Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/Yq8MGzDdpAPJr3Z6n-trh9cK9GE.roa
File: Yq8MGzDdpAPJr3Z6n-trh9cK9GE.roa (raw, json)
Hash identifier: vV3NFzPucNKy/RBSCuLsTJL54PyfvbYK0SmegahK47w=
Subject key identifier: 62:AF:0C:1B:30:DD:A4:03:C9:AF:76:7A:9F:EB:6B:87:D7:0A:F4:61
Certificate issuer: /CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Certificate serial: 0731C059
Authority key identifier: 2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/Yq8MGzDdpAPJr3Z6n-trh9cK9GE.roa
Signing time: Sat 01 Jan 2022 07:03:22 +0000
ROA not before: Sat 01 Jan 2022 07:03:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50326
IP address blocks: 45.158.176.0/22 maxlen: 22
195.191.28.0/23 maxlen: 24
185.101.240.0/22 maxlen: 22
185.227.220.0/22 maxlen: 22
2a0c:ce00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120701017 (0x731c059)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Validity
Not Before: Jan 1 07:03:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62af0c1b30dda403c9af767a9feb6b87d70af461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:1c:37:f9:ea:0e:e6:2e:f8:01:6f:3d:04:
9b:d5:cc:24:1c:52:fe:25:da:71:36:e3:d2:fd:d1:
dd:65:1c:9a:b2:88:5a:73:4d:26:91:0b:17:ee:cd:
0e:48:4e:91:3a:b6:8b:c2:d4:0b:eb:7a:24:c9:3b:
bd:1a:fc:41:95:88:cc:93:94:8f:e8:b3:13:78:43:
87:08:a0:26:17:c1:e6:04:fd:6d:02:8f:47:d4:9e:
a5:12:08:49:b3:1e:63:b0:6d:d0:37:7f:60:8e:a5:
74:97:2c:4f:a6:7c:40:33:38:eb:2a:d2:6e:da:58:
93:7d:da:59:c7:f0:8a:c1:c0:3b:01:74:28:09:08:
8e:07:00:d1:0b:39:dd:60:81:29:e8:f7:d7:56:47:
e7:14:b1:f3:b1:81:ad:f1:1d:ee:a7:ee:f4:88:7c:
ea:10:4c:28:4f:a1:40:7c:87:8a:27:0b:f9:92:7f:
26:2a:c5:06:5e:41:5e:34:09:43:45:c5:04:31:cc:
8e:99:a8:ac:98:cf:39:76:65:62:1c:f8:66:27:67:
8f:36:ed:66:15:b9:3b:23:f0:83:e9:b7:3b:4d:ae:
96:da:df:d9:92:74:37:e6:50:d2:b9:de:0b:32:21:
ca:f1:cf:cc:e9:4c:f7:c3:19:85:cb:64:a5:26:fb:
0a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AF:0C:1B:30:DD:A4:03:C9:AF:76:7A:9F:EB:6B:87:D7:0A:F4:61
X509v3 Authority Key Identifier:
keyid:2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/Yq8MGzDdpAPJr3Z6n-trh9cK9GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.176.0/22
185.101.240.0/22
185.227.220.0/22
195.191.28.0/23
IPv6:
2a0c:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
41:b8:a5:c7:93:de:a3:b6:31:f4:e0:e0:bf:28:81:91:5a:7d:
87:90:cd:1f:df:d6:69:5d:ab:13:f5:95:f9:94:b2:07:0f:14:
