Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/yLJeWpS5hNdcXbUulZpZukM1FlU.roa
File: yLJeWpS5hNdcXbUulZpZukM1FlU.roa (raw, json)
Hash identifier: ozwFzwOFgCRc6+YXTgdleMqrI7bMSD6vp14j9kYORI0=
Subject key identifier: C8:B2:5E:5A:94:B9:84:D7:5C:5D:B5:2E:95:9A:59:BA:43:35:16:55
Certificate issuer: /CN=aba81f07a493a3e643752e66bd8146f5771adf88
Certificate serial: 06D4CA3F
Authority key identifier: AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/yLJeWpS5hNdcXbUulZpZukM1FlU.roa
Signing time: Tue 10 May 2022 11:10:32 +0000
ROA not before: Tue 10 May 2022 11:10:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6663
IP address blocks: 185.63.4.0/22 maxlen: 24
93.114.100.0/22 maxlen: 24
85.204.32.0/22 maxlen: 24
5.154.239.0/24 maxlen: 24
89.238.192.0/18 maxlen: 24
81.24.16.0/20 maxlen: 24
93.113.104.0/22 maxlen: 24
85.204.100.0/22 maxlen: 24
2a02:2720::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114608703 (0x6d4ca3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aba81f07a493a3e643752e66bd8146f5771adf88
Validity
Not Before: May 10 11:10:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8b25e5a94b984d75c5db52e959a59ba43351655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:aa:b1:09:61:09:dc:62:f6:91:82:4e:2f:04:
ee:c7:0c:d8:d4:6b:ef:c6:42:b5:a1:83:32:b9:5c:
77:69:c2:e9:d7:a5:b0:ba:53:06:df:98:b5:21:b6:
6a:61:e0:b2:6d:77:8d:b4:71:44:1d:13:c7:3b:4b:
bb:3e:2b:9f:72:eb:68:6d:3b:a7:37:cf:b0:11:b2:
3c:32:64:1e:3e:a6:4e:b6:50:49:03:32:76:65:7e:
a3:c3:4b:bb:7a:43:96:7f:9d:1a:c0:da:51:bd:2c:
20:f4:90:8b:ef:86:3b:ca:44:6d:ba:73:30:d6:08:
61:54:b4:3a:cd:7e:3d:59:ea:28:5c:66:47:22:b9:
6f:7b:39:e5:97:06:6e:52:ab:fd:1e:58:31:3c:dd:
3f:4d:ec:cc:8c:14:d6:44:6e:65:e2:d7:5a:a0:f2:
6c:fa:27:a6:17:a7:89:34:c2:a1:c8:28:9f:49:b8:
be:ca:51:28:3f:2e:39:5e:d5:fe:80:09:e6:f5:4d:
17:eb:a9:dc:34:ec:75:bd:dd:e8:bd:ce:cb:0e:b3:
1f:80:c5:d6:3a:ca:95:d5:2a:34:41:1a:5b:b7:ae:
6e:56:5d:14:9b:9d:e6:17:7c:84:9d:0c:45:e4:36:
9b:c5:e2:6e:06:0c:73:02:49:19:ea:5a:a9:64:35:
9d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B2:5E:5A:94:B9:84:D7:5C:5D:B5:2E:95:9A:59:BA:43:35:16:55
X509v3 Authority Key Identifier:
keyid:AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/yLJeWpS5hNdcXbUulZpZukM1FlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/q6gfB6STo-ZDdS5mvYFG9Xca34g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.239.0/24
81.24.16.0/20
85.204.32.0/22
85.204.100.0/22
89.238.192.0/18
93.113.104.0/22
93.114.100.0/22
185.63.4.0/22
IPv6:
2a02:2720::/32
Signature Algorithm: sha256WithRSAEncryption
