Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/ym6CmpvMflM8ayj1KmmL0VM6uIk.roa
File: ym6CmpvMflM8ayj1KmmL0VM6uIk.roa (raw, json)
Hash identifier: jfOFkZmmQvX9d14v/2I1JWinvRR2SqUD1Av8wSz/JwM=
Subject key identifier: CA:6E:82:9A:9B:CC:7E:53:3C:6B:28:F5:2A:69:8B:D1:53:3A:B8:89
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 09C8548E
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/ym6CmpvMflM8ayj1KmmL0VM6uIk.roa
Signing time: Fri 21 Jan 2022 19:14:59 +0000
ROA not before: Fri 21 Jan 2022 19:14:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31293
IP address blocks: 185.118.242.0/24 maxlen: 24
185.118.241.0/24 maxlen: 24
185.118.243.0/24 maxlen: 24
194.150.117.0/24 maxlen: 24
194.150.116.0/24 maxlen: 24
194.150.118.0/24 maxlen: 24
194.150.119.0/24 maxlen: 24
2a06:9680::/29 maxlen: 29
2a06:9682::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164123790 (0x9c8548e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 21 19:14:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca6e829a9bcc7e533c6b28f52a698bd1533ab889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6c:a9:8f:9b:0d:3d:98:49:26:23:a8:fb:9b:
98:95:49:e9:6e:28:bf:88:1a:51:af:6c:7f:e1:35:
60:7c:ce:a1:af:b6:cb:b7:35:5c:08:48:12:b9:87:
0e:1e:86:ed:98:68:d7:2e:2d:14:1b:5d:6a:bb:b3:
e6:2b:36:e1:8d:35:cb:12:03:36:86:97:5b:e2:7c:
77:5a:01:ce:a4:f9:ef:5b:80:52:48:11:b8:79:48:
dd:f4:bc:79:09:b1:52:75:19:4e:bd:95:e7:6a:aa:
af:77:4c:05:79:2b:7b:22:e4:f5:75:ee:9e:d2:a7:
da:64:e3:de:32:4c:0c:2c:57:2d:74:83:c6:d7:0d:
39:a2:41:63:31:27:58:79:80:ec:14:21:70:b2:7c:
78:26:f6:2c:c5:25:16:75:ad:8e:58:dc:81:33:68:
6d:56:d0:a0:76:0d:27:f3:63:46:85:6b:78:9d:49:
4d:b8:f2:98:be:f3:d8:c6:fd:ae:ad:67:b3:37:fa:
ec:c1:14:72:59:25:7c:b3:c9:b6:62:4d:a9:e8:28:
17:ea:cd:62:0d:62:56:41:6e:53:91:78:14:1b:bb:
38:1f:0c:51:b1:f2:6b:42:6b:95:f5:4e:7c:c8:8e:
03:66:8e:a5:fa:4b:58:a8:74:da:7e:0c:ff:2d:a6:
98:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6E:82:9A:9B:CC:7E:53:3C:6B:28:F5:2A:69:8B:D1:53:3A:B8:89
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/ym6CmpvMflM8ayj1KmmL0VM6uIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.241.0-185.118.243.255
194.150.116.0/22
IPv6:
2a06:9680::/29
Signature Algorithm: sha256WithRSAEncryption
99:78:11:62:bd:7a:9d:64:d2:1b:3c:cc:fd:60:b9:80:d1:ec:
d2:29:0b:b9:ff:33:8a:f9:f9:b5:aa:e0:b8:a5:78:7a:c3:48:
89:77:5e:d2:6b:63:9a:14:4c:80:8a:86:7f:55:66:33:b0:88:
