Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YVo4CY50srZX1jzwd4ZnMmz8ae0.roa
File: YVo4CY50srZX1jzwd4ZnMmz8ae0.roa (raw, json)
Hash identifier: 3Oe6mJkvMkI22OaRZtChdh7lfqxYYmoEQ1k2SIPqBTI=
Subject key identifier: 61:5A:38:09:8E:74:B2:B6:57:D6:3C:F0:77:86:67:32:6C:FC:69:ED
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183A1B6F75703C457F5B510F602F2906450
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YVo4CY50srZX1jzwd4ZnMmz8ae0.roa
Signing time: Tue 04 Oct 2022 06:37:46 +0000
ROA not before: Tue 04 Oct 2022 06:37:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 81.161.238.0/23 maxlen: 24
185.207.12.0/24 maxlen: 24
193.168.196.0/22 maxlen: 24
109.206.237.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a1:b6:f7:57:03:c4:57:f5:b5:10:f6:02:f2:90:64:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 4 06:37:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=615a38098e74b2b657d63cf0778667326cfc69ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d5:81:cd:a3:c2:85:55:42:ed:44:26:ec:63:
75:66:56:67:fa:6d:39:3f:a4:7b:fa:d7:ae:e8:e5:
77:c3:46:a6:cf:72:22:e9:ae:26:03:8e:49:a6:c1:
92:b4:39:52:95:45:cc:97:fc:e3:24:b1:70:fb:b1:
3f:49:90:48:8b:62:67:31:92:8f:b8:12:70:77:e1:
a3:b3:01:a7:e7:a4:73:d1:19:5c:ec:60:67:91:09:
a1:34:b7:ea:13:bb:42:7c:88:d8:40:41:74:6c:93:
67:2c:b0:ac:76:85:69:6f:85:cc:4f:8a:54:5d:ff:
b6:62:0d:30:04:39:9e:26:0e:cc:34:46:16:db:ef:
ec:1d:fe:43:92:ff:61:59:3c:2a:10:37:a1:f5:e6:
83:ff:a7:d5:10:59:af:a7:12:77:a2:04:b6:c0:1f:
f7:a3:55:d1:ab:ba:17:a4:26:2e:be:a6:b5:5c:5d:
86:86:72:34:1b:f2:42:d2:1a:76:54:38:c0:38:df:
b8:ac:c1:bd:9f:c9:d4:3b:dc:76:37:7e:ca:c1:29:
11:6b:52:b5:86:5e:df:37:df:6c:c6:c1:f9:1a:0f:
31:02:61:69:ef:b6:2b:af:94:1e:0d:d4:92:c4:cf:
bf:ea:c6:aa:b0:65:a5:04:87:3f:b9:7c:03:08:31:
a7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5A:38:09:8E:74:B2:B6:57:D6:3C:F0:77:86:67:32:6C:FC:69:ED
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YVo4CY50srZX1jzwd4ZnMmz8ae0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
88.218.76.0/22
109.206.237.0/24
185.207.12.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
24:cb:e0:bd:58:3f:e9:b9:5b:42:03:7a:48:e0:3e:95:4c:3e:
08:6f:d9:fd:05:11:69:67:58:91:11:8f:73:61:6b:c7:2a:59:
4f:e5:69:1d:15:74:24:24:e4:41:40:58:6d:fa:c3:c4:72:50:
da:d5:19:e3:d5:cf:08:d1:3a:1c:69:17:0e:ee:a0:36:1d:64:
5c:a5:1f:a0:a6:2f:ea:99:c1:90:c6:60:0f:ee:50:0d:85:37:
7c:41:03:cb:6f:7d:21:59:f6:ac:b6:eb:e9:5f:26:b3:ba:72:
2f:87:7a:14:53:45:07:23:80:e2:c1:8a:5c:b0:67:ae:37:01:
57:bd:50:e4:63:38:fb:0d:4a:6c:13:02:5b:59:98:33:49:53:
25:80:34:75:95:1c:22:54:38:2c:4f:7f:15:b1:08:64:66:11:
2a:49:21:f8:fb:c5:2e:ae:6c:19:00:89:fa:74:f2:98:72:78:
9e:51:2d:46:27:34:3f:be:0c:a8:3d:5f:da:0c:85:78:c7:5a:
10:93:a6:23:76:f7:a0:9e:a7:b9:27:bc:e5:50:c9:1b:7c:2f:
4a:5d:0f:a8:07:4e:a9:02:d2:e2:48:5e:ba:fc:fa:bb:1c:39:
0c:b8:5e:a1:85:f9:22:8a:7b:e0:7e:ba:10:22:89:a6:cf:7f:
a1:3d:26:20
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYOhtvdXA8RX9bUQ9gLykGRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDA0MDYzNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVhMzgwOThlNzRiMmI2NTdkNjNjZjA3Nzg2NjczMjZjZmM2OWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9WBzaPChVVC7UQm7GN1ZlZn+m05
P6R7+teu6OV3w0amz3Ii6a4mA45JpsGStDlSlUXMl/zjJLFw+7E/SZBIi2JnMZKP
uBJwd+GjswGn56Rz0Rlc7GBnkQmhNLfqE7tCfIjYQEF0bJNnLLCsdoVpb4XMT4pU
Xf+2Yg0wBDmeJg7MNEYW2+/sHf5Dkv9hWTwqEDeh9eaD/6fVEFmvpxJ3ogS2wB/3
o1XRq7oXpCYuvqa1XF2GhnI0G/JC0hp2VDjAON+4rMG9n8nUO9x2N37KwSkRa1K1
hl7fN99sxsH5Gg8xAmFp77Yrr5QeDdSSxM+/6saqsGWlBIc/uXwDCDGn8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGFaOAmOdLK2V9Y88HeGZzJs/GntMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWVZvNENZNTBzclpYMWp6d2Q0Wm5NbXo4YWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUaHuAwQC
WNpMAwQAbc7tAwQAuc8MAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQAky+C9WD/p
uVtCA3pI4D6VTD4Ib9n9BRFpZ1iREY9zYWvHKllP5WkdFXQkJORBQFht+sPEclDa
1Rnj1c8I0TocaRcO7qA2HWRcpR+gpi/qmcGQxmAP7lANhTd8QQPLb30hWfastuvp
XyazunIvh3oUU0UHI4DiwYpcsGeuNwFXvVDkYzj7DUpsEwJbWZgzSVMlgDR1lRwi
VDgsT38VsQhkZhEqSSH4+8UurmwZAIn6dPKYcnieUS1GJzQ/vgyoPV/aDIV4x1oQ
k6Yjdvegnqe5J7zlUMkbfC9KXQ+oB06pAtLiSF66/Pq7HDkMuF6hhfkiinvgfroQ
Iommz3+hPSYg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org