Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Yc79JyM_GsBCQhClM7nOdMp4lsQ.roa
File: Yc79JyM_GsBCQhClM7nOdMp4lsQ.roa (raw, json)
Hash identifier: /P0sbLvne0KgFpKdaB0pgo76CF9/aJHjkSaIZTfqnpU=
Subject key identifier: 61:CE:FD:27:23:3F:1A:C0:42:42:10:A5:33:B9:CE:74:CA:78:96:C4
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 1775BF50
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Yc79JyM_GsBCQhClM7nOdMp4lsQ.roa
Signing time: Wed 15 Jun 2022 18:41:44 +0000
ROA not before: Wed 15 Jun 2022 18:41:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 212.68.166.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.164.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
212.68.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 393592656 (0x1775bf50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jun 15 18:41:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61cefd27233f1ac0424210a533b9ce74ca7896c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:62:4b:89:3e:82:13:2f:6e:d9:2c:da:6e:
33:a0:25:bb:ae:9f:b8:fa:20:06:c1:a9:0f:22:e0:
38:14:fa:db:5e:d7:64:cc:3e:0e:54:27:7f:dc:cf:
88:a0:b7:2a:a4:d9:80:8d:fd:e4:25:19:67:26:09:
61:a1:38:e4:ce:69:7f:ac:69:b8:80:b6:50:fa:9f:
1d:d2:ac:e9:40:e8:e7:d9:7b:2c:b3:ff:e9:12:3f:
b5:3f:43:a3:6d:2e:7f:cb:c5:2f:4d:42:f7:a6:24:
24:68:39:2a:f3:36:1a:a5:4c:05:1b:e5:7e:2d:f7:
15:b7:e3:c9:7c:88:f7:48:f9:70:79:4c:2e:d5:5b:
a0:b8:9f:aa:48:e9:0c:4c:f3:c0:5a:e7:00:8d:f8:
8f:34:4c:7f:44:02:0b:99:c6:b6:23:44:c9:14:5a:
57:ce:41:ae:54:16:60:98:85:58:f9:32:c6:10:df:
ba:34:ae:df:57:7b:aa:a1:43:04:c4:c9:ec:46:66:
03:f1:3b:de:93:1b:fd:8d:42:4c:7e:e9:18:54:0e:
81:be:08:2e:e6:f7:66:15:01:26:dd:28:2a:12:67:
0e:b2:57:2e:ad:dd:f1:be:c1:65:c1:7c:91:0e:c7:
c8:5f:3c:be:c6:0b:54:0a:f5:fc:eb:be:2b:04:cd:
12:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CE:FD:27:23:3F:1A:C0:42:42:10:A5:33:B9:CE:74:CA:78:96:C4
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/Yc79JyM_GsBCQhClM7nOdMp4lsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0/22
212.68.188.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:73:f5:27:93:2c:c5:18:52:9e:20:45:e1:60:e0:91:71:77:
52:48:95:3e:5d:a9:87:a5:d4:5a:55:e6:8d:36:18:63:f0:32:
b9:bf:ff:23:56:54:2c:c8:55:33:e6:3d:08:c8:ea:e7:90:b1:
ea:02:91:4d:ea:cd:26:35:6e:62:e4:1f:fb:06:37:ab:de:5d:
5a:c4:90:f7:b6:17:0f:86:d7:92:72:ba:01:7e:90:36:73:ac:
e7:9c:44:2f:31:5f:96:80:a2:fd:ec:9a:30:0f:4e:b6:02:3f:
ba:c0:08:1b:c2:55:3f:d9:f9:84:e6:7c:ef:87:f1:fe:e6:95:
31:3d:4a:b6:8a:c6:e7:32:de:9d:e1:b1:14:fd:98:7b:56:ac:
05:77:24:fd:db:e6:b8:74:33:df:8a:69:b9:78:df:39:7d:e4:
42:56:b0:7e:34:90:bb:3f:e0:57:f8:f2:b7:3e:3d:24:31:3b:
a6:f1:fa:f7:a7:f5:c4:c1:96:79:c8:bc:de:16:5e:05:1a:35:
41:8d:0a:ba:d0:a2:b7:cb:6a:8c:6d:98:3e:fb:e7:04:29:ca:
84:8d:90:77:69:b3:bc:c9:0f:5d:da:da:da:2f:cc:59:3e:d8:
35:de:b5:e3:eb:af:f9:28:5f:22:79:a6:c0:5f:39:90:eb:b5:
bf:c8:87:29
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF3W/UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmJhZDNkZTgzMWRhOTQyMjJjMWFkZDEwNGNhZjRjMzI0NzY4OWFjMB4XDTIyMDYx
NTE4NDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFjZWZkMjcyMzNm
MWFjMDQyNDIxMGE1MzNiOWNlNzRjYTc4OTZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzZYkuJPoITL27ZLNpuM6Alu66fuPogBsGpDyLgOBT6217X
ZMw+DlQnf9zPiKC3KqTZgI395CUZZyYJYaE45M5pf6xpuIC2UPqfHdKs6UDo59l7
LLP/6RI/tT9Do20uf8vFL01C96YkJGg5KvM2GqVMBRvlfi33FbfjyXyI90j5cHlM
LtVboLifqkjpDEzzwFrnAI34jzRMf0QCC5nGtiNEyRRaV85BrlQWYJiFWPkyxhDf
ujSu31d7qqFDBMTJ7EZmA/E73pMb/Y1CTH7pGFQOgb4ILub3ZhUBJt0oKhJnDrJX
Lq3d8b7BZcF8kQ7HyF88vsYLVAr1/Ou+KwTNEnsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRhzv0nIz8awEJCEKUzuc50yniWxDAfBgNVHSMEGDAWgBSrutPegx2pQiLB
rdEEyvTDJHaJrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E3clQzb01kcVVJaXdhM1JCTXIwd3lSMmlhdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8x
L1ljNzlKeU1fR3NCQ1FoQ2xNN25PZE1wNGxzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8xL3E3clQzb01kcVVJ
aXdhM1JCTXIwd3lSMmlhdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAtREpAMEAtREvDANBgkqhkiG9w0B
AQsFAAOCAQEAHHP1J5MsxRhSniBF4WDgkXF3UkiVPl2ph6XUWlXmjTYYY/Ayub//
I1ZULMhVM+Y9CMjq55Cx6gKRTerNJjVuYuQf+wY3q95dWsSQ97YXD4bXknK6AX6Q
NnOs55xELzFfloCi/eyaMA9OtgI/usAIG8JVP9n5hOZ874fx/uaVMT1KtorG5zLe
neGxFP2Ye1asBXck/dvmuHQz34ppuXjfOX3kQlawfjSQuz/gV/jytz49JDE7pvH6
96f1xMGWeci83hZeBRo1QY0KutCit8tqjG2YPvvnBCnKhI2Qd2mzvMkPXdra2i/M
WT7YNd614+uv+ShfInmmwF85kOu1v8iHKQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org