Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/iYyDxM4ORIEn2wdmhrz8sVkskOM.roa
File: iYyDxM4ORIEn2wdmhrz8sVkskOM.roa (raw, json)
Hash identifier: YEJqKzebtG3cLZe6cYzhC723p583Rj6S9TzcUapnYh4=
Subject key identifier: 89:8C:83:C4:CE:0E:44:81:27:DB:07:66:86:BC:FC:B1:59:2C:90:E3
Certificate issuer: /CN=3cca849b375015f433e9a240ecabf03cf152c781
Certificate serial: 01856C6EE7E54D6202BCC4E878555C3109FD
Authority key identifier: 3C:CA:84:9B:37:50:15:F4:33:E9:A2:40:EC:AB:F0:3C:F1:52:C7:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PMqEmzdQFfQz6aJA7KvwPPFSx4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/iYyDxM4ORIEn2wdmhrz8sVkskOM.roa
Signing time: Sun 01 Jan 2023 08:24:45 +0000
ROA not before: Sun 01 Jan 2023 08:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6776
IP address blocks: 185.150.52.0/22 maxlen: 22
193.247.239.0/24 maxlen: 24
193.247.251.0/24 maxlen: 24
193.247.252.0/23 maxlen: 23
193.135.252.0/24 maxlen: 24
193.135.253.0/24 maxlen: 24
193.135.152.0/23 maxlen: 23
193.135.164.0/24 maxlen: 24
193.135.165.0/24 maxlen: 24
193.247.184.0/23 maxlen: 23
193.247.93.0/24 maxlen: 24
193.247.100.0/24 maxlen: 24
193.247.102.0/24 maxlen: 24
193.247.120.0/22 maxlen: 22
193.247.78.0/23 maxlen: 23
2a00:efa0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e7:e5:4d:62:02:bc:c4:e8:78:55:5c:31:09:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cca849b375015f433e9a240ecabf03cf152c781
Validity
Not Before: Jan 1 08:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=898c83c4ce0e448127db076686bcfcb1592c90e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:d7:39:37:d5:39:03:1f:77:06:14:04:b8:
12:ac:cc:75:9d:f5:7f:f3:ed:15:01:e8:19:92:b5:
ce:79:ad:5c:d9:2e:14:7c:d7:8b:b6:12:ed:d1:a6:
2d:a0:34:4a:59:74:17:76:c1:12:00:35:16:75:17:
cb:60:a5:8b:4e:b6:38:f0:b5:01:59:40:7f:96:58:
57:4c:8f:01:e1:3d:c2:ba:fe:1a:a8:b3:a3:4f:45:
b2:96:f6:e7:7b:d7:a2:28:4b:c2:6e:70:b0:38:5f:
ac:66:bb:00:fb:e1:e1:4f:ac:72:f4:b8:13:c7:0d:
dc:1d:07:3f:75:5c:be:5f:bd:36:8e:3c:df:8e:92:
27:f9:01:29:f9:ee:76:7d:aa:0f:87:92:97:0f:b7:
2b:10:49:a6:2b:5d:88:c5:33:b7:41:b8:a2:7f:cc:
77:68:2f:f3:8d:35:8b:66:7c:b1:28:50:bf:bb:8b:
7b:4f:30:d9:ea:78:15:88:de:df:38:86:b0:e6:c4:
60:d0:08:d6:c9:c2:99:b1:83:b9:1e:cb:21:ec:ed:
9d:39:70:ff:38:90:10:66:e1:77:5b:28:42:7b:66:
da:5a:4d:c5:b8:85:cb:85:26:a3:95:72:02:d6:17:
22:a0:fd:6a:a7:0d:39:5f:47:47:46:6e:bf:20:38:
ea:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8C:83:C4:CE:0E:44:81:27:DB:07:66:86:BC:FC:B1:59:2C:90:E3
X509v3 Authority Key Identifier:
keyid:3C:CA:84:9B:37:50:15:F4:33:E9:A2:40:EC:AB:F0:3C:F1:52:C7:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PMqEmzdQFfQz6aJA7KvwPPFSx4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/iYyDxM4ORIEn2wdmhrz8sVkskOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/PMqEmzdQFfQz6aJA7KvwPPFSx4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.52.0/22
