Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YRPM04RvL5tG8ZIiFoGVdlfhhD8.roa
File: YRPM04RvL5tG8ZIiFoGVdlfhhD8.roa (raw, json)
Hash identifier: nbywzkmeASW3PXrrXfE48D7kAlC3TL93uB/Scdi7XO0=
Subject key identifier: 61:13:CC:D3:84:6F:2F:9B:46:F1:92:22:16:81:95:76:57:E1:84:3F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1D5E9772
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YRPM04RvL5tG8ZIiFoGVdlfhhD8.roa
Signing time: Fri 04 Mar 2022 11:18:50 +0000
ROA not before: Fri 04 Mar 2022 11:18:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3214
IP address blocks: 212.87.223.0/24 maxlen: 24
212.87.221.0/24 maxlen: 24
212.87.222.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 492738418 (0x1d5e9772)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 4 11:18:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6113ccd3846f2f9b46f192221681957657e1843f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:77:11:42:2d:40:b6:43:c6:cf:39:99:c9:26:
69:44:6f:fe:d9:ba:44:6a:57:a2:17:94:66:1b:21:
d5:9f:24:58:48:37:7b:34:f0:b0:7f:38:e4:9a:bd:
8b:ba:7e:4d:04:99:d5:64:4c:c7:b5:36:09:e5:39:
c3:bc:11:8b:af:4b:8e:e6:1f:a0:3d:86:e7:82:26:
21:66:c9:97:d8:1d:0b:a6:71:17:10:8f:3b:df:3d:
51:38:ea:89:e7:ec:11:da:6c:f9:c2:c5:2c:a4:f8:
d5:ce:d3:68:e1:d9:55:a8:cb:a7:42:64:35:15:a9:
6d:11:ef:2c:6b:e9:bb:0a:32:5f:54:6e:1b:c8:6d:
26:be:c5:36:83:c3:2b:ed:38:f5:93:7e:c9:e9:00:
99:0e:05:fb:2c:75:35:8e:d5:1b:e9:e1:36:57:03:
38:f3:22:6e:1a:22:e0:16:ac:44:e0:39:43:33:31:
92:35:e1:d2:83:8b:05:74:f8:b8:31:d7:ec:58:47:
94:61:a3:6b:5b:3e:80:08:32:be:c9:d0:b4:ea:c6:
ad:3b:00:12:85:f7:52:63:86:f3:d5:07:10:5f:1e:
be:9b:9b:18:ea:ea:63:0b:a0:13:e7:9a:8f:ee:12:
1b:54:0b:e4:87:f2:46:9f:ae:b1:42:02:df:4f:39:
4e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:13:CC:D3:84:6F:2F:9B:46:F1:92:22:16:81:95:76:57:E1:84:3F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YRPM04RvL5tG8ZIiFoGVdlfhhD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.124.0/22
212.87.220.0/22
Signature Algorithm: sha256WithRSAEncryption
04:de:bb:74:67:40:20:2e:d5:72:38:7d:81:e2:ae:8f:b4:53:
11:c5:a8:19:df:95:82:65:b4:53:f3:9e:5e:99:c2:c3:61:5a:
35:ee:7b:7f:70:25:43:05:55:5f:49:d5:c6:9e:40:b3:15:31:
8b:70:ee:e5:1d:9d:01:66:a7:a9:ce:2c:41:bb:7d:d1:23:0c:
91:16:fc:0d:33:50:99:52:c4:0d:3a:b5:73:05:aa:11:2d:ab:
95:5f:79:c3:5f:3e:ef:a0:aa:25:74:86:f3:02:c1:6c:92:86:
84:97:c9:21:c6:ce:e9:71:0b:cb:89:36:14:41:bb:4e:ae:63:
88:e9:81:2f:0c:70:a8:23:63:75:6d:86:5f:cf:db:f8:b9:6b:
91:c0:bb:b3:12:37:a8:be:27:38:30:2b:a6:8a:c9:cb:08:d0:
a4:7d:c1:84:6c:d3:4f:2a:15:9f:21:fa:b6:49:2b:61:29:7d:
d2:58:00:d2:93:06:97:8e:89:26:fd:f8:22:07:f7:4a:0f:2e:
42:2c:5e:44:be:3d:4e:80:bc:19:dd:39:6e:f4:ac:a5:43:7f:
1f:e2:22:8c:f5:c5:e7:6d:42:34:5e:fc:d6:b5:0d:c3:f6:cd:
b5:ee:d2:01:ff:0d:6c:a3:aa:57:bc:db:b5:65:0f:6a:bb:1d:
74:d8:bc:eb
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHV6XcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDMw
NDExMTg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjExM2NjZDM4NDZm
MmY5YjQ2ZjE5MjIyMTY4MTk1NzY1N2UxODQzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALF3EUItQLZDxs85mckmaURv/tm6RGpXoheUZhsh1Z8kWEg3
ezTwsH845Jq9i7p+TQSZ1WRMx7U2CeU5w7wRi69LjuYfoD2G54ImIWbJl9gdC6Zx
FxCPO989UTjqiefsEdps+cLFLKT41c7TaOHZVajLp0JkNRWpbRHvLGvpuwoyX1Ru
G8htJr7FNoPDK+049ZN+yekAmQ4F+yx1NY7VG+nhNlcDOPMibhoi4BasROA5QzMx
kjXh0oOLBXT4uDHX7FhHlGGja1s+gAgyvsnQtOrGrTsAEoX3UmOG89UHEF8evpub
GOrqYwugE+eaj+4SG1QL5IfyRp+usUIC3085TjMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRhE8zThG8vm0bxkiIWgZV2V+GEPzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1lSUE0wNFJ2TDV0RzhaSWlGb0dWZGxmaGhEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAl5nfAMEAtRX3DANBgkqhkiG9w0B
AQsFAAOCAQEABN67dGdAIC7Vcjh9geKuj7RTEcWoGd+VgmW0U/OeXpnCw2FaNe57
f3AlQwVVX0nVxp5AsxUxi3Du5R2dAWanqc4sQbt90SMMkRb8DTNQmVLEDTq1cwWq
ES2rlV95w18+76CqJXSG8wLBbJKGhJfJIcbO6XELy4k2FEG7Tq5jiOmBLwxwqCNj
dW2GX8/b+LlrkcC7sxI3qL4nODArporJywjQpH3BhGzTTyoVnyH6tkkrYSl90lgA
0pMGl46JJv34Igf3Sg8uQixeRL49ToC8Gd05bvSspUN/H+IijPXF521CNF781rUN
w/bNte7SAf8NbKOqV7zbtWUParsddNi86w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org