Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/47422f-2fd0-4b32-9354-dbc9a522cd12/1/YhPGtHrWx7m3p9Tajo4KrQwLcmc.roa
File: YhPGtHrWx7m3p9Tajo4KrQwLcmc.roa (raw, json)
Hash identifier: 10ttOIzSvdzQAkkgwB3znLvpkBUdHXt9o4eCjL5wjaE=
Subject key identifier: 62:13:C6:B4:7A:D6:C7:B9:B7:A7:D4:DA:8E:8E:0A:AD:0C:0B:72:67
Certificate issuer: /CN=2b1dc205e24a23a5a0454a13f1d4a0c9637a439d
Certificate serial: 0597008E
Authority key identifier: 2B:1D:C2:05:E2:4A:23:A5:A0:45:4A:13:F1:D4:A0:C9:63:7A:43:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kx3CBeJKI6WgRUoT8dSgyWN6Q50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/47422f-2fd0-4b32-9354-dbc9a522cd12/1/YhPGtHrWx7m3p9Tajo4KrQwLcmc.roa
Signing time: Sat 01 Jan 2022 10:05:55 +0000
ROA not before: Sat 01 Jan 2022 10:05:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51545
IP address blocks: 91.217.245.0/24 maxlen: 24
185.155.104.0/24 maxlen: 24
185.155.107.0/24 maxlen: 24
185.155.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93782158 (0x597008e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b1dc205e24a23a5a0454a13f1d4a0c9637a439d
Validity
Not Before: Jan 1 10:05:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6213c6b47ad6c7b9b7a7d4da8e8e0aad0c0b7267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e2:2a:bc:6b:eb:87:19:42:14:63:d2:d1:87:
dc:81:ff:3a:af:5d:c4:89:08:63:5f:7a:da:50:ab:
bc:93:50:90:38:ee:4d:bb:28:a1:ac:74:bf:dc:a0:
e1:b1:ff:42:a6:b5:69:96:2f:0c:b3:9e:b3:be:60:
7e:f0:71:89:7a:50:c3:a4:8a:60:4d:2d:97:18:25:
05:05:1d:d3:a0:fc:ae:cb:6c:09:b7:6c:22:11:c0:
9e:f4:98:da:5e:b0:46:1f:fb:d6:b0:f3:07:0a:aa:
0c:6d:5b:ff:13:44:0f:50:1c:ae:f2:7c:d9:f4:63:
cd:58:c9:b5:3e:9f:c3:9e:cf:ab:09:1a:ca:09:eb:
dc:07:e0:de:e2:24:71:f4:1e:1e:3a:44:96:c6:1f:
9b:ec:43:bc:7d:96:89:57:47:85:1f:5a:68:a7:a2:
74:89:ed:80:9d:c4:73:54:82:36:31:8f:f7:72:ca:
9c:67:4f:e0:67:e4:53:e5:08:42:6a:34:eb:e4:b7:
ce:ef:91:5b:6e:45:42:1d:13:de:0b:7e:7c:78:72:
b3:12:59:a0:29:da:bc:c2:45:5c:c1:bd:4c:58:44:
02:c1:36:c4:1f:85:cd:ef:7c:95:22:29:61:88:19:
32:d9:e8:2d:64:14:78:11:81:8d:38:eb:46:a4:09:
bf:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:13:C6:B4:7A:D6:C7:B9:B7:A7:D4:DA:8E:8E:0A:AD:0C:0B:72:67
X509v3 Authority Key Identifier:
keyid:2B:1D:C2:05:E2:4A:23:A5:A0:45:4A:13:F1:D4:A0:C9:63:7A:43:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kx3CBeJKI6WgRUoT8dSgyWN6Q50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/47422f-2fd0-4b32-9354-dbc9a522cd12/1/YhPGtHrWx7m3p9Tajo4KrQwLcmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/47422f-2fd0-4b32-9354-dbc9a522cd12/1/Kx3CBeJKI6WgRUoT8dSgyWN6Q50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.245.0/24
