Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/y3vT1MkZebuuiBeEsnXEgN4i308.roa
File: y3vT1MkZebuuiBeEsnXEgN4i308.roa (raw, json)
Hash identifier: yhk7IcPjU2S7wJSld2FaoxAics+vyQaq1J0uW8KeKqk=
Subject key identifier: CB:7B:D3:D4:C9:19:79:BB:AE:88:17:84:B2:75:C4:80:DE:22:DF:4F
Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial: 384FF5FB
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/y3vT1MkZebuuiBeEsnXEgN4i308.roa
Signing time: Sat 01 Jan 2022 16:10:54 +0000
ROA not before: Sat 01 Jan 2022 16:10:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25192
IP address blocks: 193.29.206.0/24 maxlen: 30
194.0.14.0/24 maxlen: 30
194.0.12.0/23 maxlen: 30
185.43.132.0/24 maxlen: 24
185.43.132.0/22 maxlen: 22
217.31.192.0/20 maxlen: 30
185.43.133.0/24 maxlen: 24
185.43.134.0/24 maxlen: 24
185.43.135.0/24 maxlen: 24
2001:678:10::/47 maxlen: 64
2001:678:1::/48 maxlen: 64
2001:678:f::/48 maxlen: 64
2001:1488::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 944764411 (0x384ff5fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Validity
Not Before: Jan 1 16:10:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb7bd3d4c91979bbae881784b275c480de22df4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1a:25:86:4f:55:b7:cb:a6:17:91:ff:77:a9:
64:37:c3:6d:95:80:18:0f:28:3c:88:fa:7e:06:8c:
a0:ed:cb:87:6d:24:56:c7:41:0e:15:d8:fb:10:ee:
51:ce:09:f3:04:18:78:2b:0f:a4:c0:d7:d9:f1:fe:
2c:a5:43:0b:57:7d:ec:57:73:d6:3c:e3:49:a0:1d:
00:f5:a7:c2:91:ca:ca:ff:b8:1b:28:45:63:c6:e9:
0c:d6:22:6b:0a:4e:df:4c:fa:90:19:4e:8c:06:36:
c9:40:41:eb:67:4d:e8:c6:80:14:66:02:d5:38:f2:
bc:19:af:da:0d:2c:99:4c:9f:bf:42:7f:1a:5e:51:
9b:29:7e:85:30:12:ce:53:b9:e1:73:46:0c:8f:ee:
3e:68:b5:e8:e6:c9:b8:93:90:19:4b:94:47:f7:35:
d6:d5:e4:da:7a:d1:55:2f:a7:4d:83:b3:22:93:2e:
82:4e:82:49:d1:16:ed:8e:d8:dc:4e:6f:da:c3:03:
dd:e3:ad:6c:fa:a2:fb:3c:5f:b5:a1:bb:1c:1d:a1:
7f:99:f6:7e:1b:af:6f:cd:0e:ac:18:79:ea:53:92:
ff:55:0d:f8:b5:40:cb:00:e4:aa:3a:9a:dd:f8:35:
f3:10:ba:f8:91:4f:8e:85:52:3e:60:fa:87:c8:a9:
8e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7B:D3:D4:C9:19:79:BB:AE:88:17:84:B2:75:C4:80:DE:22:DF:4F
X509v3 Authority Key Identifier:
keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/y3vT1MkZebuuiBeEsnXEgN4i308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.132.0/22
193.29.206.0/24
194.0.12.0-194.0.14.255
217.31.192.0/20
IPv6:
2001:678:1::/48
2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff
2001:1488::/32
Signature Algorithm: sha256WithRSAEncryption
1a:cd:e6:d7:84:20:e6:ee:b1:08:b3:61:1e:0e:f2:f9:44:f8:
