Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YgQSqPf-heymrU3mrs8CeV0r1IA.roa
File: YgQSqPf-heymrU3mrs8CeV0r1IA.roa (raw, json)
Hash identifier: RtBWQ2t7Haphg++QP7Eq19S9dC0GlIv0nfasQLETnNY=
Subject key identifier: 62:04:12:A8:F7:FE:85:EC:A6:AD:4D:E6:AE:CF:02:79:5D:2B:D4:80
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 187D35EC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YgQSqPf-heymrU3mrs8CeV0r1IA.roa
Signing time: Sun 30 Jan 2022 14:28:39 +0000
ROA not before: Sun 30 Jan 2022 14:28:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.120.7.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 410858988 (0x187d35ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 30 14:28:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=620412a8f7fe85eca6ad4de6aecf02795d2bd480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d2:43:3f:63:a5:43:9f:d2:35:54:21:58:c7:
db:3d:ee:be:cb:f2:5d:e9:e3:41:b2:21:d2:43:f9:
9c:f6:c1:c7:cd:a2:7c:22:f2:a4:c6:ac:f1:ac:27:
32:13:01:e8:e7:ca:b9:bc:41:f1:23:8c:33:7f:57:
54:49:31:72:e7:8d:c5:2c:f4:e4:55:ed:4f:67:74:
94:9d:33:8a:8e:13:d9:cd:b4:74:66:8c:f9:fe:84:
4f:20:92:e2:8e:65:f2:1a:a8:c1:52:d4:28:19:86:
89:f8:8d:20:ce:75:f6:85:bc:c4:4a:52:b4:9f:b9:
f2:91:9c:a3:34:c1:a0:b2:15:b4:db:01:04:32:54:
82:07:ae:ce:48:22:dc:cc:c2:da:cf:8e:c7:78:18:
ab:ff:40:84:6a:5f:dd:71:e0:a9:85:38:7e:da:1b:
8b:fa:28:ef:0d:9f:83:01:36:93:f4:12:4b:76:43:
08:50:2d:b8:22:ed:dd:d9:55:08:11:83:72:b9:a5:
2a:48:c4:15:9d:72:c3:ee:93:1e:8a:c8:fc:31:94:
26:f7:2f:88:aa:b7:92:21:61:af:cc:ee:39:eb:a2:
3e:ef:c1:5e:1a:5c:ee:de:5a:76:02:7c:44:15:ea:
69:46:ae:b1:68:9e:18:99:7d:ff:64:dd:6b:50:7e:
66:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:04:12:A8:F7:FE:85:EC:A6:AD:4D:E6:AE:CF:02:79:5D:2B:D4:80
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YgQSqPf-heymrU3mrs8CeV0r1IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.120.7.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
49:e7:82:c4:fe:cc:e2:a9:71:1e:dd:85:2d:81:83:0d:d7:dc:
30:59:1d:79:13:29:40:5a:19:c0:fb:c9:b5:6f:98:a9:93:2a:
ed:4f:02:24:4e:0c:57:5a:15:fd:6c:ce:b5:8f:bf:d8:ed:1a:
60:b2:04:d8:13:e0:78:6a:ad:ed:5a:fb:c0:3e:21:7e:8c:4f:
fe:58:c8:9d:a0:2b:b6:0c:15:5c:7e:2b:d5:f0:b1:d6:70:10:
1d:5e:d9:2f:4e:ed:c7:35:d0:11:1a:f8:12:2b:29:56:16:af:
8d:ed:00:0b:db:3d:20:b9:7d:61:1f:9e:37:c4:fc:5c:a8:69:
2b:c4:ef:08:51:83:84:39:3e:4e:91:7a:6d:9b:73:d6:db:84:
42:a1:08:c4:69:0e:dc:7a:42:e0:98:5c:3e:af:ae:04:58:bd:
89:45:19:3e:25:44:c0:3c:e2:11:13:f7:f5:43:b2:7f:8f:34:
50:09:a0:a1:94:ce:ff:94:45:e1:d2:d0:42:fa:f5:9e:d6:5e:
d2:dd:d2:70:82:fd:65:cd:f8:d7:7c:02:53:1a:60:9c:89:dc:
e4:b9:16:21:0c:6e:64:6b:ef:b3:78:b3:51:70:3b:72:81:6e:
bf:89:00:26:0f:0d:88:c3:6b:6d:93:9c:de:c8:2d:17:e3:fa:
d9:5a:5f:dd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEGH017DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEz
MDE0MjgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIwNDEyYThmN2Zl
ODVlY2E2YWQ0ZGU2YWVjZjAyNzk1ZDJiZDQ4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOPSQz9jpUOf0jVUIVjH2z3uvsvyXenjQbIh0kP5nPbBx82i
fCLypMas8awnMhMB6OfKubxB8SOMM39XVEkxcueNxSz05FXtT2d0lJ0zio4T2c20
dGaM+f6ETyCS4o5l8hqowVLUKBmGifiNIM519oW8xEpStJ+58pGcozTBoLIVtNsB
BDJUggeuzkgi3MzC2s+Ox3gYq/9AhGpf3XHgqYU4ftobi/oo7w2fgwE2k/QSS3ZD
CFAtuCLt3dlVCBGDcrmlKkjEFZ1yw+6THorI/DGUJvcviKq3kiFhr8zuOeuiPu/B
Xhpc7t5adgJ8RBXqaUausWieGJl9/2Tda1B+ZlMCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRiBBKo9/6F7KatTeauzwJ5XSvUgDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1lnUVNxUGYtaGV5bXJVM21yczhDZVYwcjFJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowHgQCAAEwGAMEALl1FgMEALl4BwMEArl6OAMEALmF
wDAYBAIAAjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
54LE/sziqXEe3YUtgYMN19wwWR15EylAWhnA+8m1b5ipkyrtTwIkTgxXWhX9bM61
j7/Y7RpgsgTYE+B4aq3tWvvAPiF+jE/+WMidoCu2DBVcfivV8LHWcBAdXtkvTu3H
NdARGvgSKylWFq+N7QAL2z0guX1hH543xPxcqGkrxO8IUYOEOT5OkXptm3PW24RC
oQjEaQ7cekLgmFw+r64EWL2JRRk+JUTAPOIRE/f1Q7J/jzRQCaChlM7/lEXh0tBC
+vWe1l7S3dJwgv1lzfjXfAJTGmCcidzkuRYhDG5ka++zeLNRcDtygW6/iQAmDw2I
w2ttk5zeyC0X4/rZWl/d
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org