185.155.104.0/24
185.155.106.0/23
Signature Algorithm: sha256WithRSAEncryption
40:5c:40:48:e1:c5:21:52:54:ae:4f:8c:92:8d:80:ec:69:cd:
79:fd:f9:a3:bc:8f:6e:8a:56:76:7f:dc:f1:1a:bc:3b:7c:4e:
16:59:d1:b8:58:f8:40:52:4d:e7:9d:af:b5:10:d6:f5:46:ae:
96:49:f4:72:0c:aa:50:18:a8:32:eb:93:f0:91:de:07:96:1f:
57:1f:0f:93:d6:88:9e:c2:d5:f1:48:bd:5f:b2:fc:e9:f0:12:
1d:f8:5e:0f:d0:d9:99:0f:23:2b:b8:6a:8e:35:1c:de:a1:7e:
bf:5b:a1:f8:86:4b:e0:51:0c:79:18:fb:60:cc:6b:75:27:4f:
9b:97:08:7e:1e:cc:ea:49:3e:4a:fb:6c:23:dd:65:d6:0a:29:
27:20:f3:c8:a8:bf:d1:d5:c1:b7:ce:c8:49:14:3e:24:fb:64:
de:8b:44:2d:af:1d:c9:93:e6:53:39:e4:f3:a1:54:b7:5f:65:
93:42:c8:94:61:41:df:75:6e:80:2b:9a:92:e2:e8:12:7a:99:
2a:40:7b:9a:76:55:9d:54:ae:c3:6a:56:db:2b:a7:16:ca:49:
09:28:3f:e4:9c:f1:b4:d5:f3:5b:b9:86:32:14:fb:69:92:f4:
ea:a8:7f:d9:a4:7a:d3:c0:79:5e:3d:6e:ac:b7:17:28:3f:b8:
46:98:8d:b7
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBZcAjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjFkYzIwNWUyNGEyM2E1YTA0NTRhMTNmMWQ0YTBjOTYzN2E0MzlkMB4XDTIyMDEw
MTEwMDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIxM2M2YjQ3YWQ2
YzdiOWI3YTdkNGRhOGU4ZTBhYWQwYzBiNzI2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbiKrxr64cZQhRj0tGH3IH/Oq9dxIkIY1962lCrvJNQkDju
Tbsooax0v9yg4bH/Qqa1aZYvDLOes75gfvBxiXpQw6SKYE0tlxglBQUd06D8rsts
CbdsIhHAnvSY2l6wRh/71rDzBwqqDG1b/xNED1AcrvJ82fRjzVjJtT6fw57Pqwka
ygnr3Afg3uIkcfQeHjpElsYfm+xDvH2WiVdHhR9aaKeidIntgJ3Ec1SCNjGP93LK
nGdP4GfkU+UIQmo06+S3zu+RW25FQh0T3gt+fHhysxJZoCnavMJFXMG9TFhEAsE2
xB+Fze98lSIpYYgZMtnoLWQUeBGBjTjrRqQJv2cCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRiE8a0etbHuben1NqOjgqtDAtyZzAfBgNVHSMEGDAWgBQrHcIF4kojpaBF
ShPx1KDJY3pDnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t4M0NCZUpLSTZXZ1JVb1Q4ZFNneVdONlE1MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNDc0MjJmLTJmZDAtNGIzMi05MzU0LWRiYzlhNTIyY2QxMi8x
L1loUEd0SHJXeDdtM3A5VGFqbzRLclF3TGNtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NDc0MjJmLTJmZDAtNGIzMi05MzU0LWRiYzlhNTIyY2QxMi8xL0t4M0NCZUpLSTZX
Z1JVb1Q4ZFNneVdONlE1MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvZ9QMEALmbaAMEAbmbajANBgkq
hkiG9w0BAQsFAAOCAQEAQFxASOHFIVJUrk+Mko2A7GnNef35o7yPbopWdn/c8Rq8
O3xOFlnRuFj4QFJN552vtRDW9Uaulkn0cgyqUBioMuuT8JHeB5YfVx8Pk9aInsLV
8Ui9X7L86fASHfheD9DZmQ8jK7hqjjUc3qF+v1uh+IZL4FEMeRj7YMxrdSdPm5cI
fh7M6kk+SvtsI91l1gopJyDzyKi/0dXBt87ISRQ+JPtk3otELa8dyZPmUznk86FU
t19lk0LIlGFB33VugCuakuLoEnqZKkB7mnZVnVSuw2pW2yunFspJCSg/5JzxtNXz
W7mGMhT7aZL06qh/2aR608B5Xj1urLcXKD+4RpiNtw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:18 2023 by rpki-client on console-fra.rpki-client.org