Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/JYt-Sab1Gsxf_9XLC53COZLRRL8.roa
File: JYt-Sab1Gsxf_9XLC53COZLRRL8.roa (raw, json)
Hash identifier: cXTRSNpgc3q9HWI+OPwL8d6F3nKDJASFobmMJ7R5bgM=
Subject key identifier: 25:8B:7E:49:A6:F5:1A:CC:5F:FF:D5:CB:0B:9D:C2:39:92:D1:44:BF
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018452AEFC932FBC3F1A611DC847684F6F32
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/JYt-Sab1Gsxf_9XLC53COZLRRL8.roa
Signing time: Mon 07 Nov 2022 15:21:50 +0000
ROA not before: Mon 07 Nov 2022 15:21:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52035
IP address blocks: 148.222.240.0/21 maxlen: 21
158.41.24.0/21 maxlen: 24
185.179.216.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:ae:fc:93:2f:bc:3f:1a:61:1d:c8:47:68:4f:6f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Nov 7 15:21:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=258b7e49a6f51acc5fffd5cb0b9dc23992d144bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:77:18:7c:2c:38:55:fa:3c:71:16:63:ca:f3:
3d:86:4f:ed:f7:62:4f:2e:d6:cd:17:d0:45:5d:50:
aa:8b:52:1a:92:34:e1:2f:35:0c:ac:ae:7c:e8:b5:
7e:e4:0c:e4:b3:3a:cb:c2:c1:c4:d8:08:69:68:b2:
0a:df:d7:67:86:d5:71:00:a7:b8:d0:4c:5c:20:d3:
4c:1c:29:49:b9:e0:d7:47:34:06:9b:7e:62:de:7a:
c4:ea:2c:da:02:54:e7:ee:12:aa:5d:2a:3d:bf:6e:
cb:a6:98:50:21:42:06:e6:a8:59:5d:9e:22:70:41:
10:a8:15:78:66:fa:ed:d1:2a:cc:b7:3f:f7:fe:75:
de:00:29:cf:d6:2d:f9:ca:50:a0:02:65:b8:96:83:
0a:cc:b3:fa:05:59:51:ce:6b:89:fe:79:54:13:d9:
e9:80:fe:58:8b:83:ef:0b:3b:7f:b9:eb:01:35:cb:
e4:a5:35:17:4f:6d:37:81:5c:ba:5f:0a:fa:33:af:
d4:7d:d2:72:94:f1:a7:3a:cc:0f:e3:85:0f:77:12:
c7:2d:80:b7:79:23:e4:a8:db:d5:40:35:e0:48:b2:
d5:13:e8:70:02:79:d2:22:09:39:b0:7a:52:bc:06:
70:1a:0c:bb:4c:7a:58:98:d5:9f:38:55:25:da:ea:
0c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:8B:7E:49:A6:F5:1A:CC:5F:FF:D5:CB:0B:9D:C2:39:92:D1:44:BF
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/JYt-Sab1Gsxf_9XLC53COZLRRL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.222.240.0/21
158.41.24.0/21
185.179.216.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:09:85:59:e0:9b:90:87:56:eb:3d:64:12:75:cf:18:f7:99:
90:7d:15:ed:ad:9a:c2:8e:0b:06:de:73:f1:04:59:4e:5c:22:
c4:f9:ad:40:40:96:be:6b:55:63:77:e5:cd:35:12:87:22:fb:
89:6d:ef:61:2b:b0:b3:1e:11:6e:b0:be:93:07:05:af:63:3a:
8f:9d:4c:1b:fe:83:74:6f:2f:eb:6a:6b:fd:35:9d:e7:4e:7e:
c0:f2:18:5c:7a:21:de:39:a8:cb:09:5e:98:67:b4:f9:4b:5f:
b1:9a:46:8b:86:f9:77:57:cb:72:60:87:7b:68:0a:cf:a7:d7:
1e:44:d2:26:d2:65:e1:a1:7d:b9:ce:42:ae:ce:e6:77:3e:cf:
f3:92:89:e1:24:7c:6f:ea:55:83:c7:fe:80:5a:7e:78:ae:52:
93:70:d2:65:f4:44:b1:2b:3c:ae:5b:c9:aa:f7:36:58:9b:d1:
b5:9a:89:bc:32:c0:be:10:27:07:36:01:83:71:90:cd:d3:1a:
53:57:24:14:00:dc:a7:3a:ba:e3:4c:5b:75:b7:81:e6:5f:9d:
0a:8b:d4:6b:a3:1a:f4:08:94:d4:a3:52:f6:35:aa:4a:96:01:
a7:48:b4:4f:79:55:24:6e:bd:ba:5e:bc:75:3a:92:56:dd:09:
93:1e:10:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRSrvyTL7w/GmEdyEdoT28yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjIxMTA3MTUyMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNThiN2U0OWE2ZjUxYWNjNWZmZmQ1Y2IwYjlkYzIzOTkyZDE0NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXcYfCw4Vfo8cRZjyvM9hk/t92JP
LtbNF9BFXVCqi1IakjThLzUMrK586LV+5AzkszrLwsHE2AhpaLIK39dnhtVxAKe4
0ExcINNMHClJueDXRzQGm35i3nrE6izaAlTn7hKqXSo9v27LpphQIUIG5qhZXZ4i
cEEQqBV4Zvrt0SrMtz/3/nXeACnP1i35ylCgAmW4loMKzLP6BVlRzmuJ/nlUE9np
gP5Yi4PvCzt/uesBNcvkpTUXT203gVy6Xwr6M6/UfdJylPGnOswP44UPdxLHLYC3
eSPkqNvVQDXgSLLVE+hwAnnSIgk5sHpSvAZwGgy7THpYmNWfOFUl2uoM5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCWLfkmm9RrMX//VywudwjmS0US/MB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvSll0LVNhYjFHc3hmXzlYTEM1M0NPWkxSUkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDlN7wAwQD
nikYAwQBubPYMA0GCSqGSIb3DQEBCwUAA4IBAQCkCYVZ4JuQh1brPWQSdc8Y95mQ
fRXtrZrCjgsG3nPxBFlOXCLE+a1AQJa+a1Vjd+XNNRKHIvuJbe9hK7CzHhFusL6T
BwWvYzqPnUwb/oN0by/ramv9NZ3nTn7A8hhceiHeOajLCV6YZ7T5S1+xmkaLhvl3
V8tyYId7aArPp9ceRNIm0mXhoX25zkKuzuZ3Ps/zkonhJHxv6lWDx/6AWn54rlKT
cNJl9ESxKzyuW8mq9zZYm9G1mom8MsC+ECcHNgGDcZDN0xpTVyQUANynOrrjTFt1
t4HmX50Ki9Rroxr0CJTUo1L2NapKlgGnSLRPeVUkbr26Xrx1OpJW3QmTHhDE
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:16 2023 by rpki-client on console-ams.rpki-client.org