Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/yh-HpFaR5x7IvZnWWG9RAwxyQ9s.roa
File: yh-HpFaR5x7IvZnWWG9RAwxyQ9s.roa (raw, json)
Hash identifier: vazsTG7bc3jJJ4LESF343t72wDMhepAsl+C3yTpGWCY=
Subject key identifier: CA:1F:87:A4:56:91:E7:1E:C8:BD:99:D6:58:6F:51:03:0C:72:43:DB
Certificate issuer: /CN=845c58752f3336422ff0ee1726474591e7a41e5f
Certificate serial: 1938D8E8
Authority key identifier: 84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/yh-HpFaR5x7IvZnWWG9RAwxyQ9s.roa
Signing time: Sat 01 Jan 2022 08:55:18 +0000
ROA not before: Sat 01 Jan 2022 08:55:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34624
IP address blocks: 89.33.16.0/24 maxlen: 24
89.35.174.0/23 maxlen: 24
89.191.64.0/19 maxlen: 24
89.40.134.0/23 maxlen: 24
185.91.24.0/22 maxlen: 24
31.170.192.0/19 maxlen: 24
86.105.240.0/24 maxlen: 24
193.238.60.0/22 maxlen: 24
86.107.191.0/24 maxlen: 24
46.253.16.0/20 maxlen: 24
89.35.2.0/24 maxlen: 24
89.35.2.0/23 maxlen: 24
93.115.33.0/24 maxlen: 24
2a00:1930::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 423155944 (0x1938d8e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845c58752f3336422ff0ee1726474591e7a41e5f
Validity
Not Before: Jan 1 08:55:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca1f87a45691e71ec8bd99d6586f51030c7243db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:18:bd:eb:2e:4d:2c:6c:50:5c:ef:72:36:33:
15:fb:9f:96:55:f8:47:18:5f:ac:48:2d:94:32:2e:
a7:d1:04:c2:b3:7b:9c:eb:ce:55:ae:6b:dc:7c:11:
98:a8:26:e8:59:d3:60:2b:b3:8d:dc:41:d1:ae:15:
b7:3b:04:85:e8:78:e6:2b:82:0c:a8:ae:6f:6c:c4:
92:ad:e7:3a:48:c2:c8:b2:c0:49:d3:4b:1e:98:a8:
91:bb:ba:1f:6f:43:6b:a6:34:fe:34:84:d9:9b:1b:
36:d9:e9:39:10:24:6c:bd:6c:bd:9c:40:68:23:d4:
c3:7d:b7:b1:76:99:7d:13:8a:58:e1:64:b8:f3:77:
4a:4f:10:17:04:3a:a8:05:17:22:42:a2:6e:4b:f9:
12:cc:9f:71:5d:bc:75:51:7f:ee:d1:e0:29:c2:c8:
fc:8a:ff:b1:b5:8b:4e:af:b7:2f:b7:14:97:f0:4a:
63:c6:f7:48:17:0a:86:56:ff:26:fe:3c:47:8a:b3:
15:17:8d:c0:08:50:a7:79:44:84:22:49:ae:41:c2:
bc:d1:d5:67:e5:df:b2:83:2d:45:1c:54:8d:26:15:
ab:41:c9:31:2f:52:b2:a1:02:9b:3a:e6:d3:ed:c4:
c7:76:1c:0f:b4:6c:20:1d:6e:75:04:fa:34:a1:45:
a4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1F:87:A4:56:91:E7:1E:C8:BD:99:D6:58:6F:51:03:0C:72:43:DB
X509v3 Authority Key Identifier:
keyid:84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/yh-HpFaR5x7IvZnWWG9RAwxyQ9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.192.0/19
46.253.16.0/20
86.105.240.0/24
86.107.191.0/24
89.33.16.0/24
89.35.2.0/23
89.35.174.0/23
89.40.134.0/23
89.191.64.0/19
93.115.33.0/24
185.91.24.0/22
193.238.60.0/22
IPv6:
2a00:1930::/32
Signature Algorithm: sha256WithRSAEncryption
99:f7:c9:96:c4:b4:13:e4:e7:e7:bb:27:ae:61:46:69:e6:c1:
f6:09:c3:32:73:22:be:5b:0c:11:59:44:05:90:67:d0:7a:40:
2c:ba:64:a4:ea:1f:76:06:3f:f4:ce:c4:13:e2:cd:9c:91:ff:
a7:f1:b3:f2:8c:ef:7a:82:f7:0f:73:52:11:a5:02:54:5f:49:
63:6e:a6:5e:f1:7c:f4:58:c0:60:7a:d3:fa:68:84:2c:56:35:
06:55:16:93:de:07:0a:77:64:2e:94:23:39:fa:8a:a5:13:0c:
a4:50:dc:54:a0:81:81:c5:94:0f:05:8f:1b:63:6d:7f:28:c2:
56:7c:97:e8:e2:8e:20:ce:4d:d1:9f:dc:80:e1:59:b2:37:8b:
c7:c6:5f:67:b0:e4:a3:b8:b0:fc:5f:0a:e7:c7:6d:ee:39:8e:
6c:a3:d4:74:da:54:3b:56:00:38:fd:02:50:fd:c1:b0:9b:64:
6c:ea:39:3b:47:7f:64:fd:e9:14:fe:36:91:93:91:00:a6:5f:
2e:7d:a6:96:8b:e8:7e:90:a5:e6:eb:75:18:3e:56:48:7e:06:
d6:fc:46:ea:43:2a:29:8b:88:bd:0f:f5:c9:2f:3d:a3:c7:e1:
d8:c0:1d:cb:11:4f:1b:a3:84:76:2d:8e:a3:f7:fe:bb:0e:d4:
2d:d4:21:01
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEGTjY6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDVjNTg3NTJmMzMzNjQyMmZmMGVlMTcyNjQ3NDU5MWU3YTQxZTVmMB4XDTIyMDEw
MTA4NTUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ExZjg3YTQ1Njkx
ZTcxZWM4YmQ5OWQ2NTg2ZjUxMDMwYzcyNDNkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUYvesuTSxsUFzvcjYzFfufllX4RxhfrEgtlDIup9EEwrN7
nOvOVa5r3HwRmKgm6FnTYCuzjdxB0a4VtzsEheh45iuCDKiub2zEkq3nOkjCyLLA
SdNLHpiokbu6H29Da6Y0/jSE2ZsbNtnpORAkbL1svZxAaCPUw323sXaZfROKWOFk
uPN3Sk8QFwQ6qAUXIkKibkv5EsyfcV28dVF/7tHgKcLI/Ir/sbWLTq+3L7cUl/BK
Y8b3SBcKhlb/Jv48R4qzFReNwAhQp3lEhCJJrkHCvNHVZ+XfsoMtRRxUjSYVq0HJ
MS9SsqECmzrm0+3Ex3YcD7RsIB1udQT6NKFFpJ8CAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBTKH4ekVpHnHsi9mdZYb1EDDHJD2zAfBgNVHSMEGDAWgBSEXFh1LzM2Qi/w
7hcmR0WR56QeXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hGeFlkUzh6TmtJdjhPNFhKa2RGa2Vla0hsOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvNjRlM2FiLTIyOGMtNGEyMy05MjE2LWYxMzRlNTFjYzA1Yi8x
L3loLUhwRmFSNXg3SXZabldXRzlSQXd4eVE5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
NjRlM2FiLTIyOGMtNGEyMy05MjE2LWYxMzRlNTFjYzA1Yi8xL2hGeFlkUzh6TmtJ
djhPNFhKa2RGa2Vla0hsOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEBR+qwAMEBC79EAMEAFZp8AMEAFZr
vwMEAFkhEAMEAVkjAgMEAVkjrgMEAVkohgMEBVm/QAMEAF1zIQMEArlbGAMEAsHu
PDANBAIAAjAHAwUAKgAZMDANBgkqhkiG9w0BAQsFAAOCAQEAmffJlsS0E+Tn57sn
rmFGaebB9gnDMnMivlsMEVlEBZBn0HpALLpkpOofdgY/9M7EE+LNnJH/p/Gz8ozv
eoL3D3NSEaUCVF9JY26mXvF89FjAYHrT+miELFY1BlUWk94HCndkLpQjOfqKpRMM
pFDcVKCBgcWUDwWPG2NtfyjCVnyX6OKOIM5N0Z/cgOFZsjeLx8ZfZ7Dko7iw/F8K
58dt7jmObKPUdNpUO1YAOP0CUP3BsJtkbOo5O0d/ZP3pFP42kZORAKZfLn2mlovo
fpCl5ut1GD5WSH4G1vxG6kMqKYuIvQ/1yS89o8fh2MAdyxFPG6OEdi2Oo/f+uw7U
LdQhAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:08 2024 by rpki-client on console-fra.rpki-client.org