Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yVyjCHr5-ncb5Cu8KVP1SWQUfAQ.roa
File: yVyjCHr5-ncb5Cu8KVP1SWQUfAQ.roa (raw, json)
Hash identifier: 3+vk5trti35fyHcDgVe7UMku33ohdaZRHJ6875XJS7w=
Subject key identifier: C9:5C:A3:08:7A:F9:FA:77:1B:E4:2B:BC:29:53:F5:49:64:14:7C:04
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 195DA102
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yVyjCHr5-ncb5Cu8KVP1SWQUfAQ.roa
Signing time: Wed 30 Mar 2022 14:58:37 +0000
ROA not before: Wed 30 Mar 2022 14:58:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 32
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 425566466 (0x195da102)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 30 14:58:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c95ca3087af9fa771be42bbc2953f54964147c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:a6:93:7c:d1:05:fc:12:10:f8:09:4c:7b:
7f:05:00:85:22:6c:09:e2:00:ac:01:e1:76:4a:80:
96:f1:4c:e5:98:fd:0e:d5:7e:e8:be:c5:59:3e:5d:
c9:07:8f:63:54:0b:02:58:3e:5e:69:71:29:02:3e:
e1:97:a9:c6:db:bc:31:74:f5:c7:d3:af:9e:52:26:
46:b3:6a:52:39:de:19:70:6e:9f:64:9b:71:74:41:
cf:57:63:51:34:e8:a1:ee:2f:08:0c:4b:14:2e:53:
8e:c8:b2:f8:18:dc:ab:7b:59:03:d7:10:7d:38:43:
de:07:be:42:a7:1b:cf:5d:a5:6b:8e:31:1c:08:1d:
ae:1b:76:8e:ee:92:70:06:7f:3b:86:ef:aa:99:a9:
c9:53:46:e1:61:3e:e6:eb:1b:64:e8:52:56:70:d8:
1b:21:e0:3c:2c:e8:28:50:e8:1f:1d:e0:2e:ca:a7:
3f:2d:d6:69:6a:da:f6:78:77:f0:89:2e:76:18:d6:
82:4b:89:98:2d:08:bb:a9:9e:28:be:9d:79:5a:cc:
83:b3:21:13:92:5e:be:85:af:e6:fa:95:47:7f:11:
2d:5e:8b:cd:1c:d0:0c:d5:9d:12:d7:c1:5a:a0:31:
54:77:ea:a4:60:f8:ff:76:6d:0c:1c:e9:24:57:77:
54:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5C:A3:08:7A:F9:FA:77:1B:E4:2B:BC:29:53:F5:49:64:14:7C:04
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yVyjCHr5-ncb5Cu8KVP1SWQUfAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
66:8a:cc:df:89:06:1d:29:22:fb:45:10:1d:2f:6e:7e:f4:d2:
e9:a4:50:9d:8a:8d:bc:12:be:40:63:41:6b:d0:39:17:ec:11:
6f:13:73:79:86:43:0b:e2:dd:d2:50:6e:60:ba:4f:1d:d5:b1:
80:66:68:8f:e9:fc:7d:6d:ad:7b:f5:31:96:31:00:ce:53:d3:
88:bf:d1:6b:84:05:42:80:14:fd:26:83:47:3a:85:6d:b4:d0:
4d:87:c5:c2:96:94:b7:e1:28:af:9d:4e:e1:42:be:74:e5:ee:
e5:e2:20:d1:88:ce:0a:4a:98:f4:01:13:f8:93:17:b5:7f:b1:
11:d4:e7:36:0d:85:53:4a:04:4b:6a:80:1a:06:fe:dc:e8:90:
1d:f4:42:d5:87:c1:79:5c:b9:17:e8:12:f3:27:af:f6:f5:1c:
0f:a8:f7:18:17:6b:53:36:ab:aa:81:fe:c5:c9:c6:0d:55:44:
85:2c:ec:30:92:32:3d:76:1a:c9:25:21:69:02:30:c7:a5:aa:
ae:d7:0c:91:33:91:cf:aa:50:b9:80:ce:b8:a0:ac:6a:ea:5f:
f9:1b:08:65:9b:a8:51:63:1b:0f:d6:8a:23:e7:ae:d8:06:f0:
d2:39:5d:33:0a:b6:16:0f:f4:74:9e:80:6e:ba:6f:96:fc:5c:
d2:8d:15:88
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEGV2hAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMz
MDE0NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk1Y2EzMDg3YWY5
ZmE3NzFiZTQyYmJjMjk1M2Y1NDk2NDE0N2MwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2AppN80QX8EhD4CUx7fwUAhSJsCeIArAHhdkqAlvFM5Zj9
DtV+6L7FWT5dyQePY1QLAlg+XmlxKQI+4Zepxtu8MXT1x9OvnlImRrNqUjneGXBu
n2SbcXRBz1djUTTooe4vCAxLFC5Tjsiy+Bjcq3tZA9cQfThD3ge+Qqcbz12la44x
HAgdrht2ju6ScAZ/O4bvqpmpyVNG4WE+5usbZOhSVnDYGyHgPCzoKFDoHx3gLsqn
Py3WaWra9nh38IkudhjWgkuJmC0Iu6meKL6deVrMg7MhE5JevoWv5vqVR38RLV6L
zRzQDNWdEtfBWqAxVHfqpGD4/3ZtDBzpJFd3VLkCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBTJXKMIevn6dxvkK7wpU/VJZBR8BDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3lWeWpDSHI1LW5jYjVDdThLVlAxU1dRVWZBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAYBAIA
AjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQBmiszfiQYd
KSL7RRAdL25+9NLppFCdio28Er5AY0Fr0DkX7BFvE3N5hkML4t3SUG5guk8d1bGA
ZmiP6fx9ba179TGWMQDOU9OIv9FrhAVCgBT9JoNHOoVttNBNh8XClpS34SivnU7h
Qr505e7l4iDRiM4KSpj0ARP4kxe1f7ER1Oc2DYVTSgRLaoAaBv7c6JAd9ELVh8F5
XLkX6BLzJ6/29RwPqPcYF2tTNquqgf7FycYNVUSFLOwwkjI9dhrJJSFpAjDHpaqu
1wyRM5HPqlC5gM64oKxq6l/5Gwhlm6hRYxsP1ooj567YBvDSOV0zCrYWD/R0noBu
um+W/FzSjRWI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org