Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Y925G9tTP4_mjwrhCjhnlFVPqJ8.roa
File: Y925G9tTP4_mjwrhCjhnlFVPqJ8.roa (raw, json)
Hash identifier: JJacTaNBdDG1d49YS17ASVj+HyQ/Cne08G1/FWLwBJo=
Subject key identifier: 63:DD:B9:1B:DB:53:3F:8F:E6:8F:0A:E1:0A:38:67:94:55:4F:A8:9F
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A11DFCF
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Y925G9tTP4_mjwrhCjhnlFVPqJ8.roa
Signing time: Sat 01 Jan 2022 14:00:46 +0000
ROA not before: Sat 01 Jan 2022 14:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210831
IP address blocks: 85.219.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 974249935 (0x3a11dfcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63ddb91bdb533f8fe68f0ae10a386794554fa89f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:05:8d:6a:5f:b2:25:bd:fd:4d:36:b6:29:53:
f8:8a:12:4a:70:58:a4:99:40:cb:32:6f:20:80:d8:
f7:3f:d5:9f:59:c5:88:37:36:26:5c:15:59:e0:26:
e7:a9:39:1f:b8:47:c8:fd:58:e8:86:65:2c:df:fb:
7c:04:37:c3:19:7c:c7:2a:3b:63:ab:cf:e2:01:b7:
c2:3a:7a:4b:68:4a:b0:de:28:06:3a:0e:78:a0:1a:
ca:2a:65:86:df:18:35:0c:ed:58:7f:72:5d:72:ff:
8c:1d:1f:26:52:a3:b9:c5:1a:92:21:12:8a:f6:ca:
44:0a:17:ae:14:d9:c5:3b:2a:6c:43:f7:dd:f9:45:
de:5d:a4:39:29:39:7e:2d:d3:16:13:97:eb:98:33:
70:1a:38:df:24:c5:58:d9:76:30:a9:42:f3:c9:bc:
6b:75:75:95:28:c0:fa:7a:df:50:0e:31:27:ee:88:
0e:8d:b4:35:69:2c:bc:33:85:b5:36:03:db:7e:2b:
64:fa:fc:78:4f:02:a1:17:b4:16:2e:83:ea:e8:11:
7f:0f:6b:79:e8:c6:7a:dc:dc:21:3c:94:a1:f7:19:
d2:ba:1b:ab:05:e7:d5:0d:70:df:8b:32:ec:f1:7b:
df:15:38:f3:72:60:97:27:63:6a:3b:d5:74:90:a0:
5e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DD:B9:1B:DB:53:3F:8F:E6:8F:0A:E1:0A:38:67:94:55:4F:A8:9F
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Y925G9tTP4_mjwrhCjhnlFVPqJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:88:53:98:99:23:6f:77:43:29:3e:8d:a9:c7:af:70:23:b4:
8f:bc:ea:46:dc:ad:66:10:ae:fa:ff:b6:9c:3f:97:21:a2:d0:
80:8e:66:02:65:40:4d:e0:7a:88:58:b7:b4:02:bf:c7:e0:28:
14:84:b6:7e:43:23:85:46:a3:d8:fe:0a:00:9a:2a:9a:b0:95:
45:17:37:00:21:23:27:a6:d3:47:7c:fa:32:97:61:72:f1:da:
7c:21:38:eb:2a:ae:a4:3b:8d:f4:17:23:6e:12:ca:e8:8b:d9:
79:43:ca:f8:74:f1:69:a7:01:13:2d:19:d2:70:fe:78:ca:aa:
ff:a7:85:06:cb:d2:cf:6d:8c:b6:0a:74:e5:1e:c4:5f:af:11:
57:21:e6:5e:e7:be:df:48:53:11:b7:36:ad:af:df:81:a1:fb:
fe:41:9c:ea:85:39:21:4f:52:d0:98:c3:86:2c:61:9c:2f:54:
3b:13:bf:2b:ad:85:7d:0e:40:3d:9e:c4:68:6e:fe:9c:b1:90:
11:49:4c:f0:d6:4e:4b:91:79:00:c3:6d:ff:50:89:ed:32:3d:
6a:bc:90:2b:a9:8e:c1:8f:c7:3e:a9:ba:77:a7:d9:fe:ed:cf:
8f:ba:b9:e1:43:e3:c7:bd:d6:66:56:fb:ad:38:7a:26:a2:2f:
cd:03:76:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOhHfzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNkZGI5MWJkYjUz
M2Y4ZmU2OGYwYWUxMGEzODY3OTQ1NTRmYTg5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwFjWpfsiW9/U02tilT+IoSSnBYpJlAyzJvIIDY9z/Vn1nF
iDc2JlwVWeAm56k5H7hHyP1Y6IZlLN/7fAQ3wxl8xyo7Y6vP4gG3wjp6S2hKsN4o
BjoOeKAayiplht8YNQztWH9yXXL/jB0fJlKjucUakiESivbKRAoXrhTZxTsqbEP3
3flF3l2kOSk5fi3TFhOX65gzcBo43yTFWNl2MKlC88m8a3V1lSjA+nrfUA4xJ+6I
Do20NWksvDOFtTYD234rZPr8eE8CoRe0Fi6D6ugRfw9reejGetzcITyUofcZ0rob
qwXn1Q1w34sy7PF73xU483JglydjajvVdJCgXo8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRj3bkb21M/j+aPCuEKOGeUVU+onzAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L1k5MjVHOXRUUDRfbWp3cmhDamhubEZWUHFKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXb1TANBgkqhkiG9w0BAQsFAAOC
AQEAS4hTmJkjb3dDKT6NqcevcCO0j7zqRtytZhCu+v+2nD+XIaLQgI5mAmVATeB6
iFi3tAK/x+AoFIS2fkMjhUaj2P4KAJoqmrCVRRc3ACEjJ6bTR3z6MpdhcvHafCE4
6yqupDuN9BcjbhLK6IvZeUPK+HTxaacBEy0Z0nD+eMqq/6eFBsvSz22Mtgp05R7E
X68RVyHmXue+30hTEbc2ra/fgaH7/kGc6oU5IU9S0JjDhixhnC9UOxO/K62FfQ5A
PZ7EaG7+nLGQEUlM8NZOS5F5AMNt/1CJ7TI9aryQK6mOwY/HPqm6d6fZ/u3Pj7q5
4UPjx73WZlb7rTh6JqIvzQN2wg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org