Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/YeK_dsAIOId0NguG4IEiI_OhJoo.roa
File: YeK_dsAIOId0NguG4IEiI_OhJoo.roa (raw, json)
Hash identifier: Oad8jbupqSA9QRzMVepeQSwpRQWdysl9rMfhe9A3LwI=
Subject key identifier: 61:E2:BF:76:C0:08:38:87:74:36:0B:86:E0:81:22:23:F3:A1:26:8A
Certificate issuer: /CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Certificate serial: 02DF6F
Authority key identifier: 00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/YeK_dsAIOId0NguG4IEiI_OhJoo.roa
Signing time: Tue 28 Jun 2022 10:10:02 +0000
ROA not before: Tue 28 Jun 2022 10:10:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50257
IP address blocks: 195.191.4.0/24 maxlen: 24
195.191.4.0/23 maxlen: 23
195.191.5.0/24 maxlen: 24
185.99.4.0/24 maxlen: 24
185.99.5.0/24 maxlen: 24
185.99.6.0/24 maxlen: 24
185.10.172.0/24 maxlen: 24
185.10.172.0/22 maxlen: 22
185.10.172.0/23 maxlen: 23
185.10.173.0/24 maxlen: 24
185.10.174.0/23 maxlen: 23
185.10.174.0/24 maxlen: 24
185.10.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188271 (0x2df6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Validity
Not Before: Jun 28 10:10:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61e2bf76c008388774360b86e0812223f3a1268a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:94:34:87:3d:dc:23:c3:e9:b3:d6:ed:31:a9:
53:6e:e6:20:86:ba:fd:00:f6:34:0b:59:32:b1:b7:
46:2e:b4:18:22:cc:1d:4a:77:59:f2:83:4c:95:74:
db:2e:50:55:98:66:3d:7d:a7:d3:ce:f6:0d:48:d5:
e1:69:c7:44:5e:67:f0:30:97:ce:9b:b6:8b:4d:b8:
3f:2a:c6:e4:3e:46:cc:24:97:6b:f5:59:cd:3e:94:
31:05:35:d2:15:a9:e1:aa:69:2b:70:ac:2e:d9:9a:
0e:c0:23:e2:65:ee:41:36:2a:9a:1c:78:f0:6f:68:
d3:58:7f:e6:bf:49:35:5d:93:7a:ce:a3:75:f1:a1:
48:f4:0e:5f:6b:a8:df:f4:5b:c2:83:95:0b:b9:f8:
81:d6:5e:34:70:2c:a3:aa:21:da:f5:87:42:fe:d6:
97:4f:23:99:72:93:4a:d6:59:be:44:5e:09:73:a0:
35:11:58:e6:ff:79:2d:8b:4b:7d:20:4c:40:77:70:
94:d1:1b:7a:ad:d4:a5:67:01:a3:1c:3f:12:44:11:
60:f0:a6:f2:a9:15:72:08:a4:6f:00:5d:ea:15:61:
3c:c2:42:17:ca:7e:fb:98:8d:7d:56:3c:93:79:b0:
de:0c:f4:2f:46:3b:b7:df:af:27:4f:23:c2:df:1e:
5a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E2:BF:76:C0:08:38:87:74:36:0B:86:E0:81:22:23:F3:A1:26:8A
X509v3 Authority Key Identifier:
keyid:00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/YeK_dsAIOId0NguG4IEiI_OhJoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.172.0/22
185.99.4.0-185.99.6.255
195.191.4.0/23
Signature Algorithm: sha256WithRSAEncryption
