Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/CY1fymwA3xY28aXoZVn3Y1C4EFM.roa
File: CY1fymwA3xY28aXoZVn3Y1C4EFM.roa (raw, json)
Hash identifier: y3rZmNyBVJiwo7fUCBgfTaslYYk52SUjWRUlsMSYPXU=
Subject key identifier: 09:8D:5F:CA:6C:00:DF:16:36:F1:A5:E8:65:59:F7:63:50:B8:10:53
Certificate issuer: /CN=674a61a8a9c97c03cdebe05f82558e51dbf90821
Certificate serial: 0A59DDAC
Authority key identifier: 67:4A:61:A8:A9:C9:7C:03:CD:EB:E0:5F:82:55:8E:51:DB:F9:08:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0phqKnJfAPN6-BfglWOUdv5CCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/CY1fymwA3xY28aXoZVn3Y1C4EFM.roa
Signing time: Sat 01 Jan 2022 06:58:02 +0000
ROA not before: Sat 01 Jan 2022 06:58:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43545
IP address blocks: 85.202.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173661612 (0xa59ddac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=674a61a8a9c97c03cdebe05f82558e51dbf90821
Validity
Not Before: Jan 1 06:58:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=098d5fca6c00df1636f1a5e86559f76350b81053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2d:e9:28:ce:ca:50:2d:6d:df:63:a8:c2:af:
c9:2a:08:94:72:67:60:2f:a3:25:c1:3b:01:99:2f:
97:b6:2e:85:f3:01:ba:73:ad:73:1d:7c:6b:b5:3d:
3a:21:ca:dc:7a:42:77:7c:2e:ac:9f:85:e0:be:55:
e5:f6:27:1a:ee:82:99:0e:c0:0b:64:90:f6:26:ee:
e5:49:3d:54:f8:89:0a:fc:f2:4c:a2:96:93:d2:78:
7d:b3:b8:a2:a6:7d:c1:b0:05:89:3a:87:10:06:08:
17:39:8b:b0:26:85:79:a4:2f:ce:ff:88:23:17:73:
10:5e:1a:b4:74:b9:ed:2e:78:39:12:2f:e8:ce:94:
cf:aa:35:c3:cc:5b:c8:25:87:ef:a7:66:f9:9a:90:
c9:0c:8d:81:f6:a6:97:ad:68:59:f6:4b:cf:ec:66:
4a:f3:85:d5:bc:9b:2f:a4:20:c6:37:a7:51:ac:6f:
f6:88:20:be:8f:10:0b:3d:95:63:87:5e:b0:0a:59:
1c:53:fe:20:69:35:24:ab:e2:19:b0:16:45:a0:f7:
c9:57:35:70:56:0f:91:00:06:02:42:58:06:8f:8b:
d3:3d:5b:b9:97:ea:a1:8d:f2:4f:0c:18:37:d8:8e:
96:50:4e:22:72:e9:02:82:8b:ec:26:35:58:ec:fe:
24:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8D:5F:CA:6C:00:DF:16:36:F1:A5:E8:65:59:F7:63:50:B8:10:53
X509v3 Authority Key Identifier:
keyid:67:4A:61:A8:A9:C9:7C:03:CD:EB:E0:5F:82:55:8E:51:DB:F9:08:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0phqKnJfAPN6-BfglWOUdv5CCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/CY1fymwA3xY28aXoZVn3Y1C4EFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/Z0phqKnJfAPN6-BfglWOUdv5CCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.196.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:ab:35:d3:d6:a1:ba:8a:69:94:ba:96:9c:02:b1:d6:e8:7e:
