Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/YveEkDzgrK1AnVUnWbwt5KjVWcg.roa
File: YveEkDzgrK1AnVUnWbwt5KjVWcg.roa (raw, json)
Hash identifier: vsMDE1wO8qn+7C1Y8R3lGHHAw3YRnM5d35PbeBLApwo=
Subject key identifier: 62:F7:84:90:3C:E0:AC:AD:40:9D:55:27:59:BC:2D:E4:A8:D5:59:C8
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 38AC8409
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/YveEkDzgrK1AnVUnWbwt5KjVWcg.roa
Signing time: Thu 09 Jun 2022 16:06:02 +0000
ROA not before: Thu 09 Jun 2022 16:06:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56595
IP address blocks: 188.241.20.0/22 maxlen: 24
185.7.230.0/23 maxlen: 23
46.226.0.0/21 maxlen: 21
185.73.152.0/22 maxlen: 22
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
89.32.88.0/21 maxlen: 21
185.34.8.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
185.122.64.0/22 maxlen: 22
192.124.193.0/24 maxlen: 24
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
192.124.200.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
185.240.200.0/22 maxlen: 22
2a00:a600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 950830089 (0x38ac8409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: Jun 9 16:06:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62f784903ce0acad409d552759bc2de4a8d559c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6d:65:9d:6e:4c:ee:f4:4d:e3:37:6b:c0:5c:
20:67:73:4f:4e:ca:9e:4f:cb:bb:30:25:8c:27:da:
68:43:30:62:33:88:c4:81:f7:56:ff:25:9e:4f:b2:
a8:85:a7:22:49:85:50:6a:96:4a:42:ba:f3:fa:dd:
48:3d:7f:2b:1d:39:98:29:d8:94:da:bb:ac:87:7a:
ec:74:a1:3d:97:78:17:96:a2:f6:0a:94:41:71:0f:
49:64:44:c0:90:96:99:3e:34:a6:8f:7b:97:48:18:
81:1c:8e:71:4a:c7:32:d8:65:c2:0f:84:e4:99:3d:
6f:27:76:6c:3f:eb:45:53:9e:cb:63:20:af:95:a3:
f7:0a:ce:be:6f:12:9f:75:9b:ce:ce:e7:4f:0b:29:
de:4c:cd:5d:7b:44:d7:df:33:5c:50:81:04:09:59:
ce:8a:63:b7:ef:5b:c2:63:16:99:ef:e4:6e:30:6e:
43:60:7d:86:45:b0:2c:1e:9a:f4:a5:46:d1:a9:bf:
a8:50:f1:e1:fe:e2:84:31:a2:77:3d:99:a8:2a:6a:
17:4c:7e:18:ee:4f:33:e9:3d:dd:92:03:5a:9f:e2:
c6:28:db:a6:21:08:8e:13:d1:bf:af:48:92:02:6a:
44:e6:93:a7:c1:af:0b:f0:13:03:2d:0e:46:af:97:
e7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F7:84:90:3C:E0:AC:AD:40:9D:55:27:59:BC:2D:E4:A8:D5:59:C8
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/YveