Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/1yG9Zd0ah6A9Dd-QIUC10HUqK3o.roa
File: 1yG9Zd0ah6A9Dd-QIUC10HUqK3o.roa (raw, json)
Hash identifier: 0IEcxC2XEx8LZez2pwARlJnZqo0SUCz7asnCxljKlI0=
Subject key identifier: D7:21:BD:65:DD:1A:87:A0:3D:0D:DF:90:21:40:B5:D0:75:2A:2B:7A
Certificate issuer: /CN=85bcb81dcd3f29318f403b8481be44ec1ff5502e
Certificate serial: 08F46423
Authority key identifier: 85:BC:B8:1D:CD:3F:29:31:8F:40:3B:84:81:BE:44:EC:1F:F5:50:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hby4Hc0_KTGPQDuEgb5E7B_1UC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/1yG9Zd0ah6A9Dd-QIUC10HUqK3o.roa
Signing time: Sat 01 Jan 2022 08:57:51 +0000
ROA not before: Sat 01 Jan 2022 08:57:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3190
IP address blocks: 185.90.40.0/22 maxlen: 22
5.11.0.0/21 maxlen: 21
2a00:ebc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150234147 (0x8f46423)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85bcb81dcd3f29318f403b8481be44ec1ff5502e
Validity
Not Before: Jan 1 08:57:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d721bd65dd1a87a03d0ddf902140b5d0752a2b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4a:5e:5c:b8:02:ba:73:d6:c3:e3:c7:d2:85:
b1:9f:30:6f:ce:c7:6f:62:89:e6:bd:ae:02:0b:14:
fc:f9:9e:f7:98:c1:d5:bc:3c:22:81:68:5d:fe:65:
d7:1f:ef:48:44:03:dc:89:48:14:5a:39:98:51:79:
56:28:66:bd:50:02:84:a6:25:4b:91:57:ce:55:6a:
04:9c:a9:49:37:5a:c9:9d:02:d4:5f:35:ae:1e:17:
00:61:ef:b5:eb:b4:5d:57:a6:ca:83:40:e5:4e:b8:
cb:87:1d:39:83:92:fe:ed:fc:bf:3b:e1:b9:c7:58:
a1:8f:8b:21:4a:83:fc:01:aa:d6:2b:e2:6a:7b:7d:
ce:e9:72:0c:d0:92:46:37:09:f3:b1:a0:87:b4:e1:
86:49:fc:61:39:f3:5c:77:c6:05:2b:4c:2b:15:e2:
df:71:26:d2:c5:05:4f:2c:42:a1:27:20:29:b6:c7:
2a:eb:1c:bc:21:3f:23:39:93:4b:8c:7c:0b:b4:94:
3c:50:4b:ea:de:95:fa:b2:90:fa:4c:c5:95:36:11:
1f:cf:fd:b6:a2:c0:81:00:b4:25:05:f1:be:e2:ce:
99:40:ea:3c:2f:d3:57:4a:df:75:26:86:94:43:e3:
05:f8:67:55:12:13:ee:e5:74:99:ef:8a:8e:f9:a3:
20:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:21:BD:65:DD:1A:87:A0:3D:0D:DF:90:21:40:B5:D0:75:2A:2B:7A
X509v3 Authority Key Identifier:
keyid:85:BC:B8:1D:CD:3F:29:31:8F:40:3B:84:81:BE:44:EC:1F:F5:50:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hby4Hc0_KTGPQDuEgb5E7B_1UC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/1yG9Zd0ah6A9Dd-QIUC10HUqK3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/hby4Hc0_KTGPQDuEgb5E7B_1UC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.0.0/21
185.90.40.0/22
IPv6:
