Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa
File: YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa (raw, json)
Hash identifier: CJ8MEHtetV4YUASmoM/ipOvDJSUdouxcihGYv6k0iwA=
Subject key identifier: 60:60:DF:AB:5A:F6:14:F2:DD:A7:E3:38:A7:FB:DA:14:9A:A6:F9:D0
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 33FC59CB
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa
Signing time: Sat 01 Jan 2022 13:59:50 +0000
ROA not before: Sat 01 Jan 2022 13:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25091
IP address blocks: 46.20.240.0/20 maxlen: 24
185.60.52.0/22 maxlen: 24
5.144.32.0/21 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 872176075 (0x33fc59cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jan 1 13:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6060dfab5af614f2dda7e338a7fbda149aa6f9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3b:fc:08:e2:50:7b:4b:fd:dc:73:8a:4f:1e:
e1:93:5b:b1:15:fb:d4:8a:83:6c:42:40:e2:7b:95:
4a:46:42:77:03:53:7d:93:89:ad:2e:3d:fe:61:bf:
52:fb:7a:3e:fe:0f:16:75:25:06:8d:84:9b:71:0b:
f1:8c:4d:f3:6d:54:b7:73:89:70:d4:1c:c3:4e:05:
cf:06:75:7a:1b:47:c2:41:9a:26:4e:e8:0e:74:6a:
84:0a:1c:c3:d4:74:2f:af:4f:60:a6:4b:91:9f:00:
b7:cb:91:44:4a:fb:31:91:d9:9b:dd:66:d5:72:b3:
c7:a4:e9:91:bc:74:b9:ab:e3:51:a1:5c:e2:09:b5:
ba:52:3b:c8:fa:91:18:5c:53:10:92:bb:b4:d9:1e:
de:37:5b:65:83:22:b7:51:77:c6:77:d6:b8:c3:5a:
ed:de:8b:b1:15:4c:2d:a8:0b:7f:14:7b:1d:76:30:
96:9a:40:85:43:7d:d5:fd:1a:42:79:0c:f4:65:fe:
31:34:47:12:34:5f:19:25:dd:6a:b4:5e:81:e3:af:
20:d2:36:f9:a6:37:cd:cc:e0:f9:05:52:b2:81:7d:
9d:f6:4d:33:1c:18:6e:f6:46:c1:81:c3:19:a1:89:
40:84:ec:b5:e3:bb:20:24:a8:fa:cc:e3:28:5d:1b:
8c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:60:DF:AB:5A:F6:14:F2:DD:A7:E3:38:A7:FB:DA:14:9A:A6:F9:D0
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
185.60.52.0/22
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
9e:5a:ee:cf:7c:51:2c:15:4f:22:4c:4f:fb:58:c7:22:86:74:
41:a8:54:49:62:2b:00:a1:6d:c5:16:a8:db:fa:fc:51:92:2d:
68:67:2c:4b:7e:b2:18:66:ff:b8:0a:e3:42:83:9b:f9:af:50:
33:0a:7d:e1:87:c1:44:1f:8e:28:bb:f0:8e:91:86:3d:2b:b5:
36:d6:20:44:62:b8:88:c8:3b:8c:e0:c2:5a:2f:5b:3a:79:b4:
5c:dc:ae:a3:20:03:69:91:80:c7:f3:d8:61:5c:5a:32:f2:04:
d2:36:e7:fc:01:27:06:53:36:8f:13:53:01:b9:03:e9:dd:b9:
df:b9:06:e5:77:83:d7:af:c9:d2:4d:16:b2:a6:a6:dd:fa:46:
53:fd:78:47:7d:c3:58:71:07:b8:47:79:5a:4c:25:ae:45:04:
fa:35:ce:8a:28:8c:6e:28:32:4a:31:ca:d9:d3:e5:4e:e7:22:
b1:d3:27:12:23:65:e8:2a:fc:14:9c:ed:2d:77:5a:69:e2:93:
06:44:53:5c:51:c9:53:19:06:7b:83:ba:92:15:3b:5b:3c:b9:
4a:5c:42:71:c6:39:95:f7:f6:83:fc:9d:af:35:ad:da:2b:ad:
4b:30:1b:fa:31:7b:e8:e4:dd:3b:67:ea:d1:2f:ce:c8:57:4a:
5a:f5:37:7f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEM/xZyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWZjMGJlYzYwZDBiYWNlMTg4OTY3N2JkOWJiOTAxOTBjYzRmZDIyMB4XDTIyMDEw
MTEzNTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA2MGRmYWI1YWY2
MTRmMmRkYTdlMzM4YTdmYmRhMTQ5YWE2ZjlkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw7/AjiUHtL/dxzik8e4ZNbsRX71IqDbEJA4nuVSkZCdwNT
fZOJrS49/mG/Uvt6Pv4PFnUlBo2Em3EL8YxN821Ut3OJcNQcw04FzwZ1ehtHwkGa
Jk7oDnRqhAocw9R0L69PYKZLkZ8At8uRREr7MZHZm91m1XKzx6Tpkbx0uavjUaFc
4gm1ulI7yPqRGFxTEJK7tNke3jdbZYMit1F3xnfWuMNa7d6LsRVMLagLfxR7HXYw
lppAhUN91f0aQnkM9GX+MTRHEjRfGSXdarRegeOvINI2+aY3zczg+QVSsoF9nfZN
MxwYbvZGwYHDGaGJQITsteO7ICSo+szjKF0bjDsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRgYN+rWvYU8t2n4zin+9oUmqb50DAfBgNVHSMEGDAWgBTZ/AvsYNC6zhiJ
Z3vZu5AZDMT9IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJmd0w3R0RRdXM0WWlXZDcyYnVRR1F6RV9TSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvYjBkNmU2LTJlZDctNDkyOC1hZDY5LTM0NjkwMzRmYTQ0MS8x
L1lHRGZxMXIyRlBMZHAtTTRwX3ZhRkpxbS1kQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
YjBkNmU2LTJlZDctNDkyOC1hZDY5LTM0NjkwMzRmYTQ0MS8xLzJmd0w3R0RRdXM0
WWlXZDcyYnVRR1F6RV9TSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwWQIAMEBC4U8AMEArk8NDANBAIA
AjAHAwUDKgIlKDANBgkqhkiG9w0BAQsFAAOCAQEAnlruz3xRLBVPIkxP+1jHIoZ0
QahUSWIrAKFtxRao2/r8UZItaGcsS36yGGb/uArjQoOb+a9QMwp94YfBRB+OKLvw
jpGGPSu1NtYgRGK4iMg7jODCWi9bOnm0XNyuoyADaZGAx/PYYVxaMvIE0jbn/AEn
BlM2jxNTAbkD6d2537kG5XeD16/J0k0Wsqam3fpGU/14R33DWHEHuEd5WkwlrkUE
+jXOiiiMbigySjHK2dPlTucisdMnEiNl6Cr8FJztLXdaaeKTBkRTXFHJUxkGe4O6
khU7Wzy5SlxCccY5lff2g/ydrzWt2iutSzAb+jF76OTdO2fq0S/OyFdKWvU3fw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:43 2023 by rpki-client on console-ams.rpki-client.org