Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/vTYssHnMClrfx3AGPetxr_jhynw.roa
File: vTYssHnMClrfx3AGPetxr_jhynw.roa (raw, json)
Hash identifier: fi/KTep+jPEBlu9zgA3maoBPeB4QoVStEe6edcrY8+Y=
Subject key identifier: BD:36:2C:B0:79:CC:0A:5A:DF:C7:70:06:3D:EB:71:AF:F8:E1:CA:7C
Certificate issuer: /CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
Certificate serial: 0184600D57CB20F1615B8BDB089F6E696921
Authority key identifier: 9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/vTYssHnMClrfx3AGPetxr_jhynw.roa
Signing time: Thu 10 Nov 2022 05:39:57 +0000
ROA not before: Thu 10 Nov 2022 05:39:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60533
IP address blocks: 185.29.156.0/23 maxlen: 23
185.29.156.0/22 maxlen: 24
185.29.158.0/23 maxlen: 23
2a00:a8a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:60:0d:57:cb:20:f1:61:5b:8b:db:08:9f:6e:69:69:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
Validity
Not Before: Nov 10 05:39:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd362cb079cc0a5adfc770063deb71aff8e1ca7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:96:df:a4:89:5c:f8:28:40:cf:b3:ec:fc:37:
01:10:56:48:e6:d8:a7:d2:c4:1c:c4:34:57:52:6c:
11:46:10:e0:7e:b4:80:e0:63:99:9b:c5:9d:f6:05:
dd:e3:d1:39:cd:c0:91:08:e1:00:b6:18:80:05:7b:
e7:94:77:66:04:ee:03:38:85:61:bb:99:e9:43:32:
f3:fb:1c:9f:4e:fd:54:5b:46:a2:da:9e:cc:1c:1a:
2c:31:50:8d:6f:2c:cb:40:5e:cd:e4:33:61:a3:5b:
c6:2a:f0:c0:5c:ab:29:da:1d:93:72:64:e3:ed:bf:
23:4e:b3:81:5a:24:5f:29:c1:fc:9c:ef:89:cb:29:
78:f3:04:c7:fd:21:a9:df:cf:c1:12:8e:c2:b7:ca:
b1:80:dc:6b:a2:54:21:82:c6:65:eb:d4:5e:95:f3:
03:fb:7d:f9:c9:93:a9:7d:c8:ba:6b:90:ef:d2:a0:
20:8e:c3:b2:94:c9:4d:c0:25:e9:1f:cd:06:22:d2:
2a:81:f7:60:33:d9:da:f8:6b:5f:d0:77:93:80:0d:
d2:e4:43:6c:00:88:cc:3c:8b:92:d7:fe:b8:8c:5f:
33:4a:bc:dd:e4:98:53:f5:d8:fe:43:40:c2:37:1e:
ed:4d:89:6d:f0:14:14:a6:19:a0:ed:1b:b5:a9:00:
7b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:36:2C:B0:79:CC:0A:5A:DF:C7:70:06:3D:EB:71:AF:F8:E1:CA:7C
X509v3 Authority Key Identifier:
keyid:9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/vTYssHnMClrfx3AGPetxr_jhynw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.156.0/22
IPv6:
2a00:a8a0::/32
Signature Algorithm: sha256WithRSAEncryption
74:c6:7a:f0:37:24:95:2a:a7:85:23:93:d0:31:c4:0a:87:44:
1c:6f:30:ca:87:c8:b8:db:3e:eb:f2:54:eb:26:f9:a3:97:97:
ce:5a:f1:eb:9f:00:11:7d:44:ed:63:8f:83:7b:c0:ba:8f:59:
0b:c8:a3:e3:f9:86:2c:ca:72:e3:71:6a:bb:c6:88:08:ee:6a:
54:cc:61:ee:40:b0:38:c1:1d:43:d3:4f:82:e9:30:54:b4:9b:
b8:0f:42:d1:ee:7c:e9:d5:0d:2c:c6:73:3d:29:82:68:02:de:
b2:54:99:41:dc:10:31:2b:39:5f:90:1e:ee:f1:79:8b:83:50:
44:5b:21:c4:b3:99:d7:45:f8:aa:c1:cb:91:de:da:5d:2e:2c:
76:09:f2:a9:44:b1:53:06:9c:92:be:bc:12:d7:d7:d3:35:52:
c5:05:90:70:e7:a0:6e:d2:12:1c:36:a1:88:99:31:52:f9:04:
f9:65:d3:5b:48:f1:04:e7:7c:f3:ac:ec:38:7a:37:cf:5c:a2:
dd:0f:2e:d7:10:bc:b0:a7:f3:b1:54:c7:0c:e9:89:60:33:c4:
6a:4f:f0:51:19:93:e4:b9:30:49:24:b9:c3:9f:6a:a3:f2:40:
a4:a1:a9:b7:5f:46:87:9b:ea:ac:7b:b2:b8:0e:4f:fc:57:19:
d1:e6:8b:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRgDVfLIPFhW4vbCJ9uaWkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDZiZjEyYWQ1YTI5MzI3YmM2ZjdiNjYwMjZmMDU0Njg2
Y2Q5NTkwHhcNMjIxMTEwMDUzOTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM2MmNiMDc5Y2MwYTVhZGZjNzcwMDYzZGViNzFhZmY4ZTFjYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZbfpIlc+ChAz7Ps/DcBEFZI5tin
0sQcxDRXUmwRRhDgfrSA4GOZm8Wd9gXd49E5zcCRCOEAthiABXvnlHdmBO4DOIVh
u5npQzLz+xyfTv1UW0ai2p7MHBosMVCNbyzLQF7N5DNho1vGKvDAXKsp2h2TcmTj
7b8jTrOBWiRfKcH8nO+Jyyl48wTH/SGp38/BEo7Ct8qxgNxrolQhgsZl69RelfMD
+335yZOpfci6a5Dv0qAgjsOylMlNwCXpH80GItIqgfdgM9na+Gtf0HeTgA3S5ENs
AIjMPIuS1/64jF8zSrzd5JhT9dj+Q0DCNx7tTYlt8BQUphmg7Ru1qQB7SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL02LLB5zApa38dwBj3rca/44cp8MB8GA1UdIwQY
MBaAFJrWvxKtWikye8b3tmAm8FRobNlZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEt
NDMzNTY3MGY2YjdlLzEvdlRZc3NIbk1DbHJmeDNBR1BldHhyX2poeW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEtNDMzNTY3MGY2Yjdl
LzEvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR2cMA0E
AgACMAcDBQAqAKigMA0GCSqGSIb3DQEBCwUAA4IBAQB0xnrwNySVKqeFI5PQMcQK
h0QcbzDKh8i42z7r8lTrJvmjl5fOWvHrnwARfUTtY4+De8C6j1kLyKPj+YYsynLj
cWq7xogI7mpUzGHuQLA4wR1D00+C6TBUtJu4D0LR7nzp1Q0sxnM9KYJoAt6yVJlB
3BAxKzlfkB7u8XmLg1BEWyHEs5nXRfiqwcuR3tpdLix2CfKpRLFTBpySvrwS19fT
NVLFBZBw56Bu0hIcNqGImTFS+QT5ZdNbSPEE53zzrOw4ejfPXKLdDy7XELywp/Ox
VMcM6YlgM8RqT/BRGZPkuTBJJLnDn2qj8kCkoam3X0aHm+qse7K4Dk/8VxnR5oub
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org