Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/cyhk1UY2QKMCR7XzAv-wOgcIPII.roa
File: cyhk1UY2QKMCR7XzAv-wOgcIPII.roa (raw, json)
Hash identifier: PY4kmbDej8bqaI/Is8OnFFDNb8WidoFAxlU67SL51XE=
Subject key identifier: 73:28:64:D5:46:36:40:A3:02:47:B5:F3:02:FF:B0:3A:07:08:3C:82
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01852AEA7269C42EFB7B44798CCDE6FA7283
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/cyhk1UY2QKMCR7XzAv-wOgcIPII.roa
Signing time: Mon 19 Dec 2022 15:04:45 +0000
ROA not before: Mon 19 Dec 2022 15:04:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 45.146.224.0/22 maxlen: 24
185.131.188.0/22 maxlen: 24
141.98.52.0/22 maxlen: 24
185.123.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:ea:72:69:c4:2e:fb:7b:44:79:8c:cd:e6:fa:72:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 19 15:04:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=732864d5463640a30247b5f302ffb03a07083c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:33:7e:f3:77:fc:2a:38:8e:28:3a:0b:fe:b9:
1e:fd:c7:20:a0:18:06:06:e0:51:0c:d0:01:eb:bc:
46:ac:24:cc:c3:14:ec:68:cd:dc:72:85:39:0e:5e:
21:66:08:44:80:b1:44:66:b5:a8:00:62:26:69:71:
fb:88:5d:77:7d:51:65:f4:2b:87:0f:a6:56:10:f0:
fe:d7:5a:41:8f:02:22:07:3c:ba:5e:75:40:9a:53:
3f:47:0f:cb:d8:d7:e9:65:ea:3d:19:14:a1:3b:b0:
ae:14:ac:b4:d9:30:ca:c5:4e:a4:e1:12:30:09:12:
74:e5:c9:6f:82:23:d7:67:37:d8:7a:af:a1:cf:d7:
80:7c:60:4c:7a:85:f9:fc:99:2a:87:74:af:5b:7e:
10:27:37:b7:8b:27:5b:43:ad:30:43:d2:99:06:28:
c0:e3:53:5f:ed:42:23:34:a6:25:67:eb:4a:ea:89:
4c:45:8f:f3:12:08:f8:91:52:68:da:6c:2e:88:bd:
58:2d:5d:29:6b:ad:17:ef:55:b1:78:02:64:e8:00:
86:54:54:20:49:f5:3c:37:d5:3f:7e:e0:ee:6e:d4:
2b:bc:e2:aa:b1:91:32:cf:78:83:da:4c:19:97:86:
bd:e0:a7:8c:e9:c4:b1:fe:b7:ee:1c:25:a4:dd:82:
e2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:28:64:D5:46:36:40:A3:02:47:B5:F3:02:FF:B0:3A:07:08:3C:82
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/cyhk1UY2QKMCR7XzAv-wOgcIPII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.224.0/22
141.98.52.0/22
185.123.136.0/22
185.131.188.0/22
Signature Algorithm: sha256WithRSAEncryption
59:b5:8b:41:f6:61:3c:73:59:9d:0c:ed:b1:ed:8f:48:1e:31:
76:23:37:fd:d5:1c:43:ba:dc:68:9d:72:5d:66:a9:11:d1:5e:
b5:dd:1d:2a:b4:a3:97:da:e6:6b:87:f8:7e:b2:15:ce:d4:03:
08:62:c4:2f:ee:0a:08:27:c0:90:da:68:73:69:26:4b:f2:dd:
c0:c5:76:26:e9:3f:4f:67:3a:b1:a5:b6:1a:d6:92:5d:f9:07:
a2:ca:1d:4b:c6:b7:61:cd:9d:f8:72:9a:3a:75:01:0e:4b:f5:
3d:c8:ce:6f:fe:61:9c:06:c3:53:16:92:71:cc:48:5a:f9:37:
70:27:df:d7:f6:24:12:50:ee:97:5a:09:83:45:75:6e:af:b3:
f3:ee:b4:6a:65:e3:6a:b3:3d:df:8d:9b:04:25:ab:68:7c:70:
ad:3c:4a:06:79:e2:20:3c:b5:ab:ad:d6:a9:12:80:6f:46:6a:
4d:b4:68:87:2f:62:a6:15:6a:5e:ed:df:8b:04:f1:51:25:64:
ba:f1:9b:d0:f6:2c:a9:8c:5f:63:b6:5b:c9:59:3c:ba:ba:3d:
7c:cf:ea:e0:56:17:26:89:e3:bf:a2:6e:91:1f:88:82:88:ff:
84:f5:c7:df:de:01:43:d3:ec:f1:17:7c:29:4d:2f:60:ea:14:
42:bc:e9:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUq6nJpxC77e0R5jM3m+nKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjE5MTUwNDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzI4NjRkNTQ2MzY0MGEzMDI0N2I1ZjMwMmZmYjAzYTA3MDgzYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzN+83f8KjiOKDoL/rke/ccgoBgG
BuBRDNAB67xGrCTMwxTsaM3ccoU5Dl4hZghEgLFEZrWoAGImaXH7iF13fVFl9CuH
D6ZWEPD+11pBjwIiBzy6XnVAmlM/Rw/L2NfpZeo9GRShO7CuFKy02TDKxU6k4RIw
CRJ05clvgiPXZzfYeq+hz9eAfGBMeoX5/Jkqh3SvW34QJze3iydbQ60wQ9KZBijA
41Nf7UIjNKYlZ+tK6olMRY/zEgj4kVJo2mwuiL1YLV0pa60X71WxeAJk6ACGVFQg
SfU8N9U/fuDubtQrvOKqsZEyz3iD2kwZl4a94KeM6cSx/rfuHCWk3YLiDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHMoZNVGNkCjAke18wL/sDoHCDyCMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvY3loazFVWTJRS01DUjdYekF2LXdPZ2NJUElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZLgAwQC
jWI0AwQCuXuIAwQCuYO8MA0GCSqGSIb3DQEBCwUAA4IBAQBZtYtB9mE8c1mdDO2x
7Y9IHjF2Izf91RxDutxonXJdZqkR0V613R0qtKOX2uZrh/h+shXO1AMIYsQv7goI
J8CQ2mhzaSZL8t3AxXYm6T9PZzqxpbYa1pJd+Qeiyh1LxrdhzZ34cpo6dQEOS/U9
yM5v/mGcBsNTFpJxzEha+TdwJ9/X9iQSUO6XWgmDRXVur7Pz7rRqZeNqsz3fjZsE
JatofHCtPEoGeeIgPLWrrdapEoBvRmpNtGiHL2KmFWpe7d+LBPFRJWS68ZvQ9iyp
jF9jtlvJWTy6uj18z+rgVhcmieO/om6RH4iCiP+E9cff3gFD0+zxF3wpTS9g6hRC
vOnH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org