Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/yHo25T-_WXuF1sjTVjyGzXVU63U.roa
File: yHo25T-_WXuF1sjTVjyGzXVU63U.roa (raw, json)
Hash identifier: XoUGOYsf7vdRLCh1G7Fgv+txWuach0P7i3B72Er02a0=
Subject key identifier: C8:7A:36:E5:3F:BF:59:7B:85:D6:C8:D3:56:3C:86:CD:75:54:EB:75
Certificate issuer: /CN=3f1eb51c80ccb36bfdc74667d17fc3cf1220d63e
Certificate serial: 0F296252
Authority key identifier: 3F:1E:B5:1C:80:CC:B3:6B:FD:C7:46:67:D1:7F:C3:CF:12:20:D6:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Px61HIDMs2v9x0Zn0X_DzxIg1j4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/yHo25T-_WXuF1sjTVjyGzXVU63U.roa
Signing time: Sat 01 Jan 2022 13:59:48 +0000
ROA not before: Sat 01 Jan 2022 13:59:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57111
IP address blocks: 185.204.132.0/22 maxlen: 22
185.199.24.0/22 maxlen: 22
2a0a:9440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254370386 (0xf296252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f1eb51c80ccb36bfdc74667d17fc3cf1220d63e
Validity
Not Before: Jan 1 13:59:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c87a36e53fbf597b85d6c8d3563c86cd7554eb75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:09:b2:19:22:bc:d5:2c:27:06:66:73:5d:e5:
94:7a:48:9b:fd:a6:47:78:5b:03:d9:48:d0:ca:5f:
5a:b9:cc:0f:bd:cb:79:a9:5a:df:fb:5c:71:c3:3f:
26:76:fc:5e:e5:53:eb:13:00:7c:5a:7b:5e:07:d8:
f2:8d:3b:5e:01:c7:9b:8d:0e:47:9f:9b:d7:e4:c2:
d7:fc:a2:31:6a:2d:60:1a:5f:d6:f9:ba:fd:8d:75:
77:f0:2a:2d:62:30:5d:2f:96:7b:d7:8c:fa:97:a3:
01:d9:4e:7a:97:f2:d7:16:5d:4d:a4:17:70:80:7b:
68:20:2c:a5:4c:d2:8f:80:7a:bf:83:48:8d:cf:c5:
1d:ee:de:ce:a4:67:96:7b:2e:af:21:7f:d2:ed:68:
ff:64:b5:94:21:9c:6d:0a:4f:6e:6f:99:48:89:ca:
96:ae:78:17:24:6c:45:0b:04:cc:6a:6f:37:33:b6:
a7:37:5a:72:30:44:2c:cd:9f:70:e3:de:0c:69:36:
84:8d:69:1b:f3:79:d9:ba:56:21:61:2a:d0:e3:d8:
73:4c:07:bc:6a:26:84:e5:1b:29:3f:d6:31:05:93:
73:f1:8f:d0:31:4c:32:04:e7:31:7c:17:11:6a:84:
75:c6:58:4b:9d:e1:38:f9:2c:6e:07:14:21:2c:f3:
ff:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7A:36:E5:3F:BF:59:7B:85:D6:C8:D3:56:3C:86:CD:75:54:EB:75
X509v3 Authority Key Identifier:
keyid:3F:1E:B5:1C:80:CC:B3:6B:FD:C7:46:67:D1:7F:C3:CF:12:20:D6:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Px61HIDMs2v9x0Zn0X_DzxIg1j4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/yHo25T-_WXuF1sjTVjyGzXVU63U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/Px61HIDMs2v9x0Zn0X_DzxIg1j4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.24.0/22
185.204.132.0/22
IPv6:
2a0a:9440::/29
Signature Algorithm: sha256WithRSAEncryption
