Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/yj9iLC8mvlqNULQwosUy9aq2p2Y.roa
File: yj9iLC8mvlqNULQwosUy9aq2p2Y.roa (raw, json)
Hash identifier: +kaflIgnj9ylXeEBmHP+xGwjbxfpx64oxHIXizf7qqU=
Subject key identifier: CA:3F:62:2C:2F:26:BE:5A:8D:50:B4:30:A2:C5:32:F5:AA:B6:A7:66
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 0B1EA19F
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/yj9iLC8mvlqNULQwosUy9aq2p2Y.roa
Signing time: Sat 01 Jan 2022 08:00:31 +0000
ROA not before: Sat 01 Jan 2022 08:00:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60241
IP address blocks: 198.52.44.0/22 maxlen: 24
198.52.46.0/23 maxlen: 23
185.120.128.0/22 maxlen: 22
185.34.60.0/22 maxlen: 22
2a04:5d00::/29 maxlen: 29
2a06:9a80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186556831 (0xb1ea19f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 1 08:00:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca3f622c2f26be5a8d50b430a2c532f5aab6a766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:99:b6:d8:40:60:c6:04:25:cb:a8:28:0f:56:
66:ed:88:0b:d9:0d:a9:ee:d7:1a:de:4b:43:55:2d:
0e:90:e5:21:36:46:12:39:cd:dc:30:dc:2f:5f:cb:
5b:d4:c2:6b:31:ce:1d:51:92:ea:76:b0:1d:f6:64:
99:79:bf:2a:12:ef:32:b2:e7:88:43:1c:6b:8a:9a:
13:1f:01:ef:87:a3:9b:f9:38:07:34:20:9b:35:b3:
8f:18:96:f9:bb:f6:54:42:59:62:93:88:9a:4f:8f:
a0:de:57:e4:4d:71:bc:ce:c9:a9:88:53:21:ce:3d:
0c:e7:39:03:f5:70:a2:e3:11:57:4c:d6:5c:b2:a5:
14:37:42:b8:d7:fe:17:12:ec:38:0a:6d:f8:7f:1a:
35:25:30:2d:01:6e:ff:50:38:d3:d7:50:65:e1:af:
c3:33:a1:f3:87:b1:3f:cb:9b:b3:86:50:3f:61:4a:
99:b3:0f:02:fb:64:78:9d:f8:75:c7:bf:1b:21:d1:
13:5d:09:e7:4d:c1:da:17:4f:46:b7:42:74:7b:7f:
0a:c8:05:ee:a6:30:e1:72:54:50:91:0d:81:04:f5:
c0:d3:fd:7f:4f:44:0b:f6:b2:d4:94:72:82:93:c3:
d2:8c:38:5f:e5:2b:c2:7b:dc:c1:05:16:10:20:d2:
10:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3F:62:2C:2F:26:BE:5A:8D:50:B4:30:A2:C5:32:F5:AA:B6:A7:66
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/yj9iLC8mvlqNULQwosUy9aq2p2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.60.0/22
185.120.128.0/22
198.52.44.0/22
IPv6:
2a04:5d00::/29
2a06:9a80::/29
Signature Algorithm: sha256WithRSAEncryption
30:c1:c8:4e:15:17:e1:d7:4e:4b:1c:14:94:ce:bf:8e:a7:ca:
3b:be:f3:a6:9c:4c:3d:b5:97:06:3a:dc:f5:fd:45:08:5b:bd:
34:d8:31:65:ac:f0:66:45:61:4f:16:e7:57:ff:61:08:4a:4f:
50:76:d0:7f:99:79:90:2b:d1:54:e4:16:ca:da:b6:35:1d:d6:
aa:33:77:cc:8f:4f:64:b0:d2:11:90:3f:4e:79:18:45:3d:0d:
84:15:10:82:c6:0c:d9:56:fe:25:41:81:2c:81:7b:5b:20:92:
e2:dc:cd:73:6a:b1:4c:27:79:63:2a:05:71:da:56:be:bc:0f:
d5:29:db:2e:86:ea:b3:bb:10:eb:5f:55:89:84:2e:a2:93:d9:
ba:d7:98:bd:98:33:dd:a7:6c:4b:98:7e:3c:5b:99:90:4d:ff:
d2:c5:76:71:5b:b5:e9:88:c5:05:5e:4c:59:97:cf:d2:b0:b1:
c9:40:3f:5e:43:ec:ee:35:e0:bc:de:d7:f0:56:82:0a:61:ed:
6f:b8:1f:79:bc:42:dc:09:f3:73:ee:77:1b:9a:93:9d:ba:0f:
bf:b6:76:a3:34:f7:41:2d:13:c7:5c:95:c3:29:b0:c0:a9:ab:
90:4f:f2:3b:3f:64:b0:f6:2c:15:89:b4:99:56:9f:c9:c8:9a:
0a:6e:fb:75
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECx6hnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTFmMGI3M2U2N2Q2M2M1YTRjOTA0NjgxNDE2NmE5ZTIxNjI1ZjI4MB4XDTIyMDEw
MTA4MDAzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2EzZjYyMmMyZjI2
YmU1YThkNTBiNDMwYTJjNTMyZjVhYWI2YTc2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOZtthAYMYEJcuoKA9WZu2IC9kNqe7XGt5LQ1UtDpDlITZG
EjnN3DDcL1/LW9TCazHOHVGS6nawHfZkmXm/KhLvMrLniEMca4qaEx8B74ejm/k4
BzQgmzWzjxiW+bv2VEJZYpOImk+PoN5X5E1xvM7JqYhTIc49DOc5A/VwouMRV0zW
XLKlFDdCuNf+FxLsOApt+H8aNSUwLQFu/1A409dQZeGvwzOh84exP8ubs4ZQP2FK
mbMPAvtkeJ34dce/GyHRE10J503B2hdPRrdCdHt/CsgF7qYw4XJUUJENgQT1wNP9
f09EC/ay1JRygpPD0ow4X+UrwnvcwQUWECDSENcCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTKP2IsLya+Wo1QtDCixTL1qranZjAfBgNVHSMEGDAWgBQpHwtz5n1jxaTJ
BGgUFmqeIWJfKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tSOExjLVo5WThXa3lRUm9GQlpxbmlGaVh5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvNDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8x
L3lqOWlMQzhtdmxxTlVMUXdvc1V5OWFxMnAyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
NDhkNjA5LTA4OGQtNDFlNC1iZWM0LTM4ZWU4ZmQ2NGU3ZC8xL0tSOExjLVo5WThX
a3lRUm9GQlpxbmlGaVh5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEArkiPAMEArl4gAMEAsY0LDAUBAIA
AjAOAwUDKgRdAAMFAyoGmoAwDQYJKoZIhvcNAQELBQADggEBADDByE4VF+HXTksc
FJTOv46nyju+86acTD21lwY63PX9RQhbvTTYMWWs8GZFYU8W51f/YQhKT1B20H+Z
eZAr0VTkFsratjUd1qozd8yPT2Sw0hGQP055GEU9DYQVEILGDNlW/iVBgSyBe1sg
kuLczXNqsUwneWMqBXHaVr68D9Up2y6G6rO7EOtfVYmELqKT2brXmL2YM92nbEuY
fjxbmZBN/9LFdnFbtemIxQVeTFmXz9KwsclAP15D7O414Lze1/BWggph7W+4H3m8
QtwJ83Pudxuak526D7+2dqM090EtE8dclcMpsMCpq5BP8js/ZLD2LBWJtJlWn8nI
mgpu+3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:30 2024 by rpki-client on console-fra.rpki-client.org