Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/YRQ1xRvk-u2lPu_FolEzuDanMMI.roa
File: YRQ1xRvk-u2lPu_FolEzuDanMMI.roa (raw, json)
Hash identifier: 32YeC8v62ZqxBqZUtHKiKg1QjZ5tRoE3dXct4VSrScw=
Subject key identifier: 61:14:35:C5:1B:E4:FA:ED:A5:3E:EF:C5:A2:51:33:B8:36:A7:30:C2
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0184D208C520A4FA1B52F24D8ABF0D4E49D5
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/YRQ1xRvk-u2lPu_FolEzuDanMMI.roa
Signing time: Fri 02 Dec 2022 08:51:40 +0000
ROA not before: Fri 02 Dec 2022 08:51:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3223
IP address blocks: 89.40.104.0/23 maxlen: 23
188.213.22.0/24 maxlen: 24
188.213.19.0/24 maxlen: 24
89.40.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:08:c5:20:a4:fa:1b:52:f2:4d:8a:bf:0d:4e:49:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Dec 2 08:51:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=611435c51be4faeda53eefc5a25133b836a730c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cc:de:44:4f:09:50:56:14:9d:a1:56:11:68:
ac:b7:2d:cf:55:cd:24:30:1d:b2:a9:13:2e:14:9f:
1d:6b:69:bc:34:59:56:61:b3:8b:69:4d:73:f2:6b:
43:59:c2:48:62:6c:d6:11:6c:26:6b:12:5e:7b:bd:
0e:ef:de:8e:35:0e:37:9d:f0:07:6b:50:81:a1:87:
f7:8c:c6:23:73:25:03:7e:33:a0:c7:fd:ef:14:03:
5c:43:ec:9c:60:90:8e:a5:80:97:ae:98:14:d1:f2:
79:0e:e6:ef:63:24:f0:88:7a:b7:1a:9f:10:05:b5:
58:2d:f2:e4:6b:00:48:41:73:af:4e:4a:8e:f8:c6:
8e:ec:1e:46:c2:02:ef:1a:1d:83:5c:6c:6c:8c:a8:
65:46:da:09:af:42:9b:76:0c:ff:b0:18:a3:63:a5:
27:aa:71:f8:83:c5:8f:f1:db:cd:22:09:57:2e:73:
f9:c0:02:9f:c5:4e:e2:ec:93:d9:59:74:f1:ef:fe:
c7:c7:2b:d2:4c:3d:d8:25:51:03:bb:b6:b5:00:9e:
03:b9:55:ce:e1:f3:6a:a4:ac:9f:a5:6b:82:a0:34:
17:01:30:07:82:ca:9d:9f:2a:15:39:f9:ea:ca:e6:
6f:0b:f9:fb:e5:c0:51:7f:74:47:11:0e:bb:73:03:
2c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:14:35:C5:1B:E4:FA:ED:A5:3E:EF:C5:A2:51:33:B8:36:A7:30:C2
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/YRQ1xRvk-u2lPu_FolEzuDanMMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.104.0/23
89.40.233.0/24
188.213.19.0/24
188.213.22.0/24
Signature Algorithm: sha256WithRSAEncryption
f4:d1:2d:b6:a0:3d:6d:cd:06:f6:48:eb:dd:9d:08:a6:a8:60:
8f:6d:46:4a:0f:83:8d:10:27:9a:94:db:36:7a:5a:dd:37:85:
6e:f2:e6:0e:66:1d:ec:53:e5:35:db:f4:9f:fd:c3:98:60:cd:
9a:3a:a6:ec:3b:64:e3:c7:4b:d3:da:41:9f:db:cb:a4:0f:60:
82:0f:13:d7:cb:d7:5a:16:d1:65:57:fc:92:79:37:b6:51:90:
3a:06:63:40:6b:59:db:66:b9:41:68:48:ab:78:58:fe:6f:29:
e4:14:77:24:5a:98:c9:08:82:6e:7d:8f:6c:b5:0a:bd:68:95:
86:f3:d1:54:95:cd:d6:b6:d3:0a:ad:9c:7c:6b:95:3c:c6:be:
40:19:18:84:01:7c:89:c1:e2:1a:67:b9:e6:9b:71:2f:26:a5:
76:cb:24:23:54:3d:c6:0f:ab:05:74:ce:bf:42:32:29:7f:86:
75:98:00:78:5d:74:63:0b:c3:d4:21:2c:b0:66:29:12:ec:f3:
7c:87:04:73:89:60:d6:1c:5a:71:0b:a7:37:ec:fe:27:da:a5:
e1:b6:46:a1:9d:17:6c:08:29:cf:ed:a7:24:ba:00:96:fb:89:
83:e2:43:c9:1f:a5:ad:12:4c:20:cc:8c:5a:c7:c3:3a:8a:ec:
cb:44:da:23
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYTSCMUgpPobUvJNir8NTknVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIxMjAyMDg1MTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTE0MzVjNTFiZTRmYWVkYTUzZWVmYzVhMjUxMzNiODM2YTczMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnczeRE8JUFYUnaFWEWisty3PVc0k
MB2yqRMuFJ8da2m8NFlWYbOLaU1z8mtDWcJIYmzWEWwmaxJee70O796ONQ43nfAH
a1CBoYf3jMYjcyUDfjOgx/3vFANcQ+ycYJCOpYCXrpgU0fJ5DubvYyTwiHq3Gp8Q
BbVYLfLkawBIQXOvTkqO+MaO7B5GwgLvGh2DXGxsjKhlRtoJr0Kbdgz/sBijY6Un
qnH4g8WP8dvNIglXLnP5wAKfxU7i7JPZWXTx7/7HxyvSTD3YJVEDu7a1AJ4DuVXO
4fNqpKyfpWuCoDQXATAHgsqdnyoVOfnqyuZvC/n75cBRf3RHEQ67cwMsdwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGEUNcUb5PrtpT7vxaJRM7g2pzDCMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1lSUTF4UnZrLXUybFB1X0ZvbEV6dURhbk1NSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAFZKGgD
BABZKOkDBAC81RMDBAC81RYwDQYJKoZIhvcNAQELBQADggEBAPTRLbagPW3NBvZI
692dCKaoYI9tRkoPg40QJ5qU2zZ6Wt03hW7y5g5mHexT5TXb9J/9w5hgzZo6puw7
ZOPHS9PaQZ/by6QPYIIPE9fL11oW0WVX/JJ5N7ZRkDoGY0BrWdtmuUFoSKt4WP5v
KeQUdyRamMkIgm59j2y1Cr1olYbz0VSVzda20wqtnHxrlTzGvkAZGIQBfInB4hpn
ueabcS8mpXbLJCNUPcYPqwV0zr9CMil/hnWYAHhddGMLw9QhLLBmKRLs83yHBHOJ
YNYcWnELpzfs/ifapeG2RqGdF2wIKc/tpyS6AJb7iYPiQ8kfpa0STCDMjFrHwzqK
7MtE2iM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org