Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/YmbidXfZ-rxLzgB0VDN0LjHoF3M.roa
File: YmbidXfZ-rxLzgB0VDN0LjHoF3M.roa (raw, json)
Hash identifier: CHreT2J4ejR5cRkYOxiHX7zolWIxPr0VQ4/ttjVXwKg=
Subject key identifier: 62:66:E2:75:77:D9:FA:BC:4B:CE:00:74:54:33:74:2E:31:E8:17:73
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 08A420AB
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/YmbidXfZ-rxLzgB0VDN0LjHoF3M.roa
Signing time: Sat 01 Jan 2022 11:04:11 +0000
ROA not before: Sat 01 Jan 2022 11:04:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20016
IP address blocks: 185.161.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144973995 (0x8a420ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 11:04:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6266e27577d9fabc4bce00745433742e31e81773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:3e:ed:09:3a:67:98:c0:ec:75:54:09:68:
dc:b1:d7:5a:76:02:5a:ae:d2:9c:82:6c:6b:e8:f2:
8f:1a:15:7d:76:13:c6:0b:00:65:52:7e:b8:b2:49:
83:d5:9c:70:64:3f:e9:b7:ce:44:0e:9d:d0:04:9b:
90:83:54:0c:1b:7e:d8:da:ef:70:c3:16:15:ca:21:
d3:f5:63:28:1d:74:cc:8c:f3:a4:02:b1:32:85:64:
d6:71:f8:08:73:e4:2a:cd:2a:1f:0d:0c:fc:cd:30:
2a:fd:83:d6:02:7c:34:95:25:9f:b6:5e:47:b5:58:
95:86:d9:d2:72:e0:cd:25:1e:36:8c:97:68:81:15:
b9:c2:b4:5a:af:ae:27:4f:2e:09:82:c7:12:a2:13:
1f:da:52:bb:ef:79:7c:30:dd:75:3e:48:e7:77:fe:
02:1d:79:22:da:82:96:b8:ba:fe:2d:61:15:04:24:
4d:6b:50:93:b5:0b:ad:37:55:e2:cf:79:26:ff:1c:
35:e5:05:91:07:63:b2:f6:cc:3b:70:e2:00:24:3c:
59:22:02:a7:cd:64:1c:e2:c4:1c:64:56:8f:d9:d5:
ff:de:21:0d:1c:01:be:e6:de:3b:4c:69:34:a7:41:
a4:de:47:8c:e7:6a:1b:33:0c:bd:d7:23:47:26:4b:
2d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:66:E2:75:77:D9:FA:BC:4B:CE:00:74:54:33:74:2E:31:E8:17:73
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/YmbidXfZ-rxLzgB0VDN0LjHoF3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.189.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:b9:9b:ce:64:b0:aa:a4:21:18:ba:0a:88:b9:3e:2a:89:20:
71:a8:8e:e7:87:79:81:de:91:f7:88:b0:01:de:ee:0f:e8:cf:
20:29:12:99:12:3b:3c:c0:be:e8:6c:24:79:ea:1f:6f:d8:2c:
ef:1e:4c:5d:91:62:a1:ad:12:6f:da:99:aa:58:c4:af:19:e6:
d4:3c:b5:d7:47:0b:73:cc:5c:05:14:4a:21:5e:1f:26:7e:dc:
dd:2c:54:8e:05:96:71:10:d6:76:c5:46:b6:13:da:78:73:66:
54:e5:5d:01:f3:50:40:6b:81:83:cc:e6:51:90:c2:59:77:26:
6b:fd:cc:3f:ba:16:b4:e3:a7:76:3f:70:32:3e:b5:9a:c9:2c:
2d:f8:08:7f:8a:8c:00:69:a5:d6:6e:f5:32:b9:cb:13:34:35:
17:57:26:83:b4:44:d8:c8:c2:05:31:9c:28:4f:f1:df:34:11:
29:ad:78:88:18:60:09:eb:0a:35:2f:c1:45:08:97:8a:90:1c:
3d:a7:9a:c1:fa:f6:f1:d9:6f:dc:98:be:31:89:7a:79:30:8d:
da:19:7e:07:d9:59:4e:ed:1d:db:d9:66:93:07:79:41:f1:7c:
c0:4d:05:3f:11:34:04:6e:e0:79:9e:8c:a6:8b:cf:91:64:9e:
6c:97:49:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECKQgqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDEw
MTExMDQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI2NmUyNzU3N2Q5
ZmFiYzRiY2UwMDc0NTQzMzc0MmUzMWU4MTc3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQPPu0JOmeYwOx1VAlo3LHXWnYCWq7SnIJsa+jyjxoVfXYT
xgsAZVJ+uLJJg9WccGQ/6bfORA6d0ASbkINUDBt+2NrvcMMWFcoh0/VjKB10zIzz
pAKxMoVk1nH4CHPkKs0qHw0M/M0wKv2D1gJ8NJUln7ZeR7VYlYbZ0nLgzSUeNoyX
aIEVucK0Wq+uJ08uCYLHEqITH9pSu+95fDDddT5I53f+Ah15ItqClri6/i1hFQQk
TWtQk7ULrTdV4s95Jv8cNeUFkQdjsvbMO3DiACQ8WSICp81kHOLEHGRWj9nV/94h
DRwBvubeO0xpNKdBpN5HjOdqGzMMvdcjRyZLLWcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRiZuJ1d9n6vEvOAHRUM3QuMegXczAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L1ltYmlkWGZaLXJ4THpnQjBWRE4wTGpIb0YzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmhvTANBgkqhkiG9w0BAQsFAAOC
AQEAPLmbzmSwqqQhGLoKiLk+KokgcaiO54d5gd6R94iwAd7uD+jPICkSmRI7PMC+
6Gwkeeofb9gs7x5MXZFioa0Sb9qZqljErxnm1Dy110cLc8xcBRRKIV4fJn7c3SxU
jgWWcRDWdsVGthPaeHNmVOVdAfNQQGuBg8zmUZDCWXcma/3MP7oWtOOndj9wMj61
msksLfgIf4qMAGml1m71MrnLEzQ1F1cmg7RE2MjCBTGcKE/x3zQRKa14iBhgCesK
NS/BRQiXipAcPaeawfr28dlv3Ji+MYl6eTCN2hl+B9lZTu0d29lmkwd5QfF8wE0F
PxE0BG7geZ6MpovPkWSebJdJUg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org