Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/yddVwtlffAKdkNKHSVsrtIz93Xc.roa
File: yddVwtlffAKdkNKHSVsrtIz93Xc.roa (raw, json)
Hash identifier: 1BVrYGxGpgWqO0AfHbNxXf9FSCZZDO7bcs1lQYffi9A=
Subject key identifier: C9:D7:55:C2:D9:5F:7C:02:9D:90:D2:87:49:5B:2B:B4:8C:FD:DD:77
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0D3551A6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/yddVwtlffAKdkNKHSVsrtIz93Xc.roa
Signing time: Tue 08 Feb 2022 10:23:09 +0000
ROA not before: Tue 08 Feb 2022 10:23:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 185.121.122.0/23 maxlen: 24
185.121.121.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.196.0/22 maxlen: 24
45.144.226.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
62.197.138.0/23 maxlen: 24
193.239.164.0/23 maxlen: 24
62.197.137.0/24 maxlen: 24
62.197.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221598118 (0xd3551a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 10:23:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9d755c2d95f7c029d90d287495b2bb48cfddd77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6e:5b:bd:c1:6d:a6:67:c3:8d:5b:5d:e7:fe:
c4:f2:c1:40:14:f1:ae:2a:83:6e:f4:7c:5c:9f:e8:
3b:6f:2f:f9:55:98:af:ca:06:64:ad:1d:da:85:a6:
83:5f:86:75:0d:b6:bc:15:e6:f2:9d:5b:83:fb:ce:
b7:79:9e:d7:82:83:88:15:be:38:92:da:5e:85:a8:
17:c5:df:21:3e:6d:79:79:f9:08:4f:dd:32:b2:f7:
59:bb:ad:7e:58:d4:c7:1a:8f:7b:0d:4e:1e:7b:5d:
68:e5:e4:43:57:f4:a0:3c:1c:25:95:b5:93:c1:35:
ae:cb:1b:4b:2c:76:c6:74:b0:52:41:99:c5:cb:91:
fd:1d:7a:20:00:95:ad:39:70:44:19:ce:37:e6:7c:
3a:b4:61:e0:35:b9:c0:64:fd:99:b3:95:33:18:62:
0b:f7:43:ae:b4:68:e8:a8:6e:f7:3a:95:6a:c5:df:
ef:90:15:d5:1d:b2:a6:d3:a2:e8:5d:2e:58:55:4d:
1f:2f:65:5e:f9:d6:af:d5:ae:ef:21:4f:ba:e8:03:
96:5c:b4:d8:4b:ff:45:aa:a6:7d:4f:6c:ca:a6:0f:
b9:aa:ca:59:3d:88:f8:b1:1e:b7:d0:80:19:9a:77:
75:cb:02:26:ec:6a:4a:be:93:00:af:ab:88:3c:53:
92:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D7:55:C2:D9:5F:7C:02:9D:90:D2:87:49:5B:2B:B4:8C:FD:DD:77
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/yddVwtlffAKdkNKHSVsrtIz93Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/23
62.197.137.0-62.197.143.255
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.196.0/22
Signature Algorithm: sha256WithRSAEncryption
93:60:07:df:b5:46:63:de:03:b0:f3:3e:fb:a9:85:9d:35:31:
93:10:f1:92:05:ed:dd:3d:7f:de:28:d5:5e:cd:9a:99:7b:7c:
c6:ec:0b:27:90:3d:b8:80:82:04:91:d9:6d:cb:4f:cb:63:29:
1c:aa:bf:e1:9d:2c:d7:43:86:4f:7a:a1:51:1f:a4:f0:1e:3f:
89:44:d1:77:95:3c:5f:49:f0:c8:61:11:99:c0:68:79:73:57:
b0:57:87:d8:1e:71:3f:4b:ec:21:c0:f3:9f:b2:0b:6c:e6:ae:
c8:d3:79:4d:1d:ad:8c:84:5b:9c:89:6e:31:ee:c5:32:1c:0d:
54:d6:21:bc:e6:11:24:b4:bb:0b:2b:94:a2:0a:dc:19:21:c4:
7d:87:dd:20:5a:42:6a:7d:44:4a:6e:cf:e4:3c:1b:e0:b9:84:
2c:7b:fb:88:da:8a:14:3c:16:d5:b1:37:3e:98:90:0b:ff:3a:
37:65:a0:9e:b0:c9:70:83:91:d2:08:74:c5:dc:a6:35:d6:5a:
9d:46:ea:3f:8f:b5:f2:1b:d4:98:60:a9:da:19:84:0f:38:7c:
10:42:89:70:be:db:81:1f:10:ba:15:f4:7b:af:88:9e:f5:0c:
07:e1:84:5a:8e:f8:cc:75:73:d1:4b:a7:ce:79:87:7d:54:32:
24:9a:d7:f4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEDTVRpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDIw
ODEwMjMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzlkNzU1YzJkOTVm
N2MwMjlkOTBkMjg3NDk1YjJiYjQ4Y2ZkZGQ3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJuW73BbaZnw41bXef+xPLBQBTxriqDbvR8XJ/oO28v+VWY
r8oGZK0d2oWmg1+GdQ22vBXm8p1bg/vOt3me14KDiBW+OJLaXoWoF8XfIT5teXn5
CE/dMrL3WbutfljUxxqPew1OHntdaOXkQ1f0oDwcJZW1k8E1rssbSyx2xnSwUkGZ
xcuR/R16IACVrTlwRBnON+Z8OrRh4DW5wGT9mbOVMxhiC/dDrrRo6Khu9zqVasXf
75AV1R2yptOi6F0uWFVNHy9lXvnWr9Wu7yFPuugDlly02Ev/RaqmfU9syqYPuarK
WT2I+LEet9CAGZp3dcsCJuxqSr6TAK+riDxTkg0CAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBTJ11XC2V98Ap2Q0odJWyu0jP3ddzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L3lkZFZ3dGxmZkFLZGtOS0hTVnNydEl6OTNYYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAS2Q4jAMAwQAPsWJAwQEPsWAMAwD
BAC5eXkDBAK5eXgDBAC57/MDBAHB76QDBALcnsQwDQYJKoZIhvcNAQELBQADggEB
AJNgB9+1RmPeA7DzPvuphZ01MZMQ8ZIF7d09f94o1V7Nmpl7fMbsCyeQPbiAggSR
2W3LT8tjKRyqv+GdLNdDhk96oVEfpPAeP4lE0XeVPF9J8MhhEZnAaHlzV7BXh9ge
cT9L7CHA85+yC2zmrsjTeU0drYyEW5yJbjHuxTIcDVTWIbzmESS0uwsrlKIK3Bkh
xH2H3SBaQmp9REpuz+Q8G+C5hCx7+4jaihQ8FtWxNz6YkAv/OjdloJ6wyXCDkdII
dMXcpjXWWp1G6j+PtfIb1JhgqdoZhA84fBBCiXC+24EfELoV9HuviJ71DAfhhFqO
+Mx1c9FLp855h31UMiSa1/Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org