Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/YKFu3J7WEpoCQcyD6yEqMTc0flI.roa
File: YKFu3J7WEpoCQcyD6yEqMTc0flI.roa (raw, json)
Hash identifier: RUHakl01rIdXXbAMOpCv3iocyORZWTF6fG4jPT3EYTU=
Subject key identifier: 60:A1:6E:DC:9E:D6:12:9A:02:41:CC:83:EB:21:2A:31:37:34:7E:52
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 01828C95C4DF2DABDD6D1B048B1B6F9F7063
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/YKFu3J7WEpoCQcyD6yEqMTc0flI.roa
Signing time: Thu 11 Aug 2022 11:06:41 +0000
ROA not before: Thu 11 Aug 2022 11:06:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213371
IP address blocks: 37.49.229.0/24 maxlen: 24
185.209.15.0/24 maxlen: 24
37.49.230.0/24 maxlen: 24
37.49.228.0/24 maxlen: 24
77.247.109.0/24 maxlen: 24
185.53.88.0/24 maxlen: 24
185.53.89.0/24 maxlen: 24
45.143.222.0/24 maxlen: 24
37.49.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:95:c4:df:2d:ab:dd:6d:1b:04:8b:1b:6f:9f:70:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Aug 11 11:06:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60a16edc9ed6129a0241cc83eb212a3137347e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cd:61:45:2d:db:0b:ca:f9:96:96:f1:9f:eb:
64:c3:99:be:98:7d:cc:90:2a:6f:7c:d1:f4:b0:d0:
49:cc:fe:fb:6a:27:cf:20:60:11:d1:c9:03:cd:1a:
12:04:52:d1:33:f0:95:87:cb:43:0d:90:6a:93:41:
31:83:37:20:b8:6d:a6:49:49:75:6e:89:2c:d5:d4:
4c:cf:51:19:a3:35:43:5e:26:91:5f:78:1f:2a:38:
6a:ea:7c:a7:b1:8a:44:07:25:40:5a:76:c0:3a:d9:
22:19:d7:27:3e:11:39:3b:45:6c:e1:66:5c:7d:b9:
df:da:a9:9f:d4:0b:19:62:37:66:df:60:2b:14:63:
01:23:07:f9:3e:c7:92:8b:ab:3f:c5:81:c2:14:70:
27:7a:87:f3:4f:46:46:de:0a:ff:25:31:0f:60:ac:
1a:97:5c:d9:40:05:98:a3:8d:64:81:3f:ae:d7:94:
1e:41:a6:7a:26:13:e7:0a:f6:d3:fa:15:21:43:79:
72:c7:4a:27:27:7c:dc:6b:bc:a2:f0:c1:30:36:bd:
c4:fc:fe:aa:46:b0:0c:8b:ac:7e:e1:5a:83:c6:e3:
24:c9:cc:90:53:b0:80:5e:b1:be:7a:e9:c8:5c:7d:
5c:57:15:0d:94:d0:2d:63:29:ba:a1:99:ad:72:52:
a6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A1:6E:DC:9E:D6:12:9A:02:41:CC:83:EB:21:2A:31:37:34:7E:52
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/YKFu3J7WEpoCQcyD6yEqMTc0flI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.224.0/24
37.49.228.0-37.49.230.255
45.143.222.0/24
77.247.109.0/24
185.53.88.0/23
185.209.15.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:d3:2b:7a:12:22:b9:1d:30:81:b5:4c:e0:a7:f6:67:86:c0:
fe:d8:e0:0d:cd:fa:7d:f2:a9:bc:e8:23:b9:b0:83:ef:87:8d:
e4:7b:03:88:a4:63:69:08:1d:9d:e7:f8:ee:41:7c:3c:c0:7f:
81:60:95:7f:f2:6d:6b:f4:f6:ba:75:d2:0c:b4:cd:32:51:08:
cb:ee:b9:cd:fd:ad:e1:b1:66:b2:00:e9:5c:65:a0:fc:20:3a:
46:85:c2:ed:cb:cc:bc:37:91:1a:f0:d3:30:4d:02:43:13:5d:
7b:09:d7:c1:3b:61:3b:4a:89:41:62:23:bc:29:b2:3d:db:80:
07:ab:33:e2:0b:7a:e8:d1:80:c8:49:c1:8d:63:5b:f2:ab:4a:
66:0e:71:9d:98:72:e9:94:c0:d2:c5:fa:8c:15:e8:a3:50:aa:
d8:7e:9e:ff:16:12:23:59:e9:1b:e2:c0:9c:e4:35:13:9a:41:
7f:9d:e3:10:b4:b3:16:18:2e:d1:e0:12:44:97:b7:f4:4c:7b:
ec:0c:f6:46:bf:18:a5:d1:f7:3f:97:fa:87:78:e6:ed:9a:c8:
df:7d:df:e6:c9:0d:67:a0:a4:25:87:db:d7:e0:98:ba:f5:40:
02:c3:0a:d5:67:2c:1b:9a:32:72:66:f7:80:26:09:a1:59:dc:
48:d3:06:7e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYKMlcTfLavdbRsEixtvn3BjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjIwODExMTEwNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGExNmVkYzllZDYxMjlhMDI0MWNjODNlYjIxMmEzMTM3MzQ3ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM1hRS3bC8r5lpbxn+tkw5m+mH3M
kCpvfNH0sNBJzP77aifPIGAR0ckDzRoSBFLRM/CVh8tDDZBqk0ExgzcguG2mSUl1
boks1dRMz1EZozVDXiaRX3gfKjhq6nynsYpEByVAWnbAOtkiGdcnPhE5O0Vs4WZc
fbnf2qmf1AsZYjdm32ArFGMBIwf5PseSi6s/xYHCFHAneofzT0ZG3gr/JTEPYKwa
l1zZQAWYo41kgT+u15QeQaZ6JhPnCvbT+hUhQ3lyx0onJ3zca7yi8MEwNr3E/P6q
RrAMi6x+4VqDxuMkycyQU7CAXrG+eunIXH1cVxUNlNAtYym6oZmtclKmfQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGChbtye1hKaAkHMg+shKjE3NH5SMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvWUtGdTNKN1dFcG9DUWN5RDZ5RXFNVGMwZmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAJTHgMAwD
BAIlMeQDBAAlMeYDBAAtj94DBABN920DBAG5NVgDBAC50Q8wDQYJKoZIhvcNAQEL
BQADggEBAMPTK3oSIrkdMIG1TOCn9meGwP7Y4A3N+n3yqbzoI7mwg++HjeR7A4ik
Y2kIHZ3n+O5BfDzAf4FglX/ybWv09rp10gy0zTJRCMvuuc39reGxZrIA6VxloPwg
OkaFwu3LzLw3kRrw0zBNAkMTXXsJ18E7YTtKiUFiI7wpsj3bgAerM+ILeujRgMhJ
wY1jW/KrSmYOcZ2YcumUwNLF+owV6KNQqth+nv8WEiNZ6RviwJzkNROaQX+d4xC0
sxYYLtHgEkSXt/RMe+wM9ka/GKXR9z+X+od45u2ayN993+bJDWegpCWH29fgmLr1
QALDCtVnLBuaMnJm94AmCaFZ3EjTBn4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:50 2024 by rpki-client on console-ams.rpki-client.org