Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-nJ5UnKQLaIx9NGlBfIupbA_YyE.roa
File: 1-nJ5UnKQLaIx9NGlBfIupbA_YyE.roa (raw, json)
Hash identifier: AmS+J94r3+3QCdcYE+muJpumQMVo6zrjYq0kNggWXOM=
Subject key identifier: FA:72:79:52:72:90:2D:A2:31:F4:D1:A5:05:F2:2E:A5:B0:3F:63:21
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0184340802798A25F71D11EE16F3C8F3A5FA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-nJ5UnKQLaIx9NGlBfIupbA_YyE.roa
Signing time: Tue 01 Nov 2022 16:30:50 +0000
ROA not before: Tue 01 Nov 2022 16:30:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 185.234.22.0/24 maxlen: 24
185.238.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:34:08:02:79:8a:25:f7:1d:11:ee:16:f3:c8:f3:a5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 1 16:30:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa72795272902da231f4d1a505f22ea5b03f6321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b1:86:7d:46:58:ce:3c:3c:00:03:66:c1:aa:
d6:d3:10:99:ed:59:00:dc:da:df:ce:dd:8f:06:9b:
f9:b9:75:00:9d:4b:94:cd:3e:41:f7:91:20:a9:ef:
75:52:ab:3d:ef:ec:5e:dc:2a:6a:a9:09:4f:4f:b7:
fb:e8:35:31:ef:6c:9b:07:e0:2d:51:0d:81:60:65:
60:d2:20:94:d0:33:d8:ef:d3:b0:95:07:db:05:78:
93:52:33:f1:1b:27:62:86:fa:ce:9c:10:ee:78:69:
88:5e:ad:4b:6c:5f:3c:99:a3:64:5e:6e:0f:8d:c6:
51:4e:b7:40:cb:3d:e5:e8:0b:92:09:f5:d6:1d:61:
a3:7e:91:be:1c:2d:71:47:66:d6:f9:6e:8f:66:9c:
85:f5:2e:e6:2b:57:6d:89:e7:cd:29:0d:6d:d4:b7:
63:22:f7:dc:43:d6:17:8e:8c:42:f3:63:62:24:cc:
14:06:3f:bc:38:0a:73:c9:68:18:6f:34:f8:40:31:
f1:50:52:03:1e:df:74:70:53:a9:41:5a:8f:03:65:
db:3a:85:75:b8:02:f9:f1:6f:b1:a1:62:93:13:ed:
7d:c1:6e:77:32:6d:28:f7:ad:b2:11:1a:d5:f9:06:
79:71:89:e0:11:81:38:ea:3a:9e:9f:0d:98:4d:cb:
75:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:72:79:52:72:90:2D:A2:31:F4:D1:A5:05:F2:2E:A5:B0:3F:63:21
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-nJ5UnKQLaIx9NGlBfIupbA_YyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.22.0/24
185.238.228.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:4d:4f:71:be:f9:ba:19:8a:32:75:a8:de:e0:fb:5e:df:55:
9e:21:79:5b:40:19:a8:47:c9:96:76:09:06:94:01:2d:15:f3:
28:ca:3b:7b:53:6d:43:37:c3:13:d4:b1:3c:ac:c0:03:05:ad:
59:e0:10:bb:14:49:1e:84:04:b5:c8:79:01:58:07:10:53:49:
fe:22:bd:d3:33:f6:98:1b:36:1a:7f:13:2e:d3:35:d6:91:67:
85:ac:a2:65:1f:a4:a8:60:67:ef:49:27:49:e8:5a:16:97:6c:
7a:f7:43:fb:b6:d4:b4:dd:2f:d5:b1:5a:7d:2c:19:34:21:de:
ac:fd:d8:92:1a:4e:40:ed:62:5e:bc:63:c8:3c:9a:0a:68:8d:
0f:4a:89:e2:db:ec:82:df:03:1f:59:89:4c:ec:4a:91:64:60:
69:ed:ca:4f:83:55:2d:56:31:09:50:5a:e0:ac:36:7c:a4:ad:
d1:78:8c:eb:b8:38:8f:1b:08:47:46:f8:8d:98:27:e4:64:8a:
d6:98:c3:55:c1:dc:4e:70:e3:e3:b7:6b:68:c1:c5:2f:6a:35:
b8:e9:54:d2:2a:d1:e0:47:64:fc:4c:20:ff:ce:ab:c6:e0:e2:
65:49:61:50:da:d2:3e:98:f4:22:a7:96:e0:b2:5d:3e:33:0c:
97:9f:f0:0b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYQ0CAJ5iiX3HRHuFvPI86X6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMTAxMTYzMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTcyNzk1MjcyOTAyZGEyMzFmNGQxYTUwNWYyMmVhNWIwM2Y2MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibGGfUZYzjw8AANmwarW0xCZ7VkA
3Nrfzt2PBpv5uXUAnUuUzT5B95Egqe91Uqs97+xe3CpqqQlPT7f76DUx72ybB+At
UQ2BYGVg0iCU0DPY79OwlQfbBXiTUjPxGydihvrOnBDueGmIXq1LbF88maNkXm4P
jcZRTrdAyz3l6AuSCfXWHWGjfpG+HC1xR2bW+W6PZpyF9S7mK1dtiefNKQ1t1Ldj
IvfcQ9YXjoxC82NiJMwUBj+8OApzyWgYbzT4QDHxUFIDHt90cFOpQVqPA2XbOoV1
uAL58W+xoWKTE+19wW53Mm0o962yERrV+QZ5cYngEYE46jqenw2YTct1IwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPpyeVJykC2iMfTRpQXyLqWwP2MhMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1uSjVVbktRTGFJeDlOR2xCZkl1cGJBX1l5RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnqFgME
ALnu5DANBgkqhkiG9w0BAQsFAAOCAQEAG01Pcb75uhmKMnWo3uD7Xt9VniF5W0AZ
qEfJlnYJBpQBLRXzKMo7e1NtQzfDE9SxPKzAAwWtWeAQuxRJHoQEtch5AVgHEFNJ
/iK90zP2mBs2Gn8TLtM11pFnhayiZR+kqGBn70knSehaFpdsevdD+7bUtN0v1bFa
fSwZNCHerP3YkhpOQO1iXrxjyDyaCmiND0qJ4tvsgt8DH1mJTOxKkWRgae3KT4NV
LVYxCVBa4Kw2fKSt0XiM67g4jxsIR0b4jZgn5GSK1pjDVcHcTnDj47draMHFL2o1
uOlU0irR4Edk/Ewg/86rxuDiZUlhUNrSPpj0IqeW4LJdPjMMl5/wCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org