Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/yj1vwfQZINHxbGTTVomZ52U4Htg.roa
File: yj1vwfQZINHxbGTTVomZ52U4Htg.roa (raw, json)
Hash identifier: rVGeJp8GVY3OCecuVZwQ8JfJjMq9ICCXO1qKXHNEjdY=
Subject key identifier: CA:3D:6F:C1:F4:19:20:D1:F1:6C:64:D3:56:89:99:E7:65:38:1E:D8
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 04F81974
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/yj1vwfQZINHxbGTTVomZ52U4Htg.roa
Signing time: Sat 01 Jan 2022 01:01:44 +0000
ROA not before: Sat 01 Jan 2022 01:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21488
IP address blocks: 217.66.96.0/21 maxlen: 21
217.66.104.0/21 maxlen: 21
193.110.106.0/23 maxlen: 23
194.246.116.0/23 maxlen: 23
2a0f:c240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83368308 (0x4f81974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 01:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca3d6fc1f41920d1f16c64d3568999e765381ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d3:24:82:cc:47:6f:a7:0f:d4:e8:89:63:ba:
3f:df:f8:4b:5d:c0:31:30:23:b9:89:1a:36:b4:ec:
18:8e:be:14:96:63:66:b8:53:85:ff:24:db:a5:72:
ef:26:c0:b7:1b:a7:5c:a6:a7:99:31:6f:c3:a5:95:
29:11:20:67:64:d3:94:69:db:59:41:4d:a9:ef:91:
76:01:e3:7f:d9:c2:a4:6c:50:26:0f:eb:d3:3b:fc:
69:5a:dc:96:96:24:bb:ef:a6:f4:d7:07:9a:d2:82:
f0:c5:22:00:7a:e7:b6:05:71:9a:da:0e:55:2c:3c:
f2:de:05:fc:b6:31:0e:0c:f5:87:9e:ff:e7:e6:83:
b6:9a:2b:e3:bc:39:55:1b:dd:58:8b:d1:5e:43:d5:
7b:46:0d:12:3d:48:8c:7a:cd:d2:50:23:ef:ce:62:
53:ac:d1:80:e5:6c:db:ba:f1:39:64:71:01:3d:1b:
53:52:95:f1:49:11:1c:0d:4a:77:87:dc:2e:d4:f7:
bb:ed:20:37:b7:a7:2b:cf:b4:fe:1b:8b:b4:c7:1c:
64:c3:a4:5d:18:01:2b:21:17:94:d8:39:2e:9d:43:
93:28:29:df:bf:38:1b:5a:1b:e1:ad:88:8f:d8:6e:
ee:9d:be:a7:23:21:a0:74:41:7c:00:2e:8e:3c:de:
a4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3D:6F:C1:F4:19:20:D1:F1:6C:64:D3:56:89:99:E7:65:38:1E:D8
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/yj1vwfQZINHxbGTTVomZ52U4Htg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.106.0/23
194.246.116.0/23
217.66.96.0/20
IPv6:
2a0f:c240::/29
Signature Algorithm: sha256WithRSAEncryption
bc:37:80:1b:cc:64:1b:6e:54:06:c0:65:fe:53:08:05:cd:dd:
6e:37:2c:88:7f:4e:36:e7:17:f3:d2:ff:f9:fb:3f:76:a6:5b:
e8:f6:c8:c1:17:96:25:c2:ac:ca:c8:51:2a:b7:2a:f6:68:30:
47:fa:82:55:ee:3f:ee:fa:10:90:9f:ba:9a:b1:ee:87:dd:31:
e1:fe:53:c9:bd:2e:9d:86:4b:57:df:7c:a0:ce:c9:1c:68:8f:
cb:15:8e:5a:74:47:7b:6f:82:27:2d:c8:4f:07:c9:6e:37:d0:
b2:46:93:dc:e6:ee:6d:9e:1f:49:e4:5e:5d:db:01:01:5a:2e:
85:d3:e9:27:c0:0a:47:b3:03:1a:70:6b:73:c4:44:81:aa:ea:
2a:7c:5b:39:e1:bc:1a:b6:ee:b6:b1:19:9b:10:24:d8:02:fc:
00:3d:71:62:ec:f6:42:e7:89:32:e2:c0:ea:d1:ab:5b:74:9d:
70:00:8a:f2:d3:e3:db:cf:a7:55:b8:d0:8c:98:2b:08:e6:9c:
0e:c7:62:31:56:4e:c6:74:30:6d:f3:1d:cf:00:a6:c4:bd:47:
de:51:27:8d:0a:37:df:d2:af:42:36:ee:4d:7c:15:73:c1:8d:
ee:ca:99:2f:3e:05:84:11:21:ca:f0:5e:63:ee:9f:8a:f8:43:
d4:18:59:29
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBPgZdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWZjYjY0M2U2YTIxZTJmYjZlMjFjZDA2NTNhYjA5NWU5ZWJlZjEzMB4XDTIyMDEw
MTAxMDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2EzZDZmYzFmNDE5
MjBkMWYxNmM2NGQzNTY4OTk5ZTc2NTM4MWVkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOPTJILMR2+nD9ToiWO6P9/4S13AMTAjuYkaNrTsGI6+FJZj
ZrhThf8k26Vy7ybAtxunXKanmTFvw6WVKREgZ2TTlGnbWUFNqe+RdgHjf9nCpGxQ
Jg/r0zv8aVrclpYku++m9NcHmtKC8MUiAHrntgVxmtoOVSw88t4F/LYxDgz1h57/
5+aDtpor47w5VRvdWIvRXkPVe0YNEj1IjHrN0lAj785iU6zRgOVs27rxOWRxAT0b
U1KV8UkRHA1Kd4fcLtT3u+0gN7enK8+0/huLtMccZMOkXRgBKyEXlNg5Lp1Dkygp
3784G1ob4a2Ij9hu7p2+pyMhoHRBfAAujjzepNkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTKPW/B9Bkg0fFsZNNWiZnnZTge2DAfBgNVHSMEGDAWgBTa/LZD5qIeL7bi
HNBlOrCV6evvEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ2eTJRLWFpSGktMjRoelFaVHF3bGVucjd4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMjdhMzc0LWM5ODQtNGIxOS1hYzdlLWRlMmRlMTVmOTBlZC8x
L3lqMXZ3ZlFaSU5IeGJHVFRWb21aNTJVNEh0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MjdhMzc0LWM5ODQtNGIxOS1hYzdlLWRlMmRlMTVmOTBlZC8xLzJ2eTJRLWFpSGkt
MjRoelFaVHF3bGVucjd4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAcFuagMEAcL2dAMEBNlCYDANBAIA
AjAHAwUDKg/CQDANBgkqhkiG9w0BAQsFAAOCAQEAvDeAG8xkG25UBsBl/lMIBc3d
bjcsiH9ONucX89L/+fs/dqZb6PbIwReWJcKsyshRKrcq9mgwR/qCVe4/7voQkJ+6
mrHuh90x4f5Tyb0unYZLV998oM7JHGiPyxWOWnRHe2+CJy3ITwfJbjfQskaT3Obu
bZ4fSeReXdsBAVouhdPpJ8AKR7MDGnBrc8REgarqKnxbOeG8GrbutrEZmxAk2AL8
AD1xYuz2QueJMuLA6tGrW3SdcACK8tPj28+nVbjQjJgrCOacDsdiMVZOxnQwbfMd
zwCmxL1H3lEnjQo339KvQjbuTXwVc8GN7sqZLz4FhBEhyvBeY+6fivhD1BhZKQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:06 2023 by rpki-client on console-fra.rpki-client.org