Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/YjVG6lQbc_H6grmJSo2ANSrOlP4.roa
File: YjVG6lQbc_H6grmJSo2ANSrOlP4.roa (raw, json)
Hash identifier: nVsj5Cr9kwaqyeiwltkg77BedVSoeKBtOC0Ih6lcOf4=
Subject key identifier: 62:35:46:EA:54:1B:73:F1:FA:82:B9:89:4A:8D:80:35:2A:CE:94:FE
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 018543149BDCCECDABF59FBF2F3D07097D29
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/YjVG6lQbc_H6grmJSo2ANSrOlP4.roa
Signing time: Sat 24 Dec 2022 07:41:42 +0000
ROA not before: Sat 24 Dec 2022 07:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202254
IP address blocks: 212.108.132.0/24 maxlen: 24
212.108.128.0/19 maxlen: 24
212.108.134.0/24 maxlen: 24
185.206.71.0/24 maxlen: 24
194.146.158.0/24 maxlen: 24
194.146.157.0/24 maxlen: 24
194.146.159.0/24 maxlen: 24
194.146.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:14:9b:dc:ce:cd:ab:f5:9f:bf:2f:3d:07:09:7d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Dec 24 07:41:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=623546ea541b73f1fa82b9894a8d80352ace94fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:48:d9:ec:0d:de:34:71:6d:59:ac:65:08:5d:
30:6e:76:8d:f3:fb:b1:db:da:9a:f5:04:8e:d1:f3:
cb:25:e2:f5:07:08:58:00:dc:fb:22:cd:82:22:3e:
91:92:92:08:af:5e:7c:91:9d:22:83:de:be:ea:df:
fd:d8:60:74:06:cc:39:28:60:b7:c3:c0:d1:d4:a6:
44:20:c7:e8:62:4a:69:0f:a9:76:25:ab:2c:d6:da:
d1:72:22:b4:da:ec:2b:14:ca:f4:69:db:98:58:0f:
e2:fe:9b:5f:3d:1c:25:a2:db:f5:db:7f:aa:71:0c:
86:9c:0a:30:6a:28:3b:e9:66:c9:ba:b2:78:98:91:
0c:2b:33:01:e5:79:ae:b5:35:e4:e4:14:95:de:ec:
58:f0:4c:59:1c:d4:18:a2:98:56:cf:b2:1d:b8:e5:
3b:49:05:16:0f:63:ca:21:cb:d6:93:e2:ff:8c:d0:
19:c7:df:62:fd:ce:cf:fb:a4:d5:d9:18:b3:1f:c2:
f4:64:fa:9e:2a:22:fa:9c:b3:75:56:3c:21:9f:b3:
0c:c8:71:d6:3b:7b:6a:7f:4a:91:03:c2:06:bf:70:
c1:83:b4:5d:56:ed:11:16:c5:cb:2c:a9:db:f5:d3:
e6:c2:f9:35:30:1b:c7:22:3e:19:a8:50:42:1a:f2:
61:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:35:46:EA:54:1B:73:F1:FA:82:B9:89:4A:8D:80:35:2A:CE:94:FE
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/YjVG6lQbc_H6grmJSo2ANSrOlP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
194.146.156.0/22
212.108.128.0/19
Signature Algorithm: sha256WithRSAEncryption
62:97:5c:4e:ea:14:df:96:6f:4b:df:77:32:38:bc:20:72:b1:
cb:a0:c4:4b:ae:76:54:7d:e1:86:9d:be:ae:75:86:44:24:d5:
fa:8d:55:47:47:61:77:be:79:db:8e:eb:b1:1b:02:b1:1e:de:
af:3e:03:2a:c5:48:c3:ca:93:3b:a6:4c:d6:51:b9:f7:3b:ca:
90:b0:00:55:b8:1d:14:09:06:a7:e6:c4:2f:ed:6d:23:7a:57:
0a:b2:1c:90:ba:ca:e6:9b:eb:d4:52:b3:ab:d9:e3:21:e5:9f:
6b:4b:bc:c2:a2:c3:0a:63:e9:c0:1b:af:03:2b:9b:ef:ba:ce:
94:b4:97:56:7e:0c:1f:d7:7f:03:a2:33:0a:22:fd:14:ab:a1:
c5:52:2f:01:6f:8f:8b:9b:20:78:49:d7:5b:1b:6c:70:15:99:
36:b5:6e:ac:04:15:3b:da:b5:8d:54:b1:ae:74:d3:18:28:aa:
e8:26:83:c9:27:f9:77:49:b8:2f:74:8a:f8:2c:80:e1:86:53:
43:97:66:6b:6e:4c:92:95:cf:8e:1d:86:f9:b8:ea:46:46:33:
21:cb:f1:e9:2d:4b:01:c2:f0:fb:a3:6d:59:8b:3e:5d:64:f1:
90:e5:56:35:72:fb:7e:41:8e:9f:96:6e:be:94:98:a8:38:ca:
4f:d8:de:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVDFJvczs2r9Z+/Lz0HCX0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjIxMjI0MDc0MTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjM1NDZlYTU0MWI3M2YxZmE4MmI5ODk0YThkODAzNTJhY2U5NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0jZ7A3eNHFtWaxlCF0wbnaN8/ux
29qa9QSO0fPLJeL1BwhYANz7Is2CIj6RkpIIr158kZ0ig96+6t/92GB0Bsw5KGC3
w8DR1KZEIMfoYkppD6l2Jass1trRciK02uwrFMr0aduYWA/i/ptfPRwlotv123+q
cQyGnAowaig76WbJurJ4mJEMKzMB5XmutTXk5BSV3uxY8ExZHNQYophWz7IduOU7
SQUWD2PKIcvWk+L/jNAZx99i/c7P+6TV2RizH8L0ZPqeKiL6nLN1Vjwhn7MMyHHW
O3tqf0qRA8IGv3DBg7RdVu0RFsXLLKnb9dPmwvk1MBvHIj4ZqFBCGvJh3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGI1RupUG3Px+oK5iUqNgDUqzpT+MB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvWWpWRzZsUWJjX0g2Z3JtSlNvMkFOU3JPbFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuc5HAwQC
wpKcAwQF1GyAMA0GCSqGSIb3DQEBCwUAA4IBAQBil1xO6hTflm9L33cyOLwgcrHL
oMRLrnZUfeGGnb6udYZEJNX6jVVHR2F3vnnbjuuxGwKxHt6vPgMqxUjDypM7pkzW
Ubn3O8qQsABVuB0UCQan5sQv7W0jelcKshyQusrmm+vUUrOr2eMh5Z9rS7zCosMK
Y+nAG68DK5vvus6UtJdWfgwf138DojMKIv0Uq6HFUi8Bb4+LmyB4SddbG2xwFZk2
tW6sBBU72rWNVLGudNMYKKroJoPJJ/l3SbgvdIr4LIDhhlNDl2ZrbkySlc+OHYb5
uOpGRjMhy/HpLUsBwvD7o21Ziz5dZPGQ5VY1cvt+QY6flm6+lJioOMpP2N7V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:58 2024 by rpki-client on console-ams.rpki-client.org