Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Yy990vZGpKbvFQMxoy2jym_PzSk.roa
File: Yy990vZGpKbvFQMxoy2jym_PzSk.roa (raw, json)
Hash identifier: fhHI67cElAWVJfHLJct0HMHz+fsylD6/O0/KKDEedDA=
Subject key identifier: 63:2F:7D:D2:F6:46:A4:A6:EF:15:03:31:A3:2D:A3:CA:6F:CF:CD:29
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 193C8AE5
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Yy990vZGpKbvFQMxoy2jym_PzSk.roa
Signing time: Sat 19 Mar 2022 10:35:14 +0000
ROA not before: Sat 19 Mar 2022 10:35:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 32
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 423398117 (0x193c8ae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 19 10:35:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=632f7dd2f646a4a6ef150331a32da3ca6fcfcd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:95:66:77:8b:77:aa:c2:ae:97:9a:2f:cc:4d:
d7:4b:05:f7:42:12:be:98:0a:82:e5:2c:75:3c:10:
cf:a8:97:57:e1:9a:88:82:d5:71:b1:05:82:41:dd:
7b:1d:6b:1f:15:8d:40:de:fe:ae:66:2f:e9:5f:fc:
7e:8e:f4:1e:2c:15:a1:98:17:e4:03:2a:c5:6f:ea:
d3:5f:3b:23:05:b7:cf:dc:1c:15:73:6a:5c:8b:84:
38:46:44:a7:be:44:7f:07:13:f6:b7:fb:cd:93:a3:
b9:6a:7b:bc:44:a7:06:43:7e:e4:94:55:04:09:3d:
c9:a8:38:44:70:86:63:4d:a9:81:06:16:5f:ba:6d:
37:18:e2:7c:de:b6:9a:9e:26:39:e1:a0:f0:19:8e:
d2:23:d1:8b:ec:94:c8:be:0c:98:67:42:f6:c6:66:
60:e0:ac:36:a1:b1:c5:e9:fc:5f:aa:24:da:89:d6:
49:e2:4f:87:b6:93:48:02:47:8b:ef:c8:53:fb:88:
3d:b6:f1:1e:d9:01:1a:3f:66:a4:8c:a9:9b:9a:dc:
b3:31:3c:8f:39:c4:cd:94:3e:68:3b:f7:4d:aa:97:
38:8a:1a:a4:21:2b:42:77:24:af:d2:c4:48:cb:50:
db:fd:d3:86:a4:38:e0:6f:af:e0:e8:e7:1f:16:6c:
1a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2F:7D:D2:F6:46:A4:A6:EF:15:03:31:A3:2D:A3:CA:6F:CF:CD:29
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Yy990vZGpKbvFQMxoy2jym_PzSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
cf:61:0f:de:cc:e4:9c:00:5e:ad:75:62:a3:07:23:81:d5:9b:
04:4d:ea:7b:79:ba:1d:79:99:b8:a1:25:a8:86:35:58:1a:2d:
45:e8:85:bc:b4:8b:f5:c0:0d:76:a7:5d:6e:02:68:55:6e:5b:
e3:b5:e1:c7:4a:87:fc:fa:8e:6c:7c:b9:e0:b8:49:d0:77:4e:
20:85:dd:da:91:f1:47:b8:7f:d5:70:78:dd:05:23:fe:ae:ee:
3d:68:16:ca:3e:9c:3e:e2:67:31:61:76:32:42:d1:ad:2c:8a:
24:c6:97:b2:d2:61:36:93:b3:7b:6d:8f:e0:51:23:43:2f:ae:
cd:74:e9:71:82:c4:d6:8d:94:5c:7a:1e:23:d9:c6:27:97:da:
72:0b:8f:73:d8:78:3c:ae:95:66:91:1f:1e:43:cc:73:0b:13:
c2:6c:eb:52:58:90:e9:e0:8a:5f:07:e9:2e:29:3c:07:17:c8:
81:bf:68:49:51:20:7a:64:29:f5:ef:4e:2c:4f:fe:f8:36:a5:
f8:c4:fd:bf:77:94:bb:34:c2:07:9b:9f:5c:96:df:9a:78:7d:
bd:73:c7:3d:c2:b1:16:d1:73:da:f1:14:85:99:70:f5:2e:53:
29:af:1b:15:61:8a:3c:a0:25:24:fc:f5:8d:05:a9:56:aa:05:
24:c0:33:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEGTyK5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMx
OTEwMzUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjMyZjdkZDJmNjQ2
YTRhNmVmMTUwMzMxYTMyZGEzY2E2ZmNmY2QyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+VZneLd6rCrpeaL8xN10sF90ISvpgKguUsdTwQz6iXV+Ga
iILVcbEFgkHdex1rHxWNQN7+rmYv6V/8fo70HiwVoZgX5AMqxW/q0187IwW3z9wc
FXNqXIuEOEZEp75EfwcT9rf7zZOjuWp7vESnBkN+5JRVBAk9yag4RHCGY02pgQYW
X7ptNxjifN62mp4mOeGg8BmO0iPRi+yUyL4MmGdC9sZmYOCsNqGxxen8X6ok2onW
SeJPh7aTSAJHi+/IU/uIPbbxHtkBGj9mpIypm5rcszE8jznEzZQ+aDv3TaqXOIoa
pCErQnckr9LESMtQ2/3ThqQ44G+v4OjnHxZsGikCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRjL33S9kakpu8VAzGjLaPKb8/NKTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1l5OTkwdlpHcEtidkZRTXhveTJqeW1fUHpTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAYBAIA
AjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQDPYQ/ezOSc
AF6tdWKjByOB1ZsETep7ebodeZm4oSWohjVYGi1F6IW8tIv1wA12p11uAmhVblvj
teHHSof8+o5sfLnguEnQd04ghd3akfFHuH/VcHjdBSP+ru49aBbKPpw+4mcxYXYy
QtGtLIokxpey0mE2k7N7bY/gUSNDL67NdOlxgsTWjZRceh4j2cYnl9pyC49z2Hg8
rpVmkR8eQ8xzCxPCbOtSWJDp4IpfB+kuKTwHF8iBv2hJUSB6ZCn1704sT/74NqX4
xP2/d5S7NMIHm59clt+aeH29c8c9wrEW0XPa8RSFmXD1LlMprxsVYYo8oCUk/PWN
BalWqgUkwDMk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org