Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/YoyOT2owrMk65N31irDojIIssD4.roa
File: YoyOT2owrMk65N31irDojIIssD4.roa (raw, json)
Hash identifier: 6/3Y0Z2je0Isgqz3wCo/sCzUOnjMoMNWW8zAOMbFX9Q=
Subject key identifier: 62:8C:8E:4F:6A:30:AC:C9:3A:E4:DD:F5:8A:B0:E8:8C:82:2C:B0:3E
Certificate issuer: /CN=29184647248b55523999cbb7fe5b20a99fe73be3
Certificate serial: 3587A041
Authority key identifier: 29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/YoyOT2owrMk65N31irDojIIssD4.roa
Signing time: Sat 01 Jan 2022 06:03:45 +0000
ROA not before: Sat 01 Jan 2022 06:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20514
IP address blocks: 217.151.207.0/24 maxlen: 24
185.166.32.0/22 maxlen: 23
217.151.192.0/21 maxlen: 21
217.151.192.0/20 maxlen: 20
2a03:c300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 898080833 (0x3587a041)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29184647248b55523999cbb7fe5b20a99fe73be3
Validity
Not Before: Jan 1 06:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=628c8e4f6a30acc93ae4ddf58ab0e88c822cb03e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:f1:44:ee:86:31:78:19:92:7d:8f:ee:ef:
4a:65:01:33:71:df:a7:28:e1:47:77:08:65:7a:a7:
cc:3d:c2:d1:a6:82:d0:e0:3f:4a:00:08:b8:f7:3f:
fc:86:e0:a0:06:c7:fb:1d:a4:fc:9e:18:6c:93:0a:
90:74:52:ff:be:74:2d:fd:27:e9:24:7d:ec:e1:fc:
3d:4d:25:22:ef:98:89:79:25:b1:8c:be:9b:70:64:
a6:d4:8b:4c:f7:bf:5c:e9:3e:5b:c5:33:62:cd:5f:
be:bd:c6:fa:88:3d:f7:62:70:44:e3:e2:07:a9:c3:
bd:2f:45:22:ae:8f:dd:0e:c1:6f:2f:36:de:29:a2:
0e:7c:a0:a7:0c:0d:c9:ce:b3:8e:83:6b:20:67:d2:
30:21:a4:51:26:f0:ea:27:6a:de:f3:3b:be:8e:8e:
bf:9c:a5:44:54:59:85:25:2a:e7:e1:93:88:34:bb:
de:a7:93:ea:6b:f5:60:06:6e:bd:4e:ec:11:1e:48:
65:ef:6e:f2:16:af:79:94:e6:51:64:c7:74:c2:1a:
0e:97:c8:83:68:7a:cf:46:7e:72:d6:7a:3f:2d:11:
ac:bd:45:91:da:4e:fa:3b:b9:a2:13:cf:c8:d9:65:
a9:61:80:7b:e9:09:08:6b:57:f4:ef:a3:be:f6:da:
bd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:8C:8E:4F:6A:30:AC:C9:3A:E4:DD:F5:8A:B0:E8:8C:82:2C:B0:3E
X509v3 Authority Key Identifier:
keyid:29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/YoyOT2owrMk65N31irDojIIssD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/KRhGRySLVVI5mcu3_lsgqZ_nO-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.32.0/22
217.151.192.0/20
IPv6:
2a03:c300::/32
Signature Algorithm: sha256WithRSAEncryption
40:29:21:9c:a0:68:e5:1b:a7:46:27:36:92:d5:f7:30:9f:71:
04:fe:f1:46:79:a5:de:e9:5a:45:e3:38:6d:3d:b8:09:58:26:
0d:dd:72:ee:5e:2a:cd:77:bb:a5:30:f5:e2:f5:fc:83:d8:c1:
96:d2:52:c0:18:07:dd:5f:37:c6:f0:ef:8b:8a:2a:ae:3d:ce:
a8:ae:f2:5a:64:2b:81:35:0d:47:3a:77:9b:74:7e:24:f6:08:
0d:c1:ba:88:1c:4d:b6:5e:83:38:68:86:2d:8e:c0:e5:b8:ce:
f0:8e:0a:03:22:8e:ce:b0:93:f1:6e:c5:2c:22:9a:3b:6a:57:
02:13:0e:b0:9c:e4:1e:4a:08:82:38:a4:6f:1a:f1:c5:f5:d8:
ed:ae:24:f6:5d:14:da:6a:1b:49:63:df:b5:66:35:29:6c:50:
18:ca:99:22:4f:a5:2d:5f:00:91:ac:53:cc:8b:2f:fd:cf:fd:
96:0c:c1:d2:ad:21:3d:c0:fe:cd:72:fa:d9:02:d8:8c:8e:5f:
aa:20:6e:14:2a:be:7d:15:30:10:a3:ca:ef:0f:f6:1b:89:40:
8c:23:25:71:0d:b5:92:42:66:37:8f:cd:23:62:c3:77:ab:af:
ea:16:37:49:ce:24:b0:3f:2d:9b:e8:bd:26:9d:f0:ad:31:0d:
c7:32:80:48
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENYegQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTE4NDY0NzI0OGI1NTUyMzk5OWNiYjdmZTViMjBhOTlmZTczYmUzMB4XDTIyMDEw
MTA2MDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI4YzhlNGY2YTMw
YWNjOTNhZTRkZGY1OGFiMGU4OGM4MjJjYjAzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRo8UTuhjF4GZJ9j+7vSmUBM3HfpyjhR3cIZXqnzD3C0aaC
0OA/SgAIuPc//IbgoAbH+x2k/J4YbJMKkHRS/750Lf0n6SR97OH8PU0lIu+YiXkl
sYy+m3BkptSLTPe/XOk+W8UzYs1fvr3G+og992JwROPiB6nDvS9FIq6P3Q7Bby82
3imiDnygpwwNyc6zjoNrIGfSMCGkUSbw6idq3vM7vo6Ov5ylRFRZhSUq5+GTiDS7
3qeT6mv1YAZuvU7sER5IZe9u8haveZTmUWTHdMIaDpfIg2h6z0Z+ctZ6Py0RrL1F
kdpO+ju5ohPPyNllqWGAe+kJCGtX9O+jvvbavT0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRijI5PajCsyTrk3fWKsOiMgiywPjAfBgNVHSMEGDAWgBQpGEZHJItVUjmZ
y7f+WyCpn+c74zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSaEdSeVNMVlZJNW1jdTNfbHNncVpfbk8tTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvNTYwMzZiLTIzZDgtNGIzNy1iNTQ2LThmYzIzNzNmYzI2ZS8x
L1lveU9UMm93ck1rNjVOMzFpckRvaklJc3NENC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
NTYwMzZiLTIzZDgtNGIzNy1iNTQ2LThmYzIzNzNmYzI2ZS8xL0tSaEdSeVNMVlZJ
NW1jdTNfbHNncVpfbk8tTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmmIAMEBNmXwDANBAIAAjAHAwUA
KgPDADANBgkqhkiG9w0BAQsFAAOCAQEAQCkhnKBo5RunRic2ktX3MJ9xBP7xRnml
3ulaReM4bT24CVgmDd1y7l4qzXe7pTD14vX8g9jBltJSwBgH3V83xvDvi4oqrj3O
qK7yWmQrgTUNRzp3m3R+JPYIDcG6iBxNtl6DOGiGLY7A5bjO8I4KAyKOzrCT8W7F
LCKaO2pXAhMOsJzkHkoIgjikbxrxxfXY7a4k9l0U2mobSWPftWY1KWxQGMqZIk+l
LV8AkaxTzIsv/c/9lgzB0q0hPcD+zXL62QLYjI5fqiBuFCq+fRUwEKPK7w/2G4lA
jCMlcQ21kkJmN4/NI2LDd6uv6hY3Sc4ksD8tm+i9Jp3wrTENxzKASA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:34 2023 by rpki-client on console-ams.rpki-client.org