Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/YOLR_8bGKtLzSYm4jESDjLiQvdw.roa
File: YOLR_8bGKtLzSYm4jESDjLiQvdw.roa (raw, json)
Hash identifier: Dp7jIbM8YqBHTBNfB9aOOHd5wF9/fAGeaMFSA9SRen0=
Subject key identifier: 60:E2:D1:FF:C6:C6:2A:D2:F3:49:89:B8:8C:44:83:8C:B8:90:BD:DC
Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Certificate serial: 059F4C13
Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/YOLR_8bGKtLzSYm4jESDjLiQvdw.roa
Signing time: Sat 01 Jan 2022 15:55:49 +0000
ROA not before: Sat 01 Jan 2022 15:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29549
IP address blocks: 193.105.240.0/24 maxlen: 24
185.63.121.0/24 maxlen: 24
185.63.123.0/24 maxlen: 24
185.63.120.0/24 maxlen: 24
185.63.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94325779 (0x59f4c13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Validity
Not Before: Jan 1 15:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60e2d1ffc6c62ad2f34989b88c44838cb890bddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6e:09:23:e8:a0:d0:d2:9b:ba:57:08:f0:e0:
95:32:6c:13:cf:51:c4:57:01:db:5a:c3:90:7d:0f:
88:78:99:a5:e6:f2:a5:fb:d6:e4:48:cc:cc:c9:d7:
d2:d8:04:88:d1:4f:01:e1:19:2f:fa:87:10:2e:9f:
77:95:68:ee:f7:38:e8:3c:7d:80:2b:50:b1:0c:f3:
5f:a1:6b:7b:ab:ad:96:85:61:b3:3f:e0:6f:c2:4a:
c0:a4:ce:57:f2:df:18:a4:b7:35:c1:d9:e8:39:81:
c6:d3:71:e0:bd:38:68:00:73:78:84:0a:9d:7f:6a:
23:02:a6:50:39:7a:72:8b:2d:04:02:3e:0e:21:be:
c2:40:9f:dd:0c:d3:c0:d6:dc:31:db:5b:19:bb:43:
d0:d9:39:47:21:21:2c:0a:a2:92:ac:7d:8e:fd:5a:
ea:fc:a8:37:91:98:0e:2c:f6:8f:5f:f1:ea:10:7c:
66:ae:c7:f8:77:ad:2a:c8:1b:64:ce:24:64:7d:71:
74:40:b4:76:f6:8f:23:73:58:bf:a1:9b:26:b0:cf:
d9:e0:4c:5e:52:ac:b0:00:0d:a8:fa:02:6e:2c:9a:
2d:7f:6a:3b:1a:6d:a7:a8:4d:b1:a7:e2:36:b1:cc:
bc:05:1c:65:fd:52:ec:59:53:6f:80:56:71:fd:04:
93:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E2:D1:FF:C6:C6:2A:D2:F3:49:89:B8:8C:44:83:8C:B8:90:BD:DC
X509v3 Authority Key Identifier:
keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/YOLR_8bGKtLzSYm4jESDjLiQvdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.120.0/22
193.105.240.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:1e:57:37:1a:e1:03:60:6d:66:84:5f:9a:52:0e:dc:82:55:
73:40:c0:19:ee:29:a2:20:52:cf:d7:e9:49:c1:99:fd:4b:40:
74:b4:de:31:2b:ac:a5:44:15:59:d1:06:b8:5d:a0:5c:e8:f8:
e3:9a:75:5f:69:33:42:a8:5e:a0:37:e7:bd:df:b5:f8:35:ee:
6d:fa:69:58:ff:25:0e:58:da:8f:3d:3b:46:d3:66:96:a1:a0:
48:c5:47:22:dd:60:9a:82:11:70:6e:a1:cd:99:12:fd:4f:ef:
87:89:b8:ad:54:f6:53:fb:a9:c7:2e:ba:41:40:5a:55:3e:79:
31:e1:be:a3:b1:63:f1:31:cc:4c:b4:53:f8:7f:ab:4f:c0:3f:
b7:38:1e:a5:84:8f:87:b4:7c:d5:fb:c8:fa:7b:04:2e:05:d3:
30:e1:ca:78:ae:69:57:04:16:2b:9d:31:09:c3:2d:02:ba:92:
2f:da:45:96:c4:06:7e:dc:a9:80:89:c6:13:f3:b0:ef:86:84:
b1:b4:57:d2:e2:17:17:d2:37:d2:91:9e:8e:0d:5c:f1:70:0a:
93:f2:35:6e:36:dc:c2:ca:ea:a5:17:5e:82:94:b2:b0:cf:a2:
43:d7:eb:78:4a:7a:35:7c:81:1a:2f:47:d3:30:ba:bf:a2:94:
8c:bb:b4:be
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBZ9MEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWE1M2FjOWE4ZGM0NDZmYjdlMDExM2I2OGIzOGU5NzBjMTlmN2NjMB4XDTIyMDEw
MTE1NTU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBlMmQxZmZjNmM2
MmFkMmYzNDk4OWI4OGM0NDgzOGNiODkwYmRkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFuCSPooNDSm7pXCPDglTJsE89RxFcB21rDkH0PiHiZpeby
pfvW5EjMzMnX0tgEiNFPAeEZL/qHEC6fd5Vo7vc46Dx9gCtQsQzzX6Fre6utloVh
sz/gb8JKwKTOV/LfGKS3NcHZ6DmBxtNx4L04aABzeIQKnX9qIwKmUDl6costBAI+
DiG+wkCf3QzTwNbcMdtbGbtD0Nk5RyEhLAqikqx9jv1a6vyoN5GYDiz2j1/x6hB8
Zq7H+HetKsgbZM4kZH1xdEC0dvaPI3NYv6GbJrDP2eBMXlKssAANqPoCbiyaLX9q
Oxptp6hNsafiNrHMvAUcZf1S7FlTb4BWcf0Ek20CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRg4tH/xsYq0vNJibiMRIOMuJC93DAfBgNVHSMEGDAWgBQ+pTrJqNxEb7fg
ETtos46XDBn3zDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BxVTZ5YWpjUkctMzRCRTdhTE9PbHd3Wjk4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvZTczY2I1LThiZmMtNDEzOS05YTI3LTM1MWMyMTE5MmM2NS8x
L1lPTFJfOGJHS3RMelNZbTRqRVNEakxpUXZkdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
ZTczY2I1LThiZmMtNDEzOS05YTI3LTM1MWMyMTE5MmM2NS8xL1BxVTZ5YWpjUkct
MzRCRTdhTE9PbHd3Wjk4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArk/eAMEAMFp8DANBgkqhkiG9w0B
AQsFAAOCAQEAsB5XNxrhA2BtZoRfmlIO3IJVc0DAGe4poiBSz9fpScGZ/UtAdLTe
MSuspUQVWdEGuF2gXOj445p1X2kzQqheoDfnvd+1+DXubfppWP8lDljajz07RtNm
lqGgSMVHIt1gmoIRcG6hzZkS/U/vh4m4rVT2U/upxy66QUBaVT55MeG+o7Fj8THM
TLRT+H+rT8A/tzgepYSPh7R81fvI+nsELgXTMOHKeK5pVwQWK50xCcMtArqSL9pF
lsQGftypgInGE/Ow74aEsbRX0uIXF9I30pGejg1c8XAKk/I1bjbcwsrqpRdegpSy
sM+iQ9freEp6NXyBGi9H0zC6v6KUjLu0vg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:21 2023 by rpki-client on console-ams.rpki-client.org