31:ab:63:cb:66:02:12:96:e1:d9:ac:3a:6c:b0:23:13:48:12:
b9:fe:5b:b1:34:6f:34:6b:8b:48:35:c2:74:9d:be:14:29:06:
27:7d:bb:d4:77:b6:a2:7f:ba:f1:ae:2b:fa:41:99:66:45:40:
d5:c8:df:c8:21:64:d5:af:99:95:cf:c8:58:43:64:d0:92:67:
21:8f:3d:62:53:e0:e4:df:4e:f8:97:1d:40:8d:a2:78:2a:e6:
72:05:1c:c4:13:b9:dc:76:25:f7:05:c2:bb:02:7d:2e:7d:73:
a4:c6:1a:06:98:ed:98:e1:7b:dc:01:2c:0c:3f:30:2f:97:0d:
47:bd:b7:d3:00:c1:03:ab:4b:4d:e6:3c:40:8f:2a:c2:41:e3:
3a:7a:26:b3:74:d7:4d:52:19:a3:a1:91:f6:62:6b:92:68:c4:
96:19:b1:c9:97:57:a7:f9:c3:02:7f:4e:1c:7d:22:f4:4c:0d:
bc:68:0c:c6:85:1a:47:ca:62:9a:ce:dd:fa:14:ec:87:c7:4d:
b4:88:c7:12:ac:79:c3:06:7a:80:8f:bd:a6:df:97:66:13:ac:
b2:f9:f4:56:9d:58:0c:8e:66:d4:46:8d:3f:9e:66:b0:37:f1:
6e:ab:20:df:f0:7b:6f:c8:c6:91:b3:bc:91:f3:4b:41:bc:09:
20:29:98:38
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIDAt9vMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAw
MmM4ODY1YmMyYTA3ZTRhY2ZlYjI2M2I0ZDljZjYyNDYwZmQ1MjMwHhcNMjIwNjI4
MTAxMDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MWUyYmY3NmMwMDgz
ODg3NzQzNjBiODZlMDgxMjIyM2YzYTEyNjhhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh5Q0hz3cI8Pps9btMalTbuYghrr9APY0C1kysbdGLrQYIswd
SndZ8oNMlXTbLlBVmGY9fafTzvYNSNXhacdEXmfwMJfOm7aLTbg/KsbkPkbMJJdr
9VnNPpQxBTXSFanhqmkrcKwu2ZoOwCPiZe5BNiqaHHjwb2jTWH/mv0k1XZN6zqN1
8aFI9A5fa6jf9FvCg5ULufiB1l40cCyjqiHa9YdC/taXTyOZcpNK1lm+RF4Jc6A1
EVjm/3kti0t9IExAd3CU0Rt6rdSlZwGjHD8SRBFg8KbyqRVyCKRvAF3qFWE8wkIX
yn77mI19VjyTebDeDPQvRju3368nTyPC3x5agQIDAQABo4ICHTCCAhkwHQYDVR0O
BBYEFGHiv3bACDiHdDYLhuCBIiPzoSaKMB8GA1UdIwQYMBaAFAAsiGW8KgfkrP6y
Y7TZz2JGD9UjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjItYTYwYzIwYzhmNzE3LzEv
WWVLX2RzQUlPSWQwTmd1RzRJRWlJX09oSm9vLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9k
N2ZhZGMtMWViZi00MmRhLTliMjItYTYwYzIwYzhmNzE3LzEvQUN5SVpid3FCLVNz
X3JKanROblBZa1lQMVNNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDMG
CCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuQqsMAwDBAK5YwQDBAC5YwYDBAHD
vwQwDQYJKoZIhvcNAQELBQADggEBADGrY8tmAhKW4dmsOmywIxNIErn+W7E0bzRr
i0g1wnSdvhQpBid9u9R3tqJ/uvGuK/pBmWZFQNXI38ghZNWvmZXPyFhDZNCSZyGP
PWJT4OTfTviXHUCNongq5nIFHMQTudx2JfcFwrsCfS59c6TGGgaY7Zjhe9wBLAw/
MC+XDUe9t9MAwQOrS03mPECPKsJB4zp6JrN0101SGaOhkfZia5JoxJYZscmXV6f5
wwJ/Thx9IvRMDbxoDMaFGkfKYprO3foU7IfHTbSIxxKsecMGeoCPvabfl2YTrLL5
9FadWAyOZtRGjT+eZrA38W6rIN/we2/IxpGzvJHzS0G8CSApmDg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:04 2024 by rpki-client on console-ams.rpki-client.org