ae:04:b0:07:22:a0:23:01:36:33:61:69:2a:cc:80:ff:85:9d:
f0:ed:40:0d:83:e9:21:47:81:57:96:d8:d1:bc:9e:e3:b8:6b:
00:ea:3c:81:5c:00:46:c6:46:85:35:51:6d:b1:ca:cb:4c:af:
0d:c1:2f:23:14:58:26:c8:32:b9:a3:44:7c:a3:b2:74:5b:9b:
44:74:1c:c5:96:ab:25:5a:25:ed:92:44:13:33:ad:8b:fc:4b:
3d:b9:34:2e:f0:a6:7e:aa:2d:ad:0b:a6:81:cf:6d:81:a0:dd:
86:45:f0:63:aa:15:8c:a4:c1:57:42:2d:ab:08:c2:47:20:11:
43:a8:99:32:c7:5a:81:60:60:d6:06:90:21:49:2b:5a:aa:20:
6f:ae:23:77:61:d4:08:58:4e:01:ff:cc:e1:d7:66:cb:86:b1:
5c:c5:7a:66:68:f2:70:43:54:33:eb:a9:d1:7d:ee:ff:ff:14:
e3:6c:11:b0:a6:b6:19:49:32:be:8b:ef:ae:a6:da:e4:93:3a:
17:ec:cd:5d:c1:83:29:e0:9c:4b:46:5f:9b:60:80:a0:66:44:
7c:ea:6b:05:a3:ef:38:93:03:2c:06:a8:bd:13:49:68:a9:35:
be:27:97:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEOE/1+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YTU3ZmZlODIyYjNiYTdiYzE5NGRiN2E3MzRjODVlZmNlZjJmMjgzMB4XDTIyMDEw
MTE2MTA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I3YmQzZDRjOTE5
NzliYmFlODgxNzg0YjI3NWM0ODBkZTIyZGY0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8aJYZPVbfLpheR/3epZDfDbZWAGA8oPIj6fgaMoO3Lh20k
VsdBDhXY+xDuUc4J8wQYeCsPpMDX2fH+LKVDC1d97Fdz1jzjSaAdAPWnwpHKyv+4
GyhFY8bpDNYiawpO30z6kBlOjAY2yUBB62dN6MaAFGYC1TjyvBmv2g0smUyfv0J/
Gl5Rmyl+hTASzlO54XNGDI/uPmi16ObJuJOQGUuUR/c11tXk2nrRVS+nTYOzIpMu
gk6CSdEW7Y7Y3E5v2sMD3eOtbPqi+zxftaG7HB2hf5n2fhuvb80OrBh56lOS/1UN
+LVAywDkqjqa3fg18xC6+JFPjoVSPmD6h8ipji0CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBTLe9PUyRl5u66IF4SydcSA3iLfTzAfBgNVHSMEGDAWgBRqV//oIrO6e8GU
23pzTIXvzvLygzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FsZl82Q0t6dW52QmxOdDZjMHlGNzg3eThvTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvYWZlZjEyLTFmMDgtNGI0Ni05NDdiLWNhMGM2MjYyMTA5OC8x
L3kzdlQxTWtaZWJ1dWlCZUVzblhFZ040aTMwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
YWZlZjEyLTFmMDgtNGI0Ni05NDdiLWNhMGM2MjYyMTA5OC8xL2FsZl82Q0t6dW52
QmxOdDZjMHlGNzg3eThvTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwJgQCAAEwIAMEArkrhAMEAMEdzjAMAwQCwgAMAwQA
wgAOAwQE2R/AMCoEAgACMCQDBwAgAQZ4AAEwEgMHACABBngADwMHASABBngAEAMF
ACABFIgwDQYJKoZIhvcNAQELBQADggEBABrN5teEIObusQizYR4O8vlE+K4EsAci
oCMBNjNhaSrMgP+FnfDtQA2D6SFHgVeW2NG8nuO4awDqPIFcAEbGRoU1UW2xystM
rw3BLyMUWCbIMrmjRHyjsnRbm0R0HMWWqyVaJe2SRBMzrYv8Sz25NC7wpn6qLa0L
poHPbYGg3YZF8GOqFYykwVdCLasIwkcgEUOomTLHWoFgYNYGkCFJK1qqIG+uI3dh
1AhYTgH/zOHXZsuGsVzFemZo8nBDVDPrqdF97v//FONsEbCmthlJMr6L766m2uST
OhfszV3BgyngnEtGX5tggKBmRHzqawWj7ziTAywGqL0TSWipNb4nlxs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:54 2024 by rpki-client on console-ams.rpki-client.org