Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/YqQj0nsVi54OV4HdVNacDwTbHV4.roa
File: YqQj0nsVi54OV4HdVNacDwTbHV4.roa (raw, json)
Hash identifier: Tya4t5hC5d+bqr91AXr0ZTENykbuAPUgEQrnji1o91o=
Subject key identifier: 62:A4:23:D2:7B:15:8B:9E:0E:57:81:DD:54:D6:9C:0F:04:DB:1D:5E
Certificate issuer: /CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Certificate serial: EFF9D8
Authority key identifier: 88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/YqQj0nsVi54OV4HdVNacDwTbHV4.roa
Signing time: Sat 01 Jan 2022 03:56:31 +0000
ROA not before: Sat 01 Jan 2022 03:56:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47704
IP address blocks: 185.60.120.0/24 maxlen: 24
185.60.120.0/23 maxlen: 23
185.60.123.0/24 maxlen: 24
185.60.122.0/23 maxlen: 23
185.60.122.0/24 maxlen: 24
185.60.121.0/24 maxlen: 24
185.96.200.0/22 maxlen: 22
2a04:e840::/29 maxlen: 29
2a06:140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15727064 (0xeff9d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Validity
Not Before: Jan 1 03:56:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62a423d27b158b9e0e5781dd54d69c0f04db1d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:91:7f:13:57:a8:de:fb:72:8e:5b:46:e2:
21:09:b6:65:b2:ee:c4:0a:e0:d9:12:97:5d:ff:84:
e5:cb:1e:e5:b2:a1:fc:38:c1:54:b6:3b:cb:c8:26:
aa:38:8d:bb:e9:ef:88:32:fe:43:70:ef:fb:55:59:
b2:ca:7a:88:42:e3:76:52:ee:45:34:ee:66:03:d8:
a3:68:32:19:87:d0:43:72:4d:85:77:31:86:09:78:
d4:7c:4a:26:0b:6e:f6:47:dd:b6:e2:6f:93:42:f0:
5a:82:d1:23:48:f4:c3:9d:58:ef:fc:51:59:33:63:
0c:6f:19:12:6a:51:21:ef:3a:8b:80:98:80:b2:54:
fc:2b:87:e0:51:72:ac:5f:c0:e0:67:3e:5f:6c:5c:
1f:06:53:49:b1:cf:c6:e6:cc:45:8a:6b:78:42:3a:
f9:c0:b7:a1:58:ee:d4:b5:b7:95:57:e1:5f:9d:af:
8c:85:16:f2:a3:79:31:63:cf:1c:9d:d2:54:66:78:
e4:19:8a:a8:45:05:8e:0e:29:75:a1:90:67:2d:24:
f0:fd:91:e6:ba:0a:86:51:9e:32:7b:d6:a6:bb:d4:
46:fd:d4:81:56:5c:eb:c8:85:10:bb:bd:2d:f7:95:
f4:ec:5d:88:db:6b:09:9a:88:42:2a:87:22:53:6a:
89:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A4:23:D2:7B:15:8B:9E:0E:57:81:DD:54:D6:9C:0F:04:DB:1D:5E
X509v3 Authority Key Identifier:
keyid:88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/YqQj0nsVi54OV4HdVNacDwTbHV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.120.0/22
185.96.200.0/22
IPv6:
2a04:e840::/29
2a06:140::/29
Signature Algorithm: sha256WithRSAEncryption
06:d3:0d:6d:5a:9b:36:c6:0f:50:95:34:93:f8:f8:a9:49:62:
9d:2d:67:cb:df:90:77:c5:4a:66:fb:1e:c8:d5:72:17:78:6e:
60:d4:68:04:c0:51:90:a6:3a:6e:e5:3d:d1:22:fb:77:5a:73:
7f:a3:9a:67:0b:f2:1e:24:0b:2e:71:65:f2:10:ea:1f:7b:6a:
75:b7:54:dd:dd:f6:13:9d:17:c9:68:b4:2c:fe:e5:59:6f:30:
08:6b:c2:33:09:71:f7:3c:8f:26:63:e2:1f:68:ac:a0:38:3d:
ac:94:34:bf:88:36:39:b9:39:db:94:62:a7:85:9b:85:8a:f8:
5d:b4:dc:b7:7d:3f:de:93:a7:76:1b:61:d3:3b:57:2d:b5:bf:
a5:87:c5:12:59:5b:ac:00:df:30:5b:f5:23:44:0a:e6:bd:33:
34:82:c9:a6:27:97:ab:dc:e2:a1:0f:5b:97:3f:8c:0c:26:3b:
38:fb:f8:a4:1b:cd:59:ae:89:c7:53:e0:7a:ab:2d:da:54:fd:
00:18:30:f2:7b:13:35:b0:50:b5:d9:e9:ce:10:70:61:b7:2c:
29:06:68:3a:b6:24:88:cd:17:09:b4:24:87:3b:f7:db:ff:3b:
f2:5f:31:ae:23:8f:5a:52:3e:28:ff:87:c4:44:fe:b9:61:a1:
33:15:e3:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEAO/52DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGE1NTlkY2RkNWJjNGI2NmNiMjQ5NmYyZTZmYjBlOGY5NTRhYWViMB4XDTIyMDEw
MTAzNTYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJhNDIzZDI3YjE1
OGI5ZTBlNTc4MWRkNTRkNjljMGYwNGRiMWQ1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+QkX8TV6je+3KOW0biIQm2ZbLuxArg2RKXXf+E5cse5bKh
/DjBVLY7y8gmqjiNu+nviDL+Q3Dv+1VZssp6iELjdlLuRTTuZgPYo2gyGYfQQ3JN
hXcxhgl41HxKJgtu9kfdtuJvk0LwWoLRI0j0w51Y7/xRWTNjDG8ZEmpRIe86i4CY
gLJU/CuH4FFyrF/A4Gc+X2xcHwZTSbHPxubMRYpreEI6+cC3oVju1LW3lVfhX52v
jIUW8qN5MWPPHJ3SVGZ45BmKqEUFjg4pdaGQZy0k8P2R5roKhlGeMnvWprvURv3U
gVZc68iFELu9LfeV9OxdiNtrCZqIQiqHIlNqiQUCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRipCPSexWLng5Xgd1U1pwPBNsdXjAfBgNVHSMEGDAWgBSIpVnc3VvEtmyy
SW8ub7Do+VSq6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLVlozTjFieExac3NrbHZMbS13NlBsVXF1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvYTg0Y2QyLTQ1ZDktNDE3OS1hOTk3LTkyMGQyYTYyMDdhNC8x
L1lxUWowbnNWaTU0T1Y0SGRWTmFjRHdUYkhWNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
YTg0Y2QyLTQ1ZDktNDE3OS1hOTk3LTkyMGQyYTYyMDdhNC8xL2lLVlozTjFieExa
c3NrbHZMbS13NlBsVXF1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArk8eAMEArlgyDAUBAIAAjAOAwUD
KgToQAMFAyoGAUAwDQYJKoZIhvcNAQELBQADggEBAAbTDW1amzbGD1CVNJP4+KlJ
Yp0tZ8vfkHfFSmb7HsjVchd4bmDUaATAUZCmOm7lPdEi+3dac3+jmmcL8h4kCy5x
ZfIQ6h97anW3VN3d9hOdF8lotCz+5VlvMAhrwjMJcfc8jyZj4h9orKA4PayUNL+I
Njm5OduUYqeFm4WK+F203Ld9P96Tp3YbYdM7Vy21v6WHxRJZW6wA3zBb9SNECua9
MzSCyaYnl6vc4qEPW5c/jAwmOzj7+KQbzVmuicdT4HqrLdpU/QAYMPJ7EzWwULXZ
6c4QcGG3LCkGaDq2JIjNFwm0JIc799v/O/JfMa4jj1pSPij/h8RE/rlhoTMV4/g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:15 2024 by rpki-client on console-ams.rpki-client.org