Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/YCHAqAsKNoY1yx2pm2axec90vZI.roa
File: YCHAqAsKNoY1yx2pm2axec90vZI.roa (raw, json)
Hash identifier: el8egfxCchsfsMiLllhp1dzAhVwkO69XbGdS+nJ+UbQ=
Subject key identifier: 60:21:C0:A8:0B:0A:36:86:35:CB:1D:A9:9B:66:B1:79:CF:74:BD:92
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FC28F45
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/YCHAqAsKNoY1yx2pm2axec90vZI.roa
Signing time: Sat 01 Jan 2022 10:04:55 +0000
ROA not before: Sat 01 Jan 2022 10:04:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197727
IP address blocks: 194.151.12.0/24 maxlen: 24
185.15.165.0/24 maxlen: 24
185.15.164.0/22 maxlen: 22
185.15.167.0/24 maxlen: 24
194.151.85.0/24 maxlen: 24
194.151.86.0/24 maxlen: 24
2001:67c:21ac::/48 maxlen: 48
2a03:ca40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 801279813 (0x2fc28f45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6021c0a80b0a368635cb1da99b66b179cf74bd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2c:1b:38:00:db:15:90:f0:9d:9d:85:fa:76:
ba:9e:96:ae:ef:35:ea:b7:b8:9e:88:4c:6d:5e:a0:
57:32:4e:61:f0:89:9b:13:28:f6:a9:9b:7a:86:3a:
5f:97:97:32:55:e6:0d:11:0b:51:00:e4:0c:e7:40:
ce:6d:dd:4b:0a:37:58:f7:61:8b:e4:a8:10:da:d7:
4b:d5:9b:b0:3e:2a:e8:bf:71:fe:70:d1:42:fe:88:
63:81:46:51:54:bf:c7:84:44:cb:fc:36:db:41:ee:
7f:59:30:f2:0f:91:07:59:1b:ed:16:bc:79:6e:e5:
37:f3:86:4f:04:e7:e4:ad:f3:ad:a8:56:65:84:af:
9a:9e:d6:b2:ab:02:c6:b9:23:9d:43:84:dd:97:03:
8f:58:52:bd:94:50:93:4f:5b:55:21:a4:ce:a6:58:
b8:96:2b:6a:90:73:b1:b7:d2:bf:4c:65:de:fd:14:
99:14:39:b6:4d:8b:a4:d8:4d:38:6e:38:10:0b:9c:
cc:ff:e1:68:cc:72:4e:14:60:c3:4b:6d:4d:64:99:
50:01:a6:2c:ee:ca:87:c1:9e:6f:4a:c5:7a:b1:43:
a8:c4:08:24:e3:17:07:2a:00:74:b5:db:15:c2:8d:
ce:aa:1f:09:66:28:66:31:d5:2e:70:cb:99:9e:16:
27:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:21:C0:A8:0B:0A:36:86:35:CB:1D:A9:9B:66:B1:79:CF:74:BD:92
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/YCHAqAsKNoY1yx2pm2axec90vZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.164.0/22
194.151.12.0/24
194.151.85.0-194.151.86.255
IPv6:
2001:67c:21ac::/48
2a03:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
92:23:b1:0f:e0:8e:50:16:d9:f5:a5:5f:ba:5a:3c:9b:58:eb:
95:6c:fb:ab:2a:00:42:e8:16:c8:10:49:8d:67:de:83:2c:42:
80:b5:a4:cb:78:04:bf:43:af:86:7d:60:20:23:3a:4f:00:bd:
e9:a8:6c:7f:68:7f:bb:04:51:02:7f:8f:5c:77:01:34:2f:5d:
18:7e:83:5c:74:73:9f:ee:62:6a:11:71:a2:1a:18:24:ee:71:
a7:7b:51:fe:d7:03:6d:48:3b:f6:37:ec:bb:38:8f:f4:b8:3d:
88:d1:89:fa:03:db:83:03:b9:1f:ed:41:0b:f6:37:68:90:92:
e0:69:cc:4b:df:76:9e:64:4b:3a:ae:86:90:ad:6e:77:ac:d5:
e1:58:70:77:e0:ca:91:2a:95:be:85:d8:5f:0a:cc:83:94:f6:
c3:29:a9:b5:5c:32:22:75:fe:87:be:9b:a7:df:a6:f4:a8:45:
bc:e4:8d:1e:88:a0:48:60:9c:7a:26:b0:60:b4:b0:dc:e0:8a:
cb:87:d9:34:2a:46:43:bf:52:bc:c0:a8:d9:e8:47:f0:14:c6:
21:78:a7:c4:15:14:99:59:8f:00:28:4c:42:d7:a2:ab:81:e4:
13:de:82:27:67:c8:28:95:f5:db:a7:19:3f:bd:12:c3:53:d2:
9b:76:86:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEL8KPRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjAyMWMwYTgwYjBh
MzY4NjM1Y2IxZGE5OWI2NmIxNzljZjc0YmQ5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKosGzgA2xWQ8J2dhfp2up6Wru816re4nohMbV6gVzJOYfCJ
mxMo9qmbeoY6X5eXMlXmDRELUQDkDOdAzm3dSwo3WPdhi+SoENrXS9WbsD4q6L9x
/nDRQv6IY4FGUVS/x4REy/w220Huf1kw8g+RB1kb7Ra8eW7lN/OGTwTn5K3zrahW
ZYSvmp7WsqsCxrkjnUOE3ZcDj1hSvZRQk09bVSGkzqZYuJYrapBzsbfSv0xl3v0U
mRQ5tk2LpNhNOG44EAuczP/haMxyThRgw0ttTWSZUAGmLO7Kh8Geb0rFerFDqMQI
JOMXByoAdLXbFcKNzqofCWYoZjHVLnDLmZ4WJ98CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRgIcCoCwo2hjXLHambZrF5z3S9kjAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
L1lDSEFxQXNLTm9ZMXl4MnBtMmF4ZWM5MHZaSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowIAQCAAEwGgMEArkPpAMEAMKXDDAMAwQAwpdVAwQA
wpdWMBYEAgACMBADBwAgAQZ8IawDBQAqA8pAMA0GCSqGSIb3DQEBCwUAA4IBAQCS
I7EP4I5QFtn1pV+6WjybWOuVbPurKgBC6BbIEEmNZ96DLEKAtaTLeAS/Q6+GfWAg
IzpPAL3pqGx/aH+7BFECf49cdwE0L10YfoNcdHOf7mJqEXGiGhgk7nGne1H+1wNt
SDv2N+y7OI/0uD2I0Yn6A9uDA7kf7UEL9jdokJLgacxL33aeZEs6roaQrW53rNXh
WHB34MqRKpW+hdhfCsyDlPbDKam1XDIidf6Hvpun36b0qEW85I0eiKBIYJx6JrBg
tLDc4IrLh9k0KkZDv1K8wKjZ6EfwFMYheKfEFRSZWY8AKExC16KrgeQT3oInZ8go
lfXbpxk/vRLDU9KbdoZ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org