193.135.152.0/23
193.135.164.0/23
193.135.252.0/23
193.247.78.0/23
193.247.93.0/24
193.247.100.0/24
193.247.102.0/24
193.247.120.0/22
193.247.184.0/23
193.247.239.0/24
193.247.251.0-193.247.253.255
IPv6:
2a00:efa0::/32
Signature Algorithm: sha256WithRSAEncryption
59:fa:10:f9:41:e8:63:fa:34:32:6d:d3:e8:3d:f6:45:6f:d2:
d9:9e:0f:c9:e7:4a:de:5f:59:20:f1:37:69:aa:e0:c2:1b:c7:
3b:c4:eb:77:63:dd:2e:2c:f0:0a:b8:01:e0:d9:fb:df:f8:9c:
ad:c7:4c:8f:57:a2:7e:c1:d8:e3:f2:20:a6:dd:b9:7e:13:6f:
dc:a3:82:6a:c5:6f:be:ff:e6:75:f5:31:6f:88:97:16:2c:c8:
08:31:f0:31:8a:01:7e:30:c5:94:76:55:76:37:44:c9:c7:e8:
4c:46:67:82:88:14:23:91:2a:ed:d5:37:d8:2f:b7:a0:02:52:
55:72:87:cc:b4:b1:a9:07:52:3d:df:0f:8a:5b:99:dd:e3:94:
4d:07:69:f5:61:ae:9f:39:fd:de:78:e2:6c:f0:a7:58:bc:8c:
0c:be:ea:3f:ec:d1:1f:cd:6e:86:7d:93:65:b1:0e:15:47:8a:
88:4f:45:ec:ce:51:00:59:09:22:f6:e3:70:17:64:09:0c:25:
94:10:c9:75:35:bf:2e:10:15:20:73:8e:35:11:1b:e1:15:db:
99:9c:66:a6:18:c3:55:94:f8:bf:2a:d1:7c:43:7d:5e:5c:56:
3c:cb:de:83:ec:cb:d3:2f:b6:07:a7:d4:17:36:21:77:89:a7:
cf:0f:00:4c
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYVsbuflTWICvMToeFVcMQn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjY2E4NDliMzc1MDE1ZjQzM2U5YTI0MGVjYWJmMDNjZjE1
MmM3ODEwHhcNMjMwMTAxMDgyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OThjODNjNGNlMGU0NDgxMjdkYjA3NjY4NmJjZmNiMTU5MmM5MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvTXOTfVOQMfdwYUBLgSrMx1nfV/
8+0VAegZkrXOea1c2S4UfNeLthLt0aYtoDRKWXQXdsESADUWdRfLYKWLTrY48LUB
WUB/llhXTI8B4T3Cuv4aqLOjT0Wylvbne9eiKEvCbnCwOF+sZrsA++HhT6xy9LgT
xw3cHQc/dVy+X702jjzfjpIn+QEp+e52faoPh5KXD7crEEmmK12IxTO3Qbiif8x3
aC/zjTWLZnyxKFC/u4t7TzDZ6ngViN7fOIaw5sRg0AjWycKZsYO5Hssh7O2dOXD/
OJAQZuF3WyhCe2baWk3FuIXLhSajlXIC1hcioP1qpw05X0dHRm6/IDjqaQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFImMg8TODkSBJ9sHZoa8/LFZLJDjMB8GA1UdIwQY
MBaAFDzKhJs3UBX0M+miQOyr8DzxUseBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE1xRW16ZFFGZlF6NmFKQTdLdndQUEZTeDRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yNzU2MzYtZmUzZi00NTI4LWJkN2Ut
ZDYyNTVmMjUyN2RhLzEvaVl5RHhNNE9SSUVuMndkbWhyejhzVmtza09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8yNzU2MzYtZmUzZi00NTI4LWJkN2UtZDYyNTVmMjUyN2Rh
LzEvUE1xRW16ZFFGZlF6NmFKQTdLdndQUEZTeDRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQCuZY0AwQB
wYeYAwQBwYekAwQBwYf8AwQBwfdOAwQAwfddAwQAwfdkAwQAwfdmAwQCwfd4AwQB
wfe4AwQAwffvMAwDBADB9/sDBAHB9/wwDQQCAAIwBwMFACoA76AwDQYJKoZIhvcN
AQELBQADggEBAFn6EPlB6GP6NDJt0+g99kVv0tmeD8nnSt5fWSDxN2mq4MIbxzvE
63dj3S4s8Aq4AeDZ+9/4nK3HTI9Xon7B2OPyIKbduX4Tb9yjgmrFb77/5nX1MW+I
lxYsyAgx8DGKAX4wxZR2VXY3RMnH6ExGZ4KIFCORKu3VN9gvt6ACUlVyh8y0sakH
Uj3fD4pbmd3jlE0HafVhrp85/d544mzwp1i8jAy+6j/s0R/NboZ9k2WxDhVHiohP
RezOUQBZCSL243AXZAkMJZQQyXU1vy4QFSBzjjURG+EV25mcZqYYw1WU+L8q0XxD
fV5cVjzL3oPsy9Mvtgen1Bc2IXeJp88PAEw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:30 2025 by rpki-client