b4:b0:10:cd:68:e5:2a:1a:d6:42:f7:03:bb:93:54:30:0c:96:
73:f8:8b:87:a0:b5:a0:59:0c:e9:f2:31:c4:a3:87:72:26:87:
fe:f3:50:38:42:01:2d:df:1c:e7:b8:4f:97:c7:0f:63:19:3f:
45:d2:b8:60:c3:4e:e7:e6:a9:91:92:c8:05:04:eb:23:dc:0f:
5b:cb:96:e1:63:7b:e4:94:66:fa:bd:ad:5d:42:a9:38:b9:cc:
9c:23:77:02:e7:54:68:16:a6:91:64:1c:b1:39:f0:59:ca:f6:
bc:4e:f2:b3:4a:b9:6b:28:84:ec:a9:d6:86:eb:e9:e0:24:6f:
6b:5b:eb:d4:69:5b:5b:16:61:20:92:6c:b2:aa:cd:46:d7:77:
fd:a3:80:e3:43:ef:c2:7b:59:2d:08:0a:43:d6:43:d7:ce:83:
c0:c0:eb:fe:95:0d:e9:fc:a3:95:b3:ec:36:22:0d:57:9f:82:
c7:b9:22:65:23:34:1b:0d:9c:d0:85:b5:5f:08:de:f6:d0:34:
8c:89:c0:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECchUjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzNiODg3N2UxYTEzMGZlNTAzODZjNjEwZDZlYWQ1NjQxYjk3YmE2MB4XDTIyMDEy
MTE5MTQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E2ZTgyOWE5YmNj
N2U1MzNjNmIyOGY1MmE2OThiZDE1MzNhYjg4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhsqY+bDT2YSSYjqPubmJVJ6W4ov4gaUa9sf+E1YHzOoa+2
y7c1XAhIErmHDh6G7Zho1y4tFBtdaruz5is24Y01yxIDNoaXW+J8d1oBzqT571uA
UkgRuHlI3fS8eQmxUnUZTr2V52qqr3dMBXkreyLk9XXuntKn2mTj3jJMDCxXLXSD
xtcNOaJBYzEnWHmA7BQhcLJ8eCb2LMUlFnWtjljcgTNobVbQoHYNJ/NjRoVreJ1J
TbjymL7z2Mb9rq1nszf67MEUclklfLPJtmJNqegoF+rNYg1iVkFuU5F4FBu7OB8M
UbHya0JrlfVOfMiOA2aOpfpLWKh02n4M/y2mmNECAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTKboKam8x+UzxrKPUqaYvRUzq4iTAfBgNVHSMEGDAWgBR8O4h34aEw/lA4
bGENbq1WQbl7pjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZEdUlkLUdoTVA1UU9HeGhEVzZ0VmtHNWU2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvMTdhNzEyLTRlNWEtNDBjNS1hM2EyLTEyMDI1YzU0ZjQ4NC8x
L3ltNkNtcHZNZmxNOGF5ajFLbW1MMFZNNnVJay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
MTdhNzEyLTRlNWEtNDBjNS1hM2EyLTEyMDI1YzU0ZjQ4NC8xL2ZEdUlkLUdoTVA1
UU9HeGhEVzZ0VmtHNWU2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQAuXbxAwQCuXbwAwQCwpZ0MA0E
AgACMAcDBQMqBpaAMA0GCSqGSIb3DQEBCwUAA4IBAQCZeBFivXqdZNIbPMz9YLmA
0ezSKQu5/zOK+fm1quC4pXh6w0iJd17Sa2OaFEyAioZ/VWYzsIi0sBDNaOUqGtZC
9wO7k1QwDJZz+IuHoLWgWQzp8jHEo4dyJof+81A4QgEt3xznuE+Xxw9jGT9F0rhg
w07n5qmRksgFBOsj3A9by5bhY3vklGb6va1dQqk4ucycI3cC51RoFqaRZByxOfBZ
yva8TvKzSrlrKITsqdaG6+ngJG9rW+vUaVtbFmEgkmyyqs1G13f9o4DjQ+/Ce1kt
CApD1kPXzoPAwOv+lQ3p/KOVs+w2Ig1Xn4LHuSJlIzQbDZzQhbVfCN720DSMicDd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:12 2024 by rpki-client on console-ams.rpki-client.org