Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/YGAEcGvtaU0Kf9BMRKkNm4bMrxI.roa
File: YGAEcGvtaU0Kf9BMRKkNm4bMrxI.roa (raw, json)
Hash identifier: GVI/PlvH7qobeztgDyrNL/U148LBxvmfy+YLEJ6G78Y=
Subject key identifier: 60:60:04:70:6B:ED:69:4D:0A:7F:D0:4C:44:A9:0D:9B:86:CC:AF:12
Certificate issuer: /CN=dc899c28664ee8194a64048e46c60c6e5f190c53
Certificate serial: 09EF7626
Authority key identifier: DC:89:9C:28:66:4E:E8:19:4A:64:04:8E:46:C6:0C:6E:5F:19:0C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ImcKGZO6BlKZASORsYMbl8ZDFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/YGAEcGvtaU0Kf9BMRKkNm4bMrxI.roa
Signing time: Sat 01 Jan 2022 08:56:26 +0000
ROA not before: Sat 01 Jan 2022 08:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13173
IP address blocks: 213.167.93.0/24 maxlen: 24
213.167.94.0/23 maxlen: 23
185.70.156.0/22 maxlen: 24
213.167.64.0/19 maxlen: 24
213.167.64.0/24 maxlen: 24
213.167.69.0/24 maxlen: 24
213.167.67.0/24 maxlen: 24
213.167.77.0/24 maxlen: 24
213.167.72.0/24 maxlen: 24
213.167.78.0/24 maxlen: 24
213.167.74.0/23 maxlen: 23
213.167.80.0/23 maxlen: 23
213.167.82.0/24 maxlen: 24
213.167.82.0/23 maxlen: 23
213.167.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166688294 (0x9ef7626)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc899c28664ee8194a64048e46c60c6e5f190c53
Validity
Not Before: Jan 1 08:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=606004706bed694d0a7fd04c44a90d9b86ccaf12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d5:49:6d:29:b8:14:8b:b4:66:47:cb:3e:ee:
b0:84:af:57:c5:0a:80:73:23:16:e6:4a:81:46:3e:
45:af:5c:84:06:bc:5f:37:2d:65:32:b9:41:60:2a:
16:10:26:8d:1a:a8:01:0a:6d:a9:4f:f0:61:e7:46:
87:50:69:c8:c4:f8:94:bd:33:c9:08:e6:7c:78:40:
d2:10:30:d3:67:8b:76:be:ab:03:45:3f:25:e7:3d:
40:2c:7e:1b:17:3c:ba:05:fb:f8:4d:14:dd:c8:16:
ec:c6:37:cc:65:4e:92:eb:07:fe:3c:23:61:d2:3b:
3d:cf:0e:f5:83:40:8b:e9:fd:c5:18:28:1e:4f:43:
19:b9:6d:7c:02:bd:33:7a:cd:83:7e:35:2c:d3:7d:
00:29:63:11:6c:6e:df:78:d9:49:8a:96:16:84:f6:
11:1e:23:a0:8a:78:57:b1:a5:76:b1:65:ea:68:81:
bb:e4:07:b3:66:44:3c:42:06:f2:32:65:9d:76:a8:
42:c9:64:f8:bc:e5:a2:37:08:de:02:08:d5:f2:49:
e4:ab:bf:f0:4b:00:ba:1a:33:bb:09:0d:91:ff:38:
bd:2d:75:47:a4:f0:6d:42:a5:f6:84:35:bc:f7:53:
9b:26:fc:ba:84:0b:7e:14:e0:f3:ff:4f:18:00:7d:
14:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:60:04:70:6B:ED:69:4D:0A:7F:D0:4C:44:A9:0D:9B:86:CC:AF:12
X509v3 Authority Key Identifier:
keyid:DC:89:9C:28:66:4E:E8:19:4A:64:04:8E:46:C6:0C:6E:5F:19:0C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ImcKGZO6BlKZASORsYMbl8ZDFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/YGAEcGvtaU0Kf9BMRKkNm4bMrxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/3ImcKGZO6BlKZASORsYMbl8ZDFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.156.0/22