07:26:a9:ff:c5:d9:ab:db:1b:69:92:5f:e0:39:35:00:2f:07:
26:2c:0d:3e:5b:9e:91:98:6f:00:22:5a:65:db:60:a3:9e:1c:
f6:6b:59:29:bb:40:c3:0e:e4:bc:69:45:37:d8:1b:c5:ba:77:
9e:04:1b:f1:86:87:99:f4:3c:85:70:53:b2:0e:cc:dc:b6:f0:
2d:52:ed:e6:87:00:cf:ff:82:48:35:e0:c9:2f:23:fe:de:4e:
be:0c:34:60:da:e0:51:41:0f:c0:6c:60:e6:63:3a:80:f5:62:
3c:ff:04:6b:7f:ae:4d:79:43:df:07:26:38:34:08:f8:13:17:
cb:44:8e:b4:2c:2c:24:6f:20:36:9c:d6:51:1d:c8:7a:58:43:
bc:fa:cb:ae:49:de:0f:35:77:62:b6:85:87:dd:4a:29:7c:22:
82:e9:db:85:c3:64:ce:72:bb:7f:93:d8:fc:60:bf:6b:9f:85:
ac:a9:3a:ee:ae:65:1c:95:17:78:e4:ec:c2:b2:2b:f4:27:d9:
26:21:53:86:bc:dd:9c:69:c9:60:20:a5:63:5a:f6:44:c3:c1:
f8:b1:7f:e9:a0:38:c4:05:09:7f:75:46:ba:53:6f:91:0f:05:
c7:d2:4a:79:11:36:0f:83:2d:db:4f:eb:e0:1b:32:d7:2a:cd:
41:01:e1:4b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDyliUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZjFlYjUxYzgwY2NiMzZiZmRjNzQ2NjdkMTdmYzNjZjEyMjBkNjNlMB4XDTIyMDEw
MTEzNTk0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg3YTM2ZTUzZmJm
NTk3Yjg1ZDZjOGQzNTYzYzg2Y2Q3NTU0ZWI3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUJshkivNUsJwZmc13llHpIm/2mR3hbA9lI0MpfWrnMD73L
eala3/tcccM/Jnb8XuVT6xMAfFp7XgfY8o07XgHHm40OR5+b1+TC1/yiMWotYBpf
1vm6/Y11d/AqLWIwXS+We9eM+pejAdlOepfy1xZdTaQXcIB7aCAspUzSj4B6v4NI
jc/FHe7ezqRnlnsuryF/0u1o/2S1lCGcbQpPbm+ZSInKlq54FyRsRQsEzGpvNzO2
pzdacjBELM2fcOPeDGk2hI1pG/N52bpWIWEq0OPYc0wHvGomhOUbKT/WMQWTc/GP
0DFMMgTnMXwXEWqEdcZYS53hOPksbgcUISzz/50CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTIejblP79Ze4XWyNNWPIbNdVTrdTAfBgNVHSMEGDAWgBQ/HrUcgMyza/3H
RmfRf8PPEiDWPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B4NjFISURNczJ2OXgwWm4wWF9EenhJZzFqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvMmU4NDRiLTBjZDUtNDc3OS1hMDM4LWZkYWJmYWRiNjI3OS8x
L3lIbzI1VC1fV1h1RjFzalRWanlHelhWVTYzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
MmU4NDRiLTBjZDUtNDc3OS1hMDM4LWZkYWJmYWRiNjI3OS8xL1B4NjFISURNczJ2
OXgwWm4wWF9EenhJZzFqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArnHGAMEArnMhDANBAIAAjAHAwUD
KgqUQDANBgkqhkiG9w0BAQsFAAOCAQEAByap/8XZq9sbaZJf4Dk1AC8HJiwNPlue
kZhvACJaZdtgo54c9mtZKbtAww7kvGlFN9gbxbp3ngQb8YaHmfQ8hXBTsg7M3Lbw
LVLt5ocAz/+CSDXgyS8j/t5Ovgw0YNrgUUEPwGxg5mM6gPViPP8Ea3+uTXlD3wcm
ODQI+BMXy0SOtCwsJG8gNpzWUR3IelhDvPrLrkneDzV3YraFh91KKXwigunbhcNk
znK7f5PY/GC/a5+FrKk67q5lHJUXeOTswrIr9CfZJiFThrzdnGnJYCClY1r2RMPB
+LF/6aA4xAUJf3VGulNvkQ8Fx9JKeRE2D4Mt20/r4Bsy1yrNQQHhSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:44 2024 by rpki-client on console-ams.rpki-client.org