Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/YySXY-6bWl-zkhXMLGS5VFAbj-A.roa
File: YySXY-6bWl-zkhXMLGS5VFAbj-A.roa (raw, json)
Hash identifier: RdTjb12gA20Z6wHSKX7exrEu5vbrU2iqp0LiYsiwMIk=
Subject key identifier: 63:24:97:63:EE:9B:5A:5F:B3:92:15:CC:2C:64:B9:54:50:1B:8F:E0
Certificate issuer: /CN=0f657093f326547bf25a9985c81cf1403140a3a8
Certificate serial: 1252B93B
Authority key identifier: 0F:65:70:93:F3:26:54:7B:F2:5A:99:85:C8:1C:F1:40:31:40:A3:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/YySXY-6bWl-zkhXMLGS5VFAbj-A.roa
Signing time: Sat 01 Jan 2022 11:05:11 +0000
ROA not before: Sat 01 Jan 2022 11:05:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207044
IP address blocks: 185.241.132.0/22 maxlen: 22
185.138.112.0/24 maxlen: 24
185.138.112.0/22 maxlen: 22
185.138.113.0/24 maxlen: 24
185.138.114.0/24 maxlen: 24
185.138.115.0/24 maxlen: 24
2a0d:4707:1400::/38 maxlen: 38
2a0d:4707:400::/38 maxlen: 38
2a0d:4707:1000::/38 maxlen: 38
2a0d:4707::/38 maxlen: 38
2a0d:4707:c00::/38 maxlen: 38
2a0d:4707:800::/38 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 307411259 (0x1252b93b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f657093f326547bf25a9985c81cf1403140a3a8
Validity
Not Before: Jan 1 11:05:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63249763ee9b5a5fb39215cc2c64b954501b8fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:f3:ce:3b:65:5d:d5:b3:39:b8:e0:f0:27:
5b:0b:82:cb:a4:7e:c7:af:f1:a9:4b:9d:91:b5:d5:
ff:6d:ec:9e:df:e1:ac:f1:27:ef:b5:6f:a7:4f:53:
1f:c2:2f:37:3c:47:9c:be:25:06:67:e6:18:08:30:
c9:5a:3d:0d:ea:7f:47:25:cf:b4:18:c4:ab:e7:29:
7b:1d:fc:61:8c:df:6b:57:fa:d3:64:dc:20:8a:be:
36:68:4c:18:c5:57:50:2b:5b:a8:9b:da:d1:31:a6:
32:23:c2:96:a4:6c:bd:e3:3f:15:1e:d3:70:5a:a2:
e4:0d:7c:44:08:d0:86:5a:81:4f:9f:35:ce:ca:b4:
c1:8e:4e:18:fd:86:00:d6:da:95:15:85:20:54:a5:
03:3f:47:ce:dd:f4:55:d5:48:79:b7:90:51:63:db:
01:bd:58:45:94:cd:16:ec:6d:12:69:cc:da:a5:d2:
44:18:4d:7a:05:d1:2e:63:13:45:64:36:dc:96:a3:
ca:0b:a6:4e:27:b3:c2:56:23:04:16:8a:11:f8:53:
30:4f:90:f1:5c:fc:a9:83:c2:2a:f1:8a:83:29:5d:
a1:08:89:b9:7a:77:30:59:9c:2d:33:93:2d:c1:d6:
36:04:70:da:12:9e:6e:ab:5d:de:14:0a:72:74:8d:
0b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:24:97:63:EE:9B:5A:5F:B3:92:15:CC:2C:64:B9:54:50:1B:8F:E0
X509v3 Authority Key Identifier:
keyid:0F:65:70:93:F3:26:54:7B:F2:5A:99:85:C8:1C:F1:40:31:40:A3:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/YySXY-6bWl-zkhXMLGS5VFAbj-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.112.0/22
185.241.132.0/22
IPv6:
