Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/yTd2H3A-oGOoKaeaX_xIz5Gk5bE.roa
File: yTd2H3A-oGOoKaeaX_xIz5Gk5bE.roa (raw, json)
Hash identifier: J1XFxg38ptTjy90tCl6El9+/N3sSrmEw6iKRsGgqs8g=
Subject key identifier: C9:37:76:1F:70:3E:A0:63:A8:29:A7:9A:5F:FC:48:CF:91:A4:E5:B1
Certificate issuer: /CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Certificate serial: 0184BE8867B342353F8A446ED45545EF4D8C
Authority key identifier: DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/yTd2H3A-oGOoKaeaX_xIz5Gk5bE.roa
Signing time: Mon 28 Nov 2022 13:58:41 +0000
ROA not before: Mon 28 Nov 2022 13:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43070
IP address blocks: 77.95.40.0/21 maxlen: 21
185.45.136.0/22 maxlen: 22
2a02:910::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:88:67:b3:42:35:3f:8a:44:6e:d4:55:45:ef:4d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Validity
Not Before: Nov 28 13:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c937761f703ea063a829a79a5ffc48cf91a4e5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:61:01:10:ef:e4:53:6a:dc:e8:9d:2e:51:95:
f0:89:65:03:8d:17:53:49:2c:9d:b0:99:3d:be:59:
3d:75:0e:30:af:b4:07:98:47:20:94:52:ee:cf:88:
12:5d:09:ae:45:30:24:5a:69:59:02:08:37:f8:24:
70:2b:54:2e:24:d0:10:2d:2b:c8:36:b7:c5:a4:c4:
a2:d3:7d:03:04:8e:ae:49:91:a0:b3:6a:dc:6f:3c:
53:e5:16:1a:d6:5d:5a:c9:30:55:7b:5d:19:51:2b:
f0:f5:65:66:44:71:bb:9a:17:3b:84:45:6b:39:b1:
92:62:7c:10:35:4f:02:93:cf:bb:af:eb:4e:eb:a4:
42:de:99:5f:7c:a2:76:02:48:c6:88:9e:aa:cd:fe:
95:0f:44:b1:ac:7e:2a:9b:aa:6b:db:5b:1c:3c:bc:
1b:80:d6:37:b0:47:b8:45:18:c6:b8:68:76:fc:67:
99:a5:6e:25:66:78:54:21:ce:1c:cf:24:70:53:e8:
48:31:c9:52:d3:6b:c5:b2:83:42:bb:f6:6a:49:99:
a4:04:da:b0:14:d5:b1:62:0f:4d:f8:43:0b:29:76:
cb:5d:ef:79:fa:74:92:bb:60:e0:d8:19:b0:ec:3e:
73:63:dd:68:b4:bb:db:bf:96:10:ed:0d:51:f1:9b:
bf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:37:76:1F:70:3E:A0:63:A8:29:A7:9A:5F:FC:48:CF:91:A4:E5:B1
X509v3 Authority Key Identifier:
keyid:DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/yTd2H3A-oGOoKaeaX_xIz5Gk5bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.40.0/21
185.45.136.0/22
IPv6:
2a02:910::/32
Signature Algorithm: sha256WithRSAEncryption
81:c6:2f:b9:7b:28:b4:0e:4c:89:0d:54:b0:ae:3b:64:6f:25:
4b:f1:b8:9f:fe:af:b3:11:6f:5e:71:a8:e2:76:db:97:f0:6f:
0d:c0:0b:32:12:57:70:92:4f:62:4e:70:ef:dd:5b:a9:99:fe:
80:c1:1f:16:b2:f7:f7:57:3f:95:8b:ce:ed:20:f0:b2:a9:b7:
fb:46:5f:2f:e7:b0:76:c0:80:b5:e1:3e:44:aa:7e:b4:45:97:
cc:bc:56:f7:44:5c:4f:48:92:c9:b6:af:40:40:57:3f:94:f1:
4b:44:b3:8f:67:a0:47:1a:4b:0d:39:28:61:d9:4d:ea:ca:08:
29:fd:ef:f3:9b:6a:fb:6d:cb:83:7e:7c:ce:58:d8:0f:5c:90:
cd:e4:a5:60:74:19:66:a8:3b:10:e4:23:33:36:bc:09:6c:00:
60:96:fc:47:ea:d0:c8:1a:79:72:42:cc:70:f8:1c:4e:f4:f9:
b0:b8:05:aa:0d:89:24:85:2f:13:1d:a0:0a:73:ed:37:05:50:
3a:f5:c2:9d:26:d6:2a:2b:ad:35:5d:a3:2b:9c:fb:7f:72:3d:
8d:c1:22:62:75:e3:46:0a:3c:b6:bd:15:ee:5d:14:d9:91:dd:
8c:69:38:16:14:9b:74:11:bc:d1:eb:7c:53:f3:be:f1:b4:d6:
37:0e:63:96
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYS+iGezQjU/ikRu1FVF702MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTU3MmZjYmQ2NjVmNzJlMDBlNWZmZGI4ZGI4MDJkMWNi
ZWM4OTQwHhcNMjIxMTI4MTM1ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTM3NzYxZjcwM2VhMDYzYTgyOWE3OWE1ZmZjNDhjZjkxYTRlNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmEBEO/kU2rc6J0uUZXwiWUDjRdT
SSydsJk9vlk9dQ4wr7QHmEcglFLuz4gSXQmuRTAkWmlZAgg3+CRwK1QuJNAQLSvI
NrfFpMSi030DBI6uSZGgs2rcbzxT5RYa1l1ayTBVe10ZUSvw9WVmRHG7mhc7hEVr
ObGSYnwQNU8Ck8+7r+tO66RC3plffKJ2AkjGiJ6qzf6VD0SxrH4qm6pr21scPLwb
gNY3sEe4RRjGuGh2/GeZpW4lZnhUIc4czyRwU+hIMclS02vFsoNCu/ZqSZmkBNqw
FNWxYg9N+EMLKXbLXe95+nSSu2Dg2Bmw7D5zY91otLvbv5YQ7Q1R8Zu/7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMk3dh9wPqBjqCmnml/8SM+RpOWxMB8GA1UdIwQY
MBaAFN6Vcvy9Zl9y4A5f/bjbgC0cvsiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODct
YTkyOTM0Y2IxZGU4LzEveVRkMkgzQS1vR09vS2FlYVhfeEl6NUdrNWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODctYTkyOTM0Y2IxZGU4
LzEvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTV8oAwQC
uS2IMA0EAgACMAcDBQAqAgkQMA0GCSqGSIb3DQEBCwUAA4IBAQCBxi+5eyi0DkyJ
DVSwrjtkbyVL8bif/q+zEW9ecajidtuX8G8NwAsyEldwkk9iTnDv3Vupmf6AwR8W
svf3Vz+Vi87tIPCyqbf7Rl8v57B2wIC14T5Eqn60RZfMvFb3RFxPSJLJtq9AQFc/
lPFLRLOPZ6BHGksNOShh2U3qyggp/e/zm2r7bcuDfnzOWNgPXJDN5KVgdBlmqDsQ
5CMzNrwJbABglvxH6tDIGnlyQsxw+BxO9PmwuAWqDYkkhS8THaAKc+03BVA69cKd
JtYqK601XaMrnPt/cj2NwSJideNGCjy2vRXuXRTZkd2MaTgWFJt0EbzR63xT877x
tNY3DmOW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:38 2024 by rpki-client on console-ams.rpki-client.org