3d:cf:6d:69:16:9e:ba:0a:93:46:a2:bb:4c:f8:d2:f5:96:a9:
54:f8:52:35:44:2a:ee:3e:2d:3d:35:a9:f7:f4:97:99:c5:b8:
22:b6:c7:6b:e9:99:9d:ec:ed:98:d7:f3:42:14:79:c9:cd:df:
a3:8c:69:3b:62:63:fe:48:c7:c5:05:45:71:10:09:2d:2b:9f:
38:21:40:4f:89:11:d6:75:86:e0:2e:79:67:54:3d:46:99:7e:
53:2b:20:2c:ca:f0:fa:a2:03:d3:0a:f3:f4:4a:69:b1:96:3f:
93:52:14:aa:ae:93:e4:b5:56:6b:a7:21:3e:cc:b4:24:48:1f:
2e:ed:25:df:a5:27:7c:40:fa:55:e3:9c:9f:6b:b0:b2:0e:6b:
a4:37:a2:0d:f9:f1:f0:ae:0b:fe:2a:e1:3c:ec:75:06:cb:3e:
d9:60:8c:d7:03:76:b4:9a:b0:74:63:13:15:4d:4c:87:65:cd:
3c:94:f2:61:c6:43:8e:92:3e:0c:9c:79:76:ec:18:2a:84:f7:
81:fa:30:42:e6:5a:db:95:7c:65:60:75:ab:b1:03:34:89:53:
d7:8b:b9:89:92:62:97:b1:9f:84:63:6e:0c:5f:02:56:2e:7e:
e8:85:91:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEClndrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzRhNjFhOGE5Yzk3YzAzY2RlYmUwNWY4MjU1OGU1MWRiZjkwODIxMB4XDTIyMDEw
MTA2NTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk4ZDVmY2E2YzAw
ZGYxNjM2ZjFhNWU4NjU1OWY3NjM1MGI4MTA1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIt6SjOylAtbd9jqMKvySoIlHJnYC+jJcE7AZkvl7YuhfMB
unOtcx18a7U9OiHK3HpCd3wurJ+F4L5V5fYnGu6CmQ7AC2SQ9ibu5Uk9VPiJCvzy
TKKWk9J4fbO4oqZ9wbAFiTqHEAYIFzmLsCaFeaQvzv+IIxdzEF4atHS57S54ORIv
6M6Uz6o1w8xbyCWH76dm+ZqQyQyNgfaml61oWfZLz+xmSvOF1bybL6QgxjenUaxv
9oggvo8QCz2VY4desApZHFP+IGk1JKviGbAWRaD3yVc1cFYPkQAGAkJYBo+L0z1b
uZfqoY3yTwwYN9iOllBOInLpAoKL7CY1WOz+JB0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJjV/KbADfFjbxpehlWfdjULgQUzAfBgNVHSMEGDAWgBRnSmGoqcl8A83r
4F+CVY5R2/kIITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1owcGhxS25KZkFQTjYtQmZnbFdPVWR2NUNDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNzI0ODhhLTAzNWQtNDkzMS04ZGZiLTRjODZjYmUwMzYxMC8x
L0NZMWZ5bXdBM3hZMjhhWG9aVm4zWTFDNEVGTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NzI0ODhhLTAzNWQtNDkzMS04ZGZiLTRjODZjYmUwMzYxMC8xL1owcGhxS25KZkFQ
TjYtQmZnbFdPVWR2NUNDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXKxDANBgkqhkiG9w0BAQsFAAOC
AQEAzas109ahuopplLqWnAKx1uh+Pc9taRaeugqTRqK7TPjS9ZapVPhSNUQq7j4t
PTWp9/SXmcW4IrbHa+mZneztmNfzQhR5yc3fo4xpO2Jj/kjHxQVFcRAJLSufOCFA
T4kR1nWG4C55Z1Q9Rpl+UysgLMrw+qID0wrz9EppsZY/k1IUqq6T5LVWa6chPsy0
JEgfLu0l36UnfED6VeOcn2uwsg5rpDeiDfnx8K4L/irhPOx1Bss+2WCM1wN2tJqw
dGMTFU1Mh2XNPJTyYcZDjpI+DJx5duwYKoT3gfowQuZa25V8ZWB1q7EDNIlT14u5
iZJil7GfhGNuDF8CVi5+6IWRqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:07 2024 by rpki-client on console-ams.rpki-client.org