9a:34:65:45:c1:62:d9:1e:0e:e0:b3:cc:00:5c:15:3e:e7:88:
97:99:ca:03:64:f9:b1:51:06:61:df:c4:47:ad:93:82:c2:97:
18:96:be:a3:ec:71:64:c5:a3:97:ce:43:e6:26:44:9f:45:5e:
76:c2:ed:3f:e1:35:7e:c6:0c:b0:ff:b9:22:5c:2d:df:ae:a1:
36:5c:3a:0e:35:b9:96:a9:d5:27:ac:eb:71:12:e1:8e:53:83:
ee:51:19:2f:cd:a2:ff:a7:fa:ba:27:a3:02:60:c8:f0:20:ef:
e7:0a:2f:52:69:c3:5f:d5:98:4e:51:4b:fd:7e:90:77:0f:7c:
f3:5d:94:1f:83:9b:fb:b1:06:cf:4f:25:58:5f:fb:93:82:69:
b0:a5:aa:c8:f6:ab:91:b4:c1:8e:a9:e7:19:04:0a:a3:fb:fb:
7e:be:62:07:52:43:7a:f6:03:99:d6:74:8b:6f:b7:dd:a3:5d:
2d:75:ce:d9:74:45:33:1a:78:12:cd:b1:6b:fb:34:61:43:72:
86:a8:63:ec:81:8c:ac:40:95:65:09:a5:56:f5:07:ec:7e:52:
9b:09:1b:d9:e8:4e:e8:c9:9c:94:95:9b:b2:4c:06:83:7e:9a:
c0:f3:49:f6:a6:f3:17:b6:92:66:62:be:f0:c5:56:9c:85:14:
02:e5:15:11
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEBtTKPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmE4MWYwN2E0OTNhM2U2NDM3NTJlNjZiZDgxNDZmNTc3MWFkZjg4MB4XDTIyMDUx
MDExMTAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhiMjVlNWE5NGI5
ODRkNzVjNWRiNTJlOTU5YTU5YmE0MzM1MTY1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOqsQlhCdxi9pGCTi8E7scM2NRr78ZCtaGDMrlcd2nC6del
sLpTBt+YtSG2amHgsm13jbRxRB0TxztLuz4rn3LraG07pzfPsBGyPDJkHj6mTrZQ
SQMydmV+o8NLu3pDln+dGsDaUb0sIPSQi++GO8pEbbpzMNYIYVS0Os1+PVnqKFxm
RyK5b3s55ZcGblKr/R5YMTzdP03szIwU1kRuZeLXWqDybPonpheniTTCocgon0m4
vspRKD8uOV7V/oAJ5vVNF+up3DTsdb3d6L3Oyw6zH4DF1jrKldUqNEEaW7eublZd
FJud5hd8hJ0MReQ2m8XibgYMcwJJGepaqWQ1ndkCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBTIsl5alLmE11xdtS6Vmlm6QzUWVTAfBgNVHSMEGDAWgBSrqB8HpJOj5kN1
Lma9gUb1dxrfiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E2Z2ZCNlNUby1aRGRTNW12WUZHOVhjYTM0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvODRlMmNlLTFlYWMtNGUxMi1hYzU4LTUxYzNjY2NlNzJkZi8x
L3lMSmVXcFM1aE5kY1hiVXVsWnBadWtNMUZsVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
ODRlMmNlLTFlYWMtNGUxMi1hYzU4LTUxYzNjY2NlNzJkZi8xL3E2Z2ZCNlNUby1a
RGRTNW12WUZHOVhjYTM0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAAWa7wMEBFEYEAMEAlXMIAMEAlXM
ZAMEBlnuwAMEAl1xaAMEAl1yZAMEArk/BDANBAIAAjAHAwUAKgInIDANBgkqhkiG
9w0BAQsFAAOCAQEAmjRlRcFi2R4O4LPMAFwVPueIl5nKA2T5sVEGYd/ER62TgsKX
GJa+o+xxZMWjl85D5iZEn0VedsLtP+E1fsYMsP+5Ilwt366hNlw6DjW5lqnVJ6zr
cRLhjlOD7lEZL82i/6f6uiejAmDI8CDv5wovUmnDX9WYTlFL/X6Qdw98812UH4Ob
+7EGz08lWF/7k4JpsKWqyParkbTBjqnnGQQKo/v7fr5iB1JDevYDmdZ0i2+33aNd
LXXO2XRFMxp4Es2xa/s0YUNyhqhj7IGMrECVZQmlVvUH7H5Smwkb2ehO6MmclJWb
skwGg36awPNJ9qbzF7aSZmK+8MVWnIUUAuUVEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:57 2024 by rpki-client on console-ams.rpki-client.org