4f:20:e7:88:6c:78:49:00:66:6e:8e:33:4c:02:cd:8d:c1:ab:
e1:6e:52:ea:36:10:06:c1:67:de:2f:00:1b:39:48:c7:d1:8d:
46:2b:0e:06:9e:0a:22:62:9c:35:87:49:3c:68:e4:08:8d:a4:
6f:56:86:87:e1:f6:4a:6a:c3:c2:98:6c:ca:28:39:8d:1b:21:
fb:9e:a1:bd:e2:35:27:6d:9b:60:d4:e1:5c:ac:db:15:a6:3c:
7e:4c:84:dd:1b:e3:d5:98:eb:78:fc:27:26:4b:ad:eb:90:37:
0f:56:ec:db:ce:ae:cb:7b:65:0b:43:82:6b:06:b2:d1:4f:5d:
14:4a:ce:d1:ac:29:be:08:5a:25:5a:aa:89:1b:c8:25:a3:2b:
41:42:8d:ab:f7:19:bb:5f:a6:09:38:f0:04:65:45:9b:ea:dc:
a0:75:3e:5d:c1:c0:a0:4a:de:3a:a9:df:28:7d:7b:f7:d4:a6:
50:b3:d1:96:b1:9a:83:4c:b7:bd:47:cc:1f:6c:4b:ca:05:1f:
97:fd:95:57:46:84:c8:68:8f:b1:c3:3e:90:a3:29:31:60:e5:
b3:e9:27:a4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBzHAWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzZkNjYxMjQzNjI4ODBmNWU0YzU0ODUyZjgzNzZkMmI5ZDEzN2Y0MB4XDTIyMDEw
MTA3MDMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJhZjBjMWIzMGRk
YTQwM2M5YWY3NjdhOWZlYjZiODdkNzBhZjQ2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoQHDf56g7mLvgBbz0Em9XMJBxS/iXacTbj0v3R3WUcmrKI
WnNNJpELF+7NDkhOkTq2i8LUC+t6JMk7vRr8QZWIzJOUj+izE3hDhwigJhfB5gT9
bQKPR9SepRIISbMeY7Bt0Dd/YI6ldJcsT6Z8QDM46yrSbtpYk33aWcfwisHAOwF0
KAkIjgcA0Qs53WCBKej311ZH5xSx87GBrfEd7qfu9Ih86hBMKE+hQHyHiicL+ZJ/
JirFBl5BXjQJQ0XFBDHMjpmorJjPOXZlYhz4ZidnjzbtZhW5OyPwg+m3O02ultrf
2ZJ0N+ZQ0rneCzIhyvHPzOlM98MZhctkpSb7CpkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRirwwbMN2kA8mvdnqf62uH1wr0YTAfBgNVHSMEGDAWgBQsbWYSQ2KID15M
VIUvg3bSudE39DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xHMW1Fa05paUE5ZVRGU0ZMNE4yMHJuUk5fUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvNzFmZWExLTM5MTktNDJmNy05ZTAzLWU0MDMwZmExYjA0YS8x
L1lxOE1HekRkcEFQSnIzWjZuLXRyaDljSzlHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
NzFmZWExLTM5MTktNDJmNy05ZTAzLWU0MDMwZmExYjA0YS8xL0xHMW1Fa05paUE5
ZVRGU0ZMNE4yMHJuUk5fUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi2esAMEArll8AMEArnj3AMEAcO/
HDANBAIAAjAHAwUDKgzOADANBgkqhkiG9w0BAQsFAAOCAQEAQbilx5Peo7Yx9ODg
vyiBkVp9h5DNH9/WaV2rE/WV+ZSyBw8UTyDniGx4SQBmbo4zTALNjcGr4W5S6jYQ
BsFn3i8AGzlIx9GNRisOBp4KImKcNYdJPGjkCI2kb1aGh+H2SmrDwphsyig5jRsh
+56hveI1J22bYNThXKzbFaY8fkyE3Rvj1ZjrePwnJkut65A3D1bs286uy3tlC0OC
away0U9dFErO0awpvghaJVqqiRvIJaMrQUKNq/cZu1+mCTjwBGVFm+rcoHU+XcHA
oEreOqnfKH1799SmULPRlrGag0y3vUfMH2xLygUfl/2VV0aEyGiPscM+kKMpMWDl
s+knpA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:12 2025 by rpki-client