2a0d:4707::-2a0d:4707:17ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:5b:c8:31:71:c2:c6:66:df:d2:44:f8:1c:3d:aa:17:46:f3:
3e:fb:3a:1a:a0:b3:e4:ed:95:05:f4:81:ec:c1:f1:9c:a1:8b:
1a:3b:49:52:5d:b5:d8:83:16:33:3a:28:f0:5b:53:f2:10:88:
0a:30:4e:03:21:95:ac:e4:95:d3:5b:a0:e9:82:43:ca:f0:49:
9e:01:18:0a:2e:5b:ea:54:ed:63:30:2d:8d:94:f9:18:9e:88:
e1:dc:73:07:60:15:ad:2d:49:56:bd:94:a2:aa:81:d5:42:c0:
25:ce:27:d8:1d:39:0c:b1:82:f7:06:1a:a2:47:04:95:a4:09:
84:37:55:9f:bc:9f:46:e8:f3:c2:bf:f2:e5:2b:f7:0e:83:dd:
a2:c8:9e:f2:9d:15:19:c1:da:d7:44:b8:eb:70:00:d4:c8:6f:
32:d5:59:cb:cb:fb:95:85:51:cf:87:b3:5f:6d:04:6e:08:7d:
77:d7:ed:9e:f9:de:eb:6a:92:69:59:d0:e4:69:f4:21:40:6a:
cc:ab:fc:32:cb:61:e1:0b:65:02:52:82:99:7a:14:7e:2d:9e:
17:69:0c:d9:23:36:20:48:62:f3:ce:d5:f9:21:be:c4:15:e7:
22:5b:18:ae:34:46:86:6a:db:14:c1:29:53:e2:b0:f5:28:d5:
9a:ae:f2:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEElK5OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY1NzA5M2YzMjY1NDdiZjI1YTk5ODVjODFjZjE0MDMxNDBhM2E4MB4XDTIyMDEw
MTExMDUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjMyNDk3NjNlZTli
NWE1ZmIzOTIxNWNjMmM2NGI5NTQ1MDFiOGZlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQd8847ZV3Vszm44PAnWwuCy6R+x6/xqUudkbXV/23snt/h
rPEn77Vvp09TH8IvNzxHnL4lBmfmGAgwyVo9Dep/RyXPtBjEq+cpex38YYzfa1f6
02TcIIq+NmhMGMVXUCtbqJva0TGmMiPClqRsveM/FR7TcFqi5A18RAjQhlqBT581
zsq0wY5OGP2GANbalRWFIFSlAz9Hzt30VdVIebeQUWPbAb1YRZTNFuxtEmnM2qXS
RBhNegXRLmMTRWQ23JajygumTiezwlYjBBaKEfhTME+Q8Vz8qYPCKvGKgyldoQiJ
uXp3MFmcLTOTLcHWNgRw2hKebqtd3hQKcnSNC68CAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBRjJJdj7ptaX7OSFcwsZLlUUBuP4DAfBgNVHSMEGDAWgBQPZXCT8yZUe/Ja
mYXIHPFAMUCjqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyVndrX01tVkh2eVdwbUZ5Qnp4UURGQW82Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvMTgxYWQ2LTQ3NjQtNDg4MS04OTYyLTBhZmY2OWZhZjY4YS8x
L1l5U1hZLTZiV2wtemtoWE1MR1M1VkZBYmotQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
MTgxYWQ2LTQ3NjQtNDg4MS04OTYyLTBhZmY2OWZhZjY4YS8xL0QyVndrX01tVkh2
eVdwbUZ5Qnp4UURGQW82Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wEgQCAAEwDAMEArmKcAMEArnxhDAXBAIAAjARMA8D
BQAqDUcHAwYDKg1HBxAwDQYJKoZIhvcNAQELBQADggEBAJhbyDFxwsZm39JE+Bw9
qhdG8z77Ohqgs+TtlQX0gezB8Zyhixo7SVJdtdiDFjM6KPBbU/IQiAowTgMhlazk
ldNboOmCQ8rwSZ4BGAouW+pU7WMwLY2U+RieiOHccwdgFa0tSVa9lKKqgdVCwCXO
J9gdOQyxgvcGGqJHBJWkCYQ3VZ+8n0bo88K/8uUr9w6D3aLInvKdFRnB2tdEuOtw
ANTIbzLVWcvL+5WFUc+Hs19tBG4IfXfX7Z753utqkmlZ0ORp9CFAasyr/DLLYeEL
ZQJSgpl6FH4tnhdpDNkjNiBIYvPO1fkhvsQV5yJbGK40RoZq2xTBKVPisPUo1Zqu
8kQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:53 2023 by rpki-client on console-fra.rpki-client.org