Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/Y57Nnr6XnJRm6Y40WlUUbrKF0wg.roa
File: Y57Nnr6XnJRm6Y40WlUUbrKF0wg.roa (raw, json)
Hash identifier: SVxl2efexhLEJu9a+OLLUq9EjneYBEmIy/mbSqPMqSw=
Subject key identifier: 63:9E:CD:9E:BE:97:9C:94:66:E9:8E:34:5A:55:14:6E:B2:85:D3:08
Certificate issuer: /CN=109b05a35d4109a1e4a834ccadacdd2c6f56b05a
Certificate serial: 06ED7DD9
Authority key identifier: 10:9B:05:A3:5D:41:09:A1:E4:A8:34:CC:AD:AC:DD:2C:6F:56:B0:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EJsFo11BCaHkqDTMrazdLG9WsFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/Y57Nnr6XnJRm6Y40WlUUbrKF0wg.roa
Signing time: Sat 01 Jan 2022 13:05:02 +0000
ROA not before: Sat 01 Jan 2022 13:05:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197667
IP address blocks: 185.139.43.0/24 maxlen: 24
185.139.40.0/22 maxlen: 22
185.139.41.0/24 maxlen: 24
185.139.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116227545 (0x6ed7dd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=109b05a35d4109a1e4a834ccadacdd2c6f56b05a
Validity
Not Before: Jan 1 13:05:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=639ecd9ebe979c9466e98e345a55146eb285d308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:43:cf:bb:ff:49:10:09:e0:67:46:e1:b1:
59:88:8a:a4:00:59:62:bf:ca:6b:50:d9:20:a0:e9:
72:ce:ee:9c:ee:7e:f1:4d:87:f1:30:1c:9d:2a:5d:
ce:0c:a6:97:a7:9f:d4:a5:14:35:64:73:ba:31:5e:
60:de:ce:1f:d3:11:30:0f:43:5c:16:f0:56:6d:db:
aa:42:48:34:b7:ea:9f:3c:50:2c:20:dc:a8:a2:29:
1c:d0:31:9f:22:9d:52:ec:3e:1d:39:ad:af:89:cf:
a6:1a:77:ad:ec:dc:25:b1:3b:05:39:bb:98:35:4b:
85:9f:06:f1:55:fe:5f:cb:03:97:d2:bc:23:63:cf:
d5:82:47:72:c3:8e:ae:2b:40:65:b1:e4:4e:be:36:
ed:7c:51:fc:9d:24:69:9d:66:61:28:a0:fb:d5:15:
23:f8:8e:80:6a:a9:a4:f2:3d:df:bf:b1:65:54:95:
fe:6e:16:46:0c:b2:74:f1:b8:37:19:5e:87:b7:93:
1a:bf:22:97:f3:38:da:6b:f8:31:4c:03:bd:e5:c1:
4a:78:c1:6b:32:d1:db:38:d0:65:af:06:dc:59:40:
90:5a:e8:13:cf:a2:c1:e6:45:c6:27:c1:9c:13:c4:
8a:89:a9:33:9a:45:d1:91:8f:8f:47:6b:4d:7e:1b:
a0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9E:CD:9E:BE:97:9C:94:66:E9:8E:34:5A:55:14:6E:B2:85:D3:08
X509v3 Authority Key Identifier:
keyid:10:9B:05:A3:5D:41:09:A1:E4:A8:34:CC:AD:AC:DD:2C:6F:56:B0:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJsFo11BCaHkqDTMrazdLG9WsFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/Y57Nnr6XnJRm6Y40WlUUbrKF0wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/EJsFo11BCaHkqDTMrazdLG9WsFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:7f:0c:68:91:6d:c4:67:82:70:b8:e4:66:2b:d8:10:65:3b:
63:a6:43:52:fb:20:d5:be:aa:4d:4c:b6:51:a4:a1:c6:64:76:
50:86:31:5b:3e:12:7c:12:c4:16:9c:d6:93:3a:18:63:e2:8f:
56:27:68:48:8f:40:2d:dd:82:c6:50:4f:2e:cd:7b:c5:1c:d3:
7b:57:53:f2:d7:c7:3e:59:ed:51:93:45:f9:db:c7:29:68:85:
cd:b5:24:1a:9a:0d:c7:88:ee:e8:c0:d8:09:95:31:fb:6b:ad:
58:9c:c4:24:ad:de:47:b0:00:d2:a2:98:a3:a3:01:61:c5:3d:
2b:02:bc:ca:94:7f:fa:72:7b:b2:96:f0:25:ab:f4:c2:8f:a2:
6b:76:9c:82:d1:d1:60:25:b6:56:ff:ce:2a:6c:de:f2:f5:7f:
80:8c:ee:91:f0:1f:96:2c:83:5f:93:53:22:42:1d:e4:5e:0c:
1c:51:68:2b:dc:3b:ba:75:c3:7a:f5:13:59:d2:36:55:55:8e:
6f:93:40:ca:c8:66:32:68:e5:b9:64:7c:b6:c0:ad:ba:98:71:
16:68:2c:47:8f:bd:cc:e6:cc:9a:df:d7:e4:11:a0:a8:09:34:
0e:9e:63:2b:cf:44:3b:00:df:a1:66:7f:1e:8d:37:8d:01:a2:
30:f0:80:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBu192TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDliMDVhMzVkNDEwOWExZTRhODM0Y2NhZGFjZGQyYzZmNTZiMDVhMB4XDTIyMDEw
MTEzMDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM5ZWNkOWViZTk3
OWM5NDY2ZTk4ZTM0NWE1NTE0NmViMjg1ZDMwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtsQ8+7/0kQCeBnRuGxWYiKpABZYr/Ka1DZIKDpcs7unO5+
8U2H8TAcnSpdzgyml6ef1KUUNWRzujFeYN7OH9MRMA9DXBbwVm3bqkJINLfqnzxQ
LCDcqKIpHNAxnyKdUuw+HTmtr4nPphp3rezcJbE7BTm7mDVLhZ8G8VX+X8sDl9K8
I2PP1YJHcsOOritAZbHkTr427XxR/J0kaZ1mYSig+9UVI/iOgGqppPI937+xZVSV
/m4WRgyydPG4Nxleh7eTGr8il/M42mv4MUwDveXBSnjBazLR2zjQZa8G3FlAkFro
E8+iweZFxifBnBPEiompM5pF0ZGPj0drTX4boLECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRjns2evpeclGbpjjRaVRRusoXTCDAfBgNVHSMEGDAWgBQQmwWjXUEJoeSo
NMytrN0sb1awWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VKc0ZvMTFCQ2FIa3FEVE1yYXpkTEc5V3NGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvY2FhYzBlLTUyNjgtNDIzYS1hZmIwLTQ0OTE1MmYxZDNiNy8x
L1k1N05ucjZYbkpSbTZZNDBXbFVVYnJLRjB3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
Y2FhYzBlLTUyNjgtNDIzYS1hZmIwLTQ0OTE1MmYxZDNiNy8xL0VKc0ZvMTFCQ2FI
a3FEVE1yYXpkTEc5V3NGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmLKDANBgkqhkiG9w0BAQsFAAOC
AQEATX8MaJFtxGeCcLjkZivYEGU7Y6ZDUvsg1b6qTUy2UaShxmR2UIYxWz4SfBLE
FpzWkzoYY+KPVidoSI9ALd2CxlBPLs17xRzTe1dT8tfHPlntUZNF+dvHKWiFzbUk
GpoNx4ju6MDYCZUx+2utWJzEJK3eR7AA0qKYo6MBYcU9KwK8ypR/+nJ7spbwJav0
wo+ia3acgtHRYCW2Vv/OKmze8vV/gIzukfAfliyDX5NTIkId5F4MHFFoK9w7unXD
evUTWdI2VVWOb5NAyshmMmjluWR8tsCtuphxFmgsR4+9zObMmt/X5BGgqAk0Dp5j
K89EOwDfoWZ/Ho03jQGiMPCAFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:24 2024 by rpki-client on console-fra.rpki-client.org