213.167.64.0/19
Signature Algorithm: sha256WithRSAEncryption
99:c4:86:0d:25:76:54:06:2e:1f:cf:09:9f:35:aa:f3:23:26:
f0:90:e4:7d:9f:51:5a:72:9d:2b:9a:3c:39:79:38:57:35:96:
ce:18:93:25:7d:cf:ed:fd:ce:98:9e:83:0a:7a:92:e2:8f:db:
05:6c:0c:69:a6:67:c8:e3:89:3e:95:1e:59:90:b7:be:99:c4:
8b:c9:cc:6e:8c:8d:c9:f7:88:9c:5c:d3:1e:19:c5:ad:e1:b3:
92:e9:83:05:ee:00:80:bb:09:ff:e1:15:84:8b:9f:b7:86:34:
6f:a1:fb:13:4f:5c:7b:2a:c9:f4:32:1f:a0:59:60:5a:b2:7c:
75:ac:5f:f3:33:68:76:b9:d7:16:4f:e2:16:4a:fd:0c:6b:17:
58:b7:e0:98:ef:6e:40:4c:a8:d8:4e:02:11:34:27:50:8d:5f:
fa:b5:68:b0:5a:17:e4:92:b1:d2:ed:dd:f5:a0:1b:80:60:32:
7c:2c:24:9c:fb:56:b0:2b:64:7d:54:cb:d5:1f:85:eb:5d:36:
55:9e:e5:ea:6d:22:20:e5:51:89:02:73:85:54:5a:d0:8e:89:
18:bb:bc:f9:bb:3a:f8:07:12:b4:51:57:fb:99:f4:17:8a:ff:
2f:9b:69:59:c3:17:6a:1a:7c:49:1e:2c:70:e8:22:58:f8:03:
7f:0c:f3:5c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECe92JjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Yzg5OWMyODY2NGVlODE5NGE2NDA0OGU0NmM2MGM2ZTVmMTkwYzUzMB4XDTIyMDEw
MTA4NTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA2MDA0NzA2YmVk
Njk0ZDBhN2ZkMDRjNDRhOTBkOWI4NmNjYWYxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3VSW0puBSLtGZHyz7usISvV8UKgHMjFuZKgUY+Ra9chAa8
XzctZTK5QWAqFhAmjRqoAQptqU/wYedGh1BpyMT4lL0zyQjmfHhA0hAw02eLdr6r
A0U/Jec9QCx+Gxc8ugX7+E0U3cgW7MY3zGVOkusH/jwjYdI7Pc8O9YNAi+n9xRgo
Hk9DGbltfAK9M3rNg341LNN9ACljEWxu33jZSYqWFoT2ER4joIp4V7GldrFl6miB
u+QHs2ZEPEIG8jJlnXaoQslk+LzlojcI3gII1fJJ5Ku/8EsAuhozuwkNkf84vS11
R6TwbUKl9oQ1vPdTmyb8uoQLfhTg8/9PGAB9FIcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRgYARwa+1pTQp/0ExEqQ2bhsyvEjAfBgNVHSMEGDAWgBTciZwoZk7oGUpk
BI5GxgxuXxkMUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNJbWNLR1pPNkJsS1pBU09Sc1lNYmw4WkRGTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvNTZkNmE4LTA3NTItNGNiZC04ODQ1LTUyZmUxMDUxMzEyOS8x
L1lHQUVjR3Z0YVUwS2Y5Qk1SS2tObTRiTXJ4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
NTZkNmE4LTA3NTItNGNiZC04ODQ1LTUyZmUxMDUxMzEyOS8xLzNJbWNLR1pPNkJs
S1pBU09Sc1lNYmw4WkRGTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlGnAMEBdWnQDANBgkqhkiG9w0B
AQsFAAOCAQEAmcSGDSV2VAYuH88JnzWq8yMm8JDkfZ9RWnKdK5o8OXk4VzWWzhiT
JX3P7f3OmJ6DCnqS4o/bBWwMaaZnyOOJPpUeWZC3vpnEi8nMboyNyfeInFzTHhnF
reGzkumDBe4AgLsJ/+EVhIuft4Y0b6H7E09ceyrJ9DIfoFlgWrJ8daxf8zNodrnX
Fk/iFkr9DGsXWLfgmO9uQEyo2E4CETQnUI1f+rVosFoX5JKx0u3d9aAbgGAyfCwk
nPtWsCtkfVTL1R+F6102VZ7l6m0iIOVRiQJzhVRa0I6JGLu8+bs6+AcStFFX+5n0
F4r/L5tpWcMXahp8SR4scOgiWPgDfwzzXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:30 2024 by rpki-client on console-fra.rpki-client.org