Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/y3etBIuYylYCzzyaH8Z5fZEMeeg.roa
File: y3etBIuYylYCzzyaH8Z5fZEMeeg.roa (raw, json)
Hash identifier: EALL6JhgTX4NEdM5R/bTZvcicJRDt3kBYyLlA4IQ5ac=
Subject key identifier: CB:77:AD:04:8B:98:CA:56:02:CF:3C:9A:1F:C6:79:7D:91:0C:79:E8
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 07816454
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/y3etBIuYylYCzzyaH8Z5fZEMeeg.roa
Signing time: Tue 01 Mar 2022 11:47:45 +0000
ROA not before: Tue 01 Mar 2022 11:47:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.96.0/21 maxlen: 21
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.64.0/19 maxlen: 24
2a02:fe9::/32 maxlen: 48
2a02:fe8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125920340 (0x7816454)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Mar 1 11:47:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb77ad048b98ca5602cf3c9a1fc6797d910c79e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:d8:53:43:9a:15:7d:59:75:b8:ee:d6:3f:
92:34:c4:fd:d2:9a:e2:3d:2c:b1:0e:b0:c1:01:2d:
be:da:bb:b4:e4:d1:3b:fb:4e:e3:18:d2:1f:5b:0f:
32:b4:74:64:b8:9a:1b:69:fd:11:07:64:bc:d7:08:
2e:69:12:2a:65:5c:82:39:4a:80:b2:25:77:4d:3a:
34:5f:41:48:ce:80:4b:ca:61:8e:b5:e9:2b:0c:1e:
dd:90:d6:78:0d:03:08:f3:7b:a6:2b:7f:be:3a:f1:
5e:f2:a4:e4:ae:cd:7b:f8:0c:fc:8f:8a:2f:f6:8f:
94:65:a8:50:be:6a:8e:37:f2:7c:2c:24:5c:40:6b:
6b:c3:77:74:60:9b:40:76:96:64:0f:eb:c7:3d:85:
74:60:69:50:05:04:3a:59:88:0e:b4:16:e9:bd:07:
cc:01:ba:a1:56:09:20:93:69:b9:e3:64:b0:7b:05:
aa:9e:8e:a7:80:a1:62:82:86:77:18:60:27:ce:81:
43:6d:77:02:73:d2:3a:b9:df:13:16:9c:55:e3:47:
28:ad:db:4c:e0:a3:ea:d1:b6:8f:10:81:30:3d:93:
1e:ca:1f:2d:3e:66:07:1e:cf:41:23:1d:68:53:0d:
e9:3c:d9:f4:62:a9:ef:ad:27:23:bc:49:48:89:95:
c5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:77:AD:04:8B:98:CA:56:02:CF:3C:9A:1F:C6:79:7D:91:0C:79:E8
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/y3etBIuYylYCzzyaH8Z5fZEMeeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.192.0-144.178.247.255
185.184.204.0/22
IPv6:
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
68:a3:70:2d:81:5e:14:b9:42:88:11:73:29:bb:c8:e5:46:0d:
ce:a9:ba:3b:75:2a:fd:a8:3f:fa:17:31:72:79:1f:fb:cc:75:
0f:c9:03:b8:78:4f:df:3a:e7:d5:ef:09:6a:b3:71:bd:5c:e3:
e1:1c:f5:5f:d6:9a:51:41:54:c6:54:c6:d0:2a:62:4b:39:b1:
b4:f5:79:ed:9d:4d:e5:e8:f3:b0:c1:97:e9:7f:de:e0:1a:c8:
74:a8:b8:32:18:92:6d:5d:d9:f1:0d:8f:8c:a5:0c:ea:c5:9a:
b9:d5:ce:f0:5d:e7:f3:79:ce:4f:33:20:5f:83:ed:a1:39:7c:
ce:6b:71:c0:05:b2:92:48:f5:13:1a:5a:51:99:25:28:69:4e:
60:e8:82:ae:3b:5e:46:d3:b4:72:11:f0:57:d4:6c:27:93:28:
af:f9:89:f1:f0:67:11:99:90:df:7c:25:24:01:70:26:cb:f4:
82:28:f0:c5:4e:93:32:6d:f3:6e:19:5a:12:9c:07:73:c9:90:
15:cd:d7:c4:6b:84:4b:be:54:88:2c:0f:4f:f6:5c:a0:0c:14:
41:07:e5:bb:30:9c:4d:c1:56:f1:cd:a8:8f:cc:78:1c:6c:a0:
83:06:e8:51:4b:06:ce:62:02:8e:e1:83:2a:bf:c1:6b:eb:20:
bd:46:a1:7a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIEB4FkVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODY1ODBlMThhZDZmZjhkYzk0MmJlODgzYzE2ZGU4YjczMWY5NjA1MB4XDTIyMDMw
MTExNDc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I3N2FkMDQ4Yjk4
Y2E1NjAyY2YzYzlhMWZjNjc5N2Q5MTBjNzllODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKl22FNDmhV9WXW47tY/kjTE/dKa4j0ssQ6wwQEtvtq7tOTR
O/tO4xjSH1sPMrR0ZLiaG2n9EQdkvNcILmkSKmVcgjlKgLIld006NF9BSM6AS8ph
jrXpKwwe3ZDWeA0DCPN7pit/vjrxXvKk5K7Ne/gM/I+KL/aPlGWoUL5qjjfyfCwk
XEBra8N3dGCbQHaWZA/rxz2FdGBpUAUEOlmIDrQW6b0HzAG6oVYJIJNpueNksHsF
qp6Op4ChYoKGdxhgJ86BQ213AnPSOrnfExacVeNHKK3bTOCj6tG2jxCBMD2THsof
LT5mBx7PQSMdaFMN6TzZ9GKp760nI7xJSImVxe8CAwEAAaOCAkAwggI8MB0GA1Ud
DgQWBBTLd60Ei5jKVgLPPJofxnl9kQx56DAfBgNVHSMEGDAWgBSoZYDhitb/jclC
vog8Ft6Lcx+WBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FHV0E0WXJXXzQzSlFyNklQQmJlaTNNZmxnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8x
L3kzZXRCSXVZeWxZQ3p6eWFIOFo1ZlpFTWVlZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8xL3FHV0E0WXJXXzQz
SlFyNklQQmJlaTNNZmxnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBW
BggrBgEFBQcBBwEB/wRHMEUwNAQCAAEwLgMEBVkUoAMEA11f+DAMAwQGkLJAAwQD
kLJgMAwDBAaQssADBAOQsvADBAK5uMwwDQQCAAIwBwMFASoCD+gwDQYJKoZIhvcN
AQELBQADggEBAGijcC2BXhS5QogRcym7yOVGDc6pujt1Kv2oP/oXMXJ5H/vMdQ/J
A7h4T98659XvCWqzcb1c4+Ec9V/WmlFBVMZUxtAqYks5sbT1ee2dTeXo87DBl+l/
3uAayHSouDIYkm1d2fENj4ylDOrFmrnVzvBd5/N5zk8zIF+D7aE5fM5rccAFspJI
9RMaWlGZJShpTmDogq47XkbTtHIR8FfUbCeTKK/5ifHwZxGZkN98JSQBcCbL9IIo
8MVOkzJt824ZWhKcB3PJkBXN18RrhEu+VIgsD0/2XKAMFEEH5bswnE3BVvHNqI/M
eBxsoIMG6FFLBs5iAo7hgyq/wWvrIL1GoXo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:20 2024 by rpki-client on console-fra.rpki-client.org