbFL1iRczClk.roa (raw, json)
Hash identifier: rVPwmOmWwU6Y0d0fIl7s8JGY+dDTAmGXxIT65C9xjxM=
Subject key identifier: C9:5C:52:35:7D:26:95:39:FD:CC:D7:87:6C:52:F5:89:17:33:0A:59
Certificate issuer: /CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Certificate serial: 01849F93382F807996FE9B3A7BC51A0AA0CC
Authority key identifier: 7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/yVxSNX0mlTn9zNeHbFL1iRczClk.roa
Signing time: Tue 22 Nov 2022 13:42:16 +0000
ROA not before: Tue 22 Nov 2022 13:42:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58193
IP address blocks: 185.154.86.0/24 maxlen: 24
2a02:fae0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:93:38:2f:80:79:96:fe:9b:3a:7b:c5:1a:0a:a0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Validity
Not Before: Nov 22 13:42:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c95c52357d269539fdccd7876c52f58917330a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:58:d1:88:2e:42:78:2b:26:5a:98:d0:1a:98:
0f:79:cb:f5:3a:ae:7f:fd:ea:bd:b8:4a:40:cd:09:
1b:5b:c9:14:09:9d:41:d9:7b:32:08:af:b1:90:37:
5f:b1:ef:0f:ae:28:da:27:b3:f3:ec:d5:f0:d4:dc:
50:3f:56:be:ad:ad:b1:5e:55:bb:2b:6b:42:63:c4:
54:9e:b7:14:50:b8:0c:d8:b4:5d:9d:f4:75:cc:28:
5a:1e:be:68:ed:a1:c7:d2:d2:38:02:82:7b:46:d9:
25:6d:cd:33:c2:61:19:08:00:40:cf:64:0e:c8:27:
be:60:14:3a:44:04:9e:1b:3d:71:41:a0:44:4f:1e:
b7:8b:38:24:6a:d8:72:a7:a9:fa:45:0b:9a:fb:3c:
ee:a5:5c:43:15:3f:63:a1:2c:f1:d6:39:f8:d5:a3:
fe:3d:f6:60:c3:ba:11:22:8a:dd:d9:df:70:6a:ff:
07:33:f0:18:1d:91:fe:8b:29:fd:68:a6:4a:c3:15:
a6:da:85:e0:4a:7c:a4:42:fd:fd:4f:3d:38:26:79:
61:4d:84:6d:c8:7a:1c:55:ec:d3:3d:a4:f6:0d:7e:
3c:86:0f:bd:fa:f0:0c:52:6b:ad:a6:2f:af:80:12:
d7:f0:ed:ef:f4:a7:6e:0c:ac:ff:42:9d:0e:fa:39:
7c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5C:52:35:7D:26:95:39:FD:CC:D7:87:6C:52:F5:89:17:33:0A:59
X509v3 Authority Key Identifier:
keyid:7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/yVxSNX0mlTn9zNeHbFL1iRczClk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.86.0/24
IPv6:
2a02:fae0::/29
Signature Algorithm: sha256WithRSAEncryption
90:49:0b:ee:3d:ff:b8:5c:37:31:38:33:63:65:5b:e0:ea:8e:
c1:18:96:f9:4e:8b:2b:90:b6:30:5a:ca:b9:c5:7c:a2:3c:48:
82:f7:52:c5:51:40:46:8c:4b:bd:66:82:b9:c3:a7:57:95:3c:
60:83:bc:56:08:0e:fe:53:8f:43:be:10:88:35:b3:dc:b0:fb:
8f:c2:5e:30:13:ea:f7:74:8e:3a:c9:00:c0:b6:84:b6:e6:00:
7f:73:a7:ba:91:56:fe:a7:64:5a:0e:58:5d:ab:07:54:d2:61:
da:34:cb:f6:85:bd:8a:3f:e3:28:37:b3:25:dd:1c:ff:04:8e:
ba:b8:e1:f7:5f:83:21:25:bb:6b:15:52:72:05:4f:fb:25:1c:
94:61:94:57:64:da:fb:46:76:4c:48:44:1e:f5:a8:9e:25:ce:
42:50:77:43:1a:06:9e:e8:30:37:82:d7:29:6e:c6:45:cf:9f:
93:72:66:30:03:0a:bd:4b:18:d9:a7:e3:47:d2:43:a1:96:c5:
62:18:97:a7:03:3a:cb:ee:05:95:2c:b6:e6:e2:70:5b:36:bb:
00:d1:b3:62:a9:fd:ec:30:2d:dc:3c:60:97:c5:9a:b0:dd:20:
55:52:74:79:5a:40:31:fe:54:59:ed:95:77:98:66:4d:41:dd:
c6:ee:94:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSfkzgvgHmW/ps6e8UaCqDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmExMzViMjA3MmRmY2M0ZWYzYjU0MWMxMzZiYzgwMDFl
ZjQzMDcwHhcNMjIxMTIyMTM0MjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVjNTIzNTdkMjY5NTM5ZmRjY2Q3ODc2YzUyZjU4OTE3MzMwYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVjRiC5CeCsmWpjQGpgPecv1Oq5/
/eq9uEpAzQkbW8kUCZ1B2XsyCK+xkDdfse8PrijaJ7Pz7NXw1NxQP1a+ra2xXlW7
K2tCY8RUnrcUULgM2LRdnfR1zChaHr5o7aHH0tI4AoJ7Rtklbc0zwmEZCABAz2QO
yCe+YBQ6RASeGz1xQaBETx63izgkathyp6n6RQua+zzupVxDFT9joSzx1jn41aP+
PfZgw7oRIord2d9wav8HM/AYHZH+iyn9aKZKwxWm2oXgSnykQv39Tz04JnlhTYRt
yHocVezTPaT2DX48hg+9+vAMUmutpi+vgBLX8O3v9KduDKz/Qp0O+jl81QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlcUjV9JpU5/czXh2xS9YkXMwpZMB8GA1UdIwQY
MBaAFHr6E1sgct/MTvO1QcE2vIAB70MHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQt
ZjVkZWFhOWJmMGY3LzEveVZ4U05YMG1sVG45ek5lSGJGTDFpUmN6Q2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQtZjVkZWFhOWJmMGY3
LzEvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZpWMA0E
AgACMAcDBQMqAvrgMA0GCSqGSIb3DQEBCwUAA4IBAQCQSQvuPf+4XDcxODNjZVvg
6o7BGJb5TosrkLYwWsq5xXyiPEiC91LFUUBGjEu9ZoK5w6dXlTxgg7xWCA7+U49D
vhCINbPcsPuPwl4wE+r3dI46yQDAtoS25gB/c6e6kVb+p2RaDlhdqwdU0mHaNMv2
hb2KP+MoN7Ml3Rz/BI66uOH3X4MhJbtrFVJyBU/7JRyUYZRXZNr7RnZMSEQe9aie
Jc5CUHdDGgae6DA3gtcpbsZFz5+TcmYwAwq9SxjZp+NH0kOhlsViGJenAzrL7gWV
LLbm4nBbNrsA0bNiqf3sMC3cPGCXxZqw3SBVUnR5WkAx/lRZ7ZV3mGZNQd3G7pRt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:14 2023 by rpki-client on console-ams.rpki-client.org