Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/ynDTjftiwA7kaqeuqbumIbrNnNQ.roa
File: ynDTjftiwA7kaqeuqbumIbrNnNQ.roa (raw, json)
Hash identifier: 7rxYnx4CGI9eAy5lJKKRthSF7BYzgjP9ZYw8WD2/9L0=
Subject key identifier: CA:70:D3:8D:FB:62:C0:0E:E4:6A:A7:AE:A9:BB:A6:21:BA:CD:9C:D4
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0182FD6D2385C02A86575B79C58F8C543236
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/ynDTjftiwA7kaqeuqbumIbrNnNQ.roa
Signing time: Fri 02 Sep 2022 08:59:24 +0000
ROA not before: Fri 02 Sep 2022 08:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 94.228.122.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:6d:23:85:c0:2a:86:57:5b:79:c5:8f:8c:54:32:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Sep 2 08:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca70d38dfb62c00ee46aa7aea9bba621bacd9cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6a:6f:f3:b8:0b:f1:2f:be:2a:3f:72:3b:a1:
46:e9:55:f7:03:19:c0:72:28:92:64:8a:e2:b4:40:
21:5e:52:d6:bb:20:dc:2b:f1:49:a5:e0:3e:05:11:
c0:59:73:29:ec:2c:85:49:0b:f6:3d:a0:5b:c2:25:
93:2b:c5:4e:3e:e5:42:ca:1f:7c:b1:a6:3a:6a:4d:
6c:1a:55:e5:98:46:dc:56:5d:23:12:3a:ff:aa:a3:
8b:76:42:a5:80:13:f4:3a:dd:69:36:7d:92:15:34:
c9:5a:aa:04:4d:1c:7c:5a:a0:7b:26:c7:b0:f7:a4:
b9:0c:86:9d:1a:eb:e4:35:b1:20:8d:16:a6:15:06:
fe:30:27:cd:02:1c:10:de:83:02:7a:dd:70:d7:60:
8d:b1:09:78:80:92:fc:e5:b2:3a:2e:95:69:e7:ed:
8b:e8:5c:27:ca:3b:b4:74:3c:24:93:6b:fd:af:18:
ed:ed:78:39:f2:08:7c:82:51:a9:cd:6d:ae:ed:ad:
1c:8e:2b:64:7f:59:e1:7c:d0:ed:02:b9:8b:27:10:
a5:86:38:28:3b:6a:d2:7d:7b:1b:03:3e:4c:43:30:
75:e0:37:47:b1:11:87:60:56:ae:d1:7b:8e:bb:83:
27:02:95:eb:19:d0:34:0d:45:2e:6e:f1:18:6d:d5:
45:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:70:D3:8D:FB:62:C0:0E:E4:6A:A7:AE:A9:BB:A6:21:BA:CD:9C:D4
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/ynDTjftiwA7kaqeuqbumIbrNnNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
87.249.50.0/24
94.228.122.0/24
185.104.112.0/24
185.104.115.0/24
217.25.95.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
79:10:24:1d:9c:57:f1:e3:87:65:d8:72:21:3d:d6:d7:f0:1d:
12:fa:ba:bb:21:14:1f:56:9d:f2:71:06:09:80:ec:55:3e:d8:
53:32:63:3d:0c:a5:ce:4a:dd:1f:7a:c5:6e:02:f5:39:3b:c0:
ef:c8:8e:03:4f:ee:fa:b6:0b:45:ac:e9:9b:5a:83:e4:54:79:
a9:d2:70:3c:b0:9b:0a:f2:80:7d:18:48:0b:34:d0:fa:44:a9:
04:8f:a7:dc:60:33:fb:b6:6a:55:be:4b:07:58:01:9b:5a:dc:
07:a9:49:c6:d2:4f:31:b9:5b:6c:bd:74:e7:55:1a:a5:81:53:
bf:8d:7f:4e:24:bd:f4:08:cd:c0:b8:79:da:bb:2e:c5:83:5a:
a0:19:34:5f:8c:e5:2f:f0:e0:8a:ed:b8:5e:10:0b:1f:f2:53:
12:7c:0d:10:ea:2f:6b:f3:b6:26:d7:17:de:f4:1a:03:29:5e:
04:08:be:69:b2:e6:4a:08:ab:aa:ee:f5:e0:82:8b:e1:97:61:
63:51:4c:b9:36:87:5c:80:34:07:66:76:90:1c:58:52:34:c2:
2e:ed:5b:72:f5:39:e9:d5:b1:97:b1:8e:30:9e:fd:c4:9b:75:
3e:ca:e7:0e:1c:a0:c2:cd:d3:ed:03:67:01:97:b7:68:bd:db:
6b:17:e7:8c
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYL9bSOFwCqGV1t5xY+MVDI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIwOTAyMDg1OTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTcwZDM4ZGZiNjJjMDBlZTQ2YWE3YWVhOWJiYTYyMWJhY2Q5Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2pv87gL8S++Kj9yO6FG6VX3AxnA
ciiSZIritEAhXlLWuyDcK/FJpeA+BRHAWXMp7CyFSQv2PaBbwiWTK8VOPuVCyh98
saY6ak1sGlXlmEbcVl0jEjr/qqOLdkKlgBP0Ot1pNn2SFTTJWqoETRx8WqB7Jsew
96S5DIadGuvkNbEgjRamFQb+MCfNAhwQ3oMCet1w12CNsQl4gJL85bI6LpVp5+2L
6Fwnyju0dDwkk2v9rxjt7Xg58gh8glGpzW2u7a0cjitkf1nhfNDtArmLJxClhjgo
O2rSfXsbAz5MQzB14DdHsRGHYFau0XuOu4MnApXrGdA0DUUubvEYbdVF3QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMpw0437YsAO5Gqnrqm7piG6zZzUMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEveW5EVGpmdGl3QTdrYXFldXFidW1JYnJObk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQATijYAwQA
V/kyAwQAXuR6AwQAuWhwAwQAuWhzAwQA2RlfMA8EAgACMAkDBwAqA28AAAgwDQYJ
KoZIhvcNAQELBQADggEBAHkQJB2cV/Hjh2XYciE91tfwHRL6urshFB9WnfJxBgmA
7FU+2FMyYz0Mpc5K3R96xW4C9Tk7wO/IjgNP7vq2C0Ws6Ztag+RUeanScDywmwry
gH0YSAs00PpEqQSPp9xgM/u2alW+SwdYAZta3AepScbSTzG5W2y9dOdVGqWBU7+N
f04kvfQIzcC4edq7LsWDWqAZNF+M5S/w4IrtuF4QCx/yUxJ8DRDqL2vztibXF970
GgMpXgQIvmmy5koIq6ru9eCCi+GXYWNRTLk2h1yANAdmdpAcWFI0wi7tW3L1OenV
sZexjjCe/cSbdT7K5w4coMLN0+0DZwGXt2i922sX54w=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:50 2023 by rpki-client on console-fra.rpki-client.org