2a00:ebc0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:74:f8:02:31:ed:78:6e:ef:03:7b:ea:f5:b7:8d:52:2f:7c:
d1:76:2b:8f:e0:86:25:39:7b:06:f6:6f:12:61:59:81:52:7a:
f3:c9:ab:45:59:87:75:f1:01:0e:a7:76:90:08:1d:81:7a:b3:
d7:b6:04:1c:ef:29:e6:f5:99:77:65:57:4f:5f:73:ac:d4:d5:
7d:a3:83:cd:03:3b:8e:46:80:af:ce:ef:25:7b:f7:31:bf:9c:
db:be:11:be:7c:db:90:af:51:4c:71:1c:74:e5:ca:d5:5b:5a:
97:5d:87:76:6b:71:e8:b7:22:57:9b:44:f2:2e:56:50:ec:81:
f4:90:3b:f3:c4:84:99:ae:d2:6f:7f:36:0a:2d:b5:25:c9:0e:
86:b8:d8:d6:0a:40:11:d2:99:ec:c5:32:e9:c0:96:1a:79:2d:
68:fc:0d:45:ca:52:a5:c9:84:2b:42:74:85:44:1a:6f:2a:10:
cd:bb:b8:96:9b:91:29:22:f1:78:59:fa:6b:45:cb:7e:e2:4a:
3e:8d:c4:26:da:33:cc:e2:5f:de:7a:77:44:c5:86:7d:89:e2:
fa:c2:37:a4:a5:05:7e:47:89:37:d5:ca:97:4a:73:aa:68:81:
f7:04:1a:8f:e9:ce:e7:06:5a:5e:97:7e:9e:94:dd:58:0f:10:
11:4f:a9:f4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECPRkIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWJjYjgxZGNkM2YyOTMxOGY0MDNiODQ4MWJlNDRlYzFmZjU1MDJlMB4XDTIyMDEw
MTA4NTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDcyMWJkNjVkZDFh
ODdhMDNkMGRkZjkwMjE0MGI1ZDA3NTJhMmI3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVKXly4Arpz1sPjx9KFsZ8wb87Hb2KJ5r2uAgsU/Pme95jB
1bw8IoFoXf5l1x/vSEQD3IlIFFo5mFF5VihmvVAChKYlS5FXzlVqBJypSTdayZ0C
1F81rh4XAGHvteu0XVemyoNA5U64y4cdOYOS/u38vzvhucdYoY+LIUqD/AGq1ivi
ant9zulyDNCSRjcJ87Ggh7Thhkn8YTnzXHfGBStMKxXi33Em0sUFTyxCoScgKbbH
KuscvCE/IzmTS4x8C7SUPFBL6t6V+rKQ+kzFlTYRH8/9tqLAgQC0JQXxvuLOmUDq
PC/TV0rfdSaGlEPjBfhnVRIT7uV0me+KjvmjILcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTXIb1l3RqHoD0N35AhQLXQdSorejAfBgNVHSMEGDAWgBSFvLgdzT8pMY9A
O4SBvkTsH/VQLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hieTRIYzBfS1RHUFFEdUVnYjVFN0JfMVVDNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvNTY1MDY1LWRhNGQtNGNiZS05MDYxLTg3ODFjNGZlMDExZi8x
LzF5RzlaZDBhaDZBOURkLVFJVUMxMEhVcUszby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
NTY1MDY1LWRhNGQtNGNiZS05MDYxLTg3ODFjNGZlMDExZi8xL2hieTRIYzBfS1RH
UFFEdUVnYjVFN0JfMVVDNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAwULAAMEArlaKDANBAIAAjAHAwUA
KgDrwDANBgkqhkiG9w0BAQsFAAOCAQEAbXT4AjHteG7vA3vq9beNUi980XYrj+CG
JTl7BvZvEmFZgVJ688mrRVmHdfEBDqd2kAgdgXqz17YEHO8p5vWZd2VXT19zrNTV
faODzQM7jkaAr87vJXv3Mb+c274RvnzbkK9RTHEcdOXK1Vtal12Hdmtx6LciV5tE
8i5WUOyB9JA788SEma7Sb382Ci21JckOhrjY1gpAEdKZ7MUy6cCWGnktaPwNRcpS
pcmEK0J0hUQabyoQzbu4lpuRKSLxeFn6a0XLfuJKPo3EJtozzOJf3np3RMWGfYni
+sI3pKUFfkeJN9XKl0pzqmiB9wQaj+nO5wZaXpd+npTdWA8QEU+p9A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:11 2023 by rpki-client on console-fra.rpki-client.org