Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ymsq-911tC4tnXr84dqEtfGzy7o.roa
File: ymsq-911tC4tnXr84dqEtfGzy7o.roa (raw, json)
Hash identifier: x7boOeU/6Ej27M2wVcmbUC7glpBoui/5MhfvhCUQY9A=
Subject key identifier: CA:6B:2A:FB:DD:75:B4:2E:2D:9D:7A:FC:E1:DA:84:B5:F1:B3:CB:BA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184096F90A580176D32D7C1C16A52A90558
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ymsq-911tC4tnXr84dqEtfGzy7o.roa
Signing time: Mon 24 Oct 2022 10:00:17 +0000
ROA not before: Mon 24 Oct 2022 10:00:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
62.76.229.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.223.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.173.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:6f:90:a5:80:17:6d:32:d7:c1:c1:6a:52:a9:05:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 24 10:00:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca6b2afbdd75b42e2d9d7afce1da84b5f1b3cbba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:25:18:2f:17:6c:82:f4:d0:aa:59:a5:3c:19:
b4:3f:67:53:92:6e:39:5d:47:52:39:47:f0:23:1f:
57:01:34:85:72:c1:68:0c:bf:88:a7:07:87:eb:6f:
1a:4b:b9:32:92:17:fc:f9:05:71:eb:7a:1c:e4:6f:
22:b4:33:77:82:f6:23:cf:2a:11:58:70:75:15:af:
b6:ed:0d:b3:96:5b:b2:9a:99:9f:d5:55:c0:97:4c:
76:30:d3:5a:c7:9f:9a:a1:e6:b7:36:ef:75:f8:04:
80:76:bc:a8:f5:66:ee:f2:d4:97:fe:eb:b3:df:32:
f4:45:01:a2:8b:14:0b:34:51:2a:50:55:80:fa:58:
ed:a0:19:22:26:3d:83:9d:b9:e6:b1:58:34:2d:a8:
4e:a3:43:55:d8:a9:d5:9a:72:56:15:b2:51:00:1b:
50:3d:39:47:1f:a5:81:f2:7a:37:6f:c9:fc:0c:6c:
04:77:5d:cd:04:04:db:a9:e4:ac:31:eb:62:8c:a0:
4f:a6:fb:bf:1d:5b:88:52:d5:04:43:04:8f:87:a1:
2b:33:25:03:0d:2f:a0:6b:b1:03:76:5f:3b:29:9a:
37:69:69:11:23:8c:b3:4f:04:12:83:d2:8a:f1:e3:
a0:c3:13:48:c4:39:34:ab:78:e4:23:68:73:2f:67:
cf:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6B:2A:FB:DD:75:B4:2E:2D:9D:7A:FC:E1:DA:84:B5:F1:B3:CB:BA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ymsq-911tC4tnXr84dqEtfGzy7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.229.0/24
62.76.231.0/24
192.124.173.0/24
192.124.178.0/24
192.124.180.0/22
192.124.209.0/24
193.108.112.0/24
193.124.3.0/24
193.124.95.0/24
193.124.203.0/24
194.58.45.0/24
194.58.60.0/24
194.87.1.0/24
194.87.3.0/24
194.87.16.0/24
194.87.24.0/22
194.87.117.0-194.87.118.255
194.87.165.0/24
194.87.170.0/24
194.87.178.0/23
194.87.198.0/24
194.87.207.0-194.87.209.255
194.87.222.0/23
194.87.226.0/24
194.135.23.0/24
194.135.30.0/24
195.58.54.0/24
195.133.55.0/24
195.133.76.0/24
212.193.0.0/24
212.193.12.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
73:de:0d:f7:a5:5e:f3:c8:5b:00:85:95:63:46:1e:93:2c:54:
3b:89:08:8a:f3:11:a0:83:31:e9:71:bf:1a:68:a9:a4:22:e0:
ee:e9:da:8c:b0:a6:9d:ce:43:dc:31:3c:3a:4c:9c:56:cb:3d:
4f:19:12:2c:6a:ea:8f:41:b4:30:1b:b1:92:e3:e0:8e:7f:21:
8d:d8:77:45:42:ba:ae:6c:6c:c3:14:c0:51:6f:59:ae:5c:da:
3a:3d:05:88:29:bb:ae:f8:66:18:3a:05:f1:86:29:6c:eb:99:
8c:7e:e5:e2:ad:ec:6e:6b:06:17:9c:2f:64:8e:d2:2b:ef:15:
3a:e1:f8:1d:1c:2b:98:78:fc:b6:79:27:ce:79:72:79:33:49:
0a:20:ff:01:69:37:6c:82:ae:a9:c6:75:f7:7e:6b:df:58:07:
b2:70:6b:ad:2e:7c:6b:ed:9a:73:f9:ad:c4:2f:e4:a5:b0:9b:
ee:7c:10:4c:dd:29:7a:55:ff:ad:fb:61:6a:5e:10:68:78:3c:
73:51:08:d4:d7:78:f9:2c:ce:d4:be:b8:d3:b3:8c:01:2d:81:
55:bf:e3:3f:73:85:7c:c7:db:b2:81:ed:0a:50:f0:56:af:d9:
be:3d:91:2b:96:c8:b0:ce:3e:a0:14:b9:d0:df:5c:ca:7d:fe:
0b:58:7e:40
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYQJb5ClgBdtMtfBwWpSqQVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI0MTAwMDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTZiMmFmYmRkNzViNDJlMmQ5ZDdhZmNlMWRhODRiNWYxYjNjYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iUYLxdsgvTQqlmlPBm0P2dTkm45
XUdSOUfwIx9XATSFcsFoDL+IpweH628aS7kykhf8+QVx63oc5G8itDN3gvYjzyoR
WHB1Fa+27Q2zlluympmf1VXAl0x2MNNax5+aoea3Nu91+ASAdryo9Wbu8tSX/uuz
3zL0RQGiixQLNFEqUFWA+ljtoBkiJj2DnbnmsVg0LahOo0NV2KnVmnJWFbJRABtQ
PTlHH6WB8no3b8n8DGwEd13NBATbqeSsMetijKBPpvu/HVuIUtUEQwSPh6ErMyUD
DS+ga7EDdl87KZo3aWkRI4yzTwQSg9KK8eOgwxNIxDk0q3jkI2hzL2fP2wIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFMprKvvddbQuLZ16/OHahLXxs8u6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveW1zcS05MTF0QzR0blhyODRkcUV0Zkd6eTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBbHADBADB
fAMDBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBADCVwMDBADCVxADBALC
VxgwDAMEAMJXdQMEAMJXdgMEAMJXpQMEAMJXqgMEAcJXsgMEAMJXxjAMAwQAwlfP
AwQBwlfQAwQBwlfeAwQAwlfiAwQAwocXAwQAwoceAwQAwzo2AwQAw4U3AwQAw4VM
AwQA1MEAAwQA1MEMAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQBz3g33pV7zyFsA
hZVjRh6TLFQ7iQiK8xGggzHpcb8aaKmkIuDu6dqMsKadzkPcMTw6TJxWyz1PGRIs
auqPQbQwG7GS4+COfyGN2HdFQrqubGzDFMBRb1muXNo6PQWIKbuu+GYYOgXxhils
65mMfuXirexuawYXnC9kjtIr7xU64fgdHCuYePy2eSfOeXJ5M0kKIP8BaTdsgq6p
xnX3fmvfWAeycGutLnxr7Zpz+a3EL+SlsJvufBBM3Sl6Vf+t+2FqXhBoeDxzUQjU
13j5LM7UvrjTs4wBLYFVv+M/c4V8x9uyge0KUPBWr9m+PZErlsiwzj6gFLnQ31zK
ff4LWH5A
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org