Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/YhXoeE_VXyV4A8i37HVeGTqHYuc.roa
File: YhXoeE_VXyV4A8i37HVeGTqHYuc.roa (raw, json)
Hash identifier: ldK3B5o0Uh5NXNZ0TZvGTGx+ryFfoyXiUkWnQ1LxMrA=
Subject key identifier: 62:15:E8:78:4F:D5:5F:25:78:03:C8:B7:EC:75:5E:19:3A:87:62:E7
Certificate issuer: /CN=567190854786a16afa6b0ec78dfb0620abaacfef
Certificate serial: 37D844AC
Authority key identifier: 56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/YhXoeE_VXyV4A8i37HVeGTqHYuc.roa
Signing time: Sat 01 Jan 2022 09:03:45 +0000
ROA not before: Sat 01 Jan 2022 09:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20712
IP address blocks: 178.238.144.0/20 maxlen: 20
90.155.64.0/19 maxlen: 20
5.172.160.0/20 maxlen: 20
90.155.96.0/20 maxlen: 20
194.4.172.0/22 maxlen: 22
5.172.170.0/24 maxlen: 24
90.155.0.0/18 maxlen: 24
81.187.0.0/16 maxlen: 23
81.2.64.0/18 maxlen: 18
217.169.0.0/19 maxlen: 19
2001:8b0::/32 maxlen: 63
2001:8b0:a::666/128 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936920236 (0x37d844ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567190854786a16afa6b0ec78dfb0620abaacfef
Validity
Not Before: Jan 1 09:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6215e8784fd55f257803c8b7ec755e193a8762e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7b:77:31:f4:f7:e0:cc:02:07:36:52:ad:76:
43:b0:af:5d:20:89:3f:fe:7b:c2:63:98:38:cf:93:
25:02:d1:56:7e:fa:b0:aa:73:69:2b:de:a7:c7:5f:
c1:de:1a:05:6a:97:19:16:d3:a3:c6:3e:1d:42:62:
87:f0:a8:ee:b7:6b:43:4f:12:ed:9d:1b:0b:da:3b:
c7:f5:8b:84:2a:ff:63:d5:94:81:09:5c:45:3f:a9:
e9:03:57:b0:1e:42:e7:ae:92:64:8c:23:30:ab:1b:
b3:8f:4e:b5:70:e0:70:dd:57:22:45:75:56:ba:9b:
87:1f:15:99:3e:48:d1:b1:09:75:f2:a6:36:f0:72:
c6:e9:aa:66:3a:85:bb:b3:2f:26:8e:39:db:58:47:
c7:f2:26:5b:c3:d3:3c:06:d3:1d:55:16:17:ca:4c:
14:ad:98:e6:57:97:84:9c:eb:82:cc:d2:22:70:8f:
15:80:1b:a7:ca:6d:e3:6d:f3:1e:d9:13:76:cb:04:
c6:55:4b:7c:67:94:36:17:c9:c7:60:b6:dc:a2:ee:
60:87:74:13:ed:90:4e:4a:af:21:aa:d4:3b:ef:4c:
e0:64:c5:a3:4c:f9:4a:c6:5e:be:bc:eb:8d:bc:03:
9c:98:03:d2:17:9d:1a:de:a6:ee:a9:8e:55:70:18:
83:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:15:E8:78:4F:D5:5F:25:78:03:C8:B7:EC:75:5E:19:3A:87:62:E7
X509v3 Authority Key Identifier:
keyid:56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/YhXoeE_VXyV4A8i37HVeGTqHYuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.160.0/20
81.2.64.0/18
81.187.0.0/16
90.155.0.0-90.155.111.255
178.238.144.0/20
194.4.172.0/22
217.169.0.0/19
IPv6:
2001:8b0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:d7:a3:b1:8e:78:c6:f4:de:50:95:b2:42:8a:c8:e1:9e:b6:
53:dd:0a:d3:34:62:ac:da:20:8f:6b:09:9f:ac:29:23:fd:95:
14:46:f2:30:3e:4c:4d:3d:75:cf:20:5d:6b:ce:56:af:9e:90:
17:49:b6:2b:c9:f0:a2:63:09:ca:6c:a9:97:a6:38:f7:14:6b:
24:83:80:0c:3f:6e:9c:35:27:ae:04:01:dd:1d:dc:c1:02:ad:
07:cb:0b:7b:e2:7b:76:76:fb:6f:8e:bb:43:72:24:c7:57:e5:
9a:86:0b:29:98:de:b1:75:e1:d6:99:9a:93:cc:3e:a6:78:e4:
d2:f7:0d:b1:10:b0:9d:d0:f0:7e:8e:e4:c1:f5:92:c8:23:62:
5a:e1:c9:7f:fe:76:1f:58:e6:23:81:58:8e:d5:02:84:43:2d:
9e:51:3c:6a:eb:d5:dc:93:41:52:59:c2:5c:64:51:ff:94:43:
43:6b:cc:5d:c3:7d:c4:60:19:dc:8f:96:f5:e7:13:07:50:58:
e2:fc:4c:63:f4:24:6f:bc:c2:2e:54:41:49:25:6f:d7:8d:bf:
da:2c:a4:c3:f5:99:28:71:b5:82:cb:c8:c3:b8:28:90:ec:dc:
f3:15:33:10:2d:d6:98:2e:63:56:93:ed:0a:40:c4:83:47:b2:
1e:98:b9:28
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEN9hErDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjcxOTA4NTQ3ODZhMTZhZmE2YjBlYzc4ZGZiMDYyMGFiYWFjZmVmMB4XDTIyMDEw
MTA5MDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIxNWU4Nzg0ZmQ1
NWYyNTc4MDNjOGI3ZWM3NTVlMTkzYTg3NjJlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALt7dzH09+DMAgc2Uq12Q7CvXSCJP/57wmOYOM+TJQLRVn76
sKpzaSvep8dfwd4aBWqXGRbTo8Y+HUJih/Co7rdrQ08S7Z0bC9o7x/WLhCr/Y9WU
gQlcRT+p6QNXsB5C566SZIwjMKsbs49OtXDgcN1XIkV1Vrqbhx8VmT5I0bEJdfKm
NvByxumqZjqFu7MvJo4521hHx/ImW8PTPAbTHVUWF8pMFK2Y5leXhJzrgszSInCP
FYAbp8pt423zHtkTdssExlVLfGeUNhfJx2C23KLuYId0E+2QTkqvIarUO+9M4GTF
o0z5SsZevrzrjbwDnJgD0hedGt6m7qmOVXAYg+ECAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRiFeh4T9VfJXgDyLfsdV4ZOodi5zAfBgNVHSMEGDAWgBRWcZCFR4ahavpr
DseN+wYgq6rP7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZuR1FoVWVHb1dyNmF3N0hqZnNHSUt1cXotOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvMjRjMzI0LWExNWUtNGNkMC05NGMxLTczZmY0MDk1OTM0OC8x
L1loWG9lRV9WWHlWNEE4aTM3SFZlR1RxSFl1Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
MjRjMzI0LWExNWUtNGNkMC05NGMxLTczZmY0MDk1OTM0OC8xL1ZuR1FoVWVHb1dy
NmF3N0hqZnNHSUt1cXotOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBAWsoAMEBlECQAMDAFG7MAsDAwBa
mwMEBFqbYAMEBLLukAMEAsIErAMEBdmpADANBAIAAjAHAwUAIAEIsDANBgkqhkiG
9w0BAQsFAAOCAQEAKtejsY54xvTeUJWyQorI4Z62U90K0zRirNogj2sJn6wpI/2V
FEbyMD5MTT11zyBda85Wr56QF0m2K8nwomMJymypl6Y49xRrJIOADD9unDUnrgQB
3R3cwQKtB8sLe+J7dnb7b467Q3Ikx1flmoYLKZjesXXh1pmak8w+pnjk0vcNsRCw
ndDwfo7kwfWSyCNiWuHJf/52H1jmI4FYjtUChEMtnlE8auvV3JNBUlnCXGRR/5RD
Q2vMXcN9xGAZ3I+W9ecTB1BY4vxMY/Qkb7zCLlRBSSVv142/2iykw/WZKHG1gsvI
w7gokOzc8xUzEC3WmC5jVpPtCkDEg0eyHpi5KA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:26 2024 by rpki-client on console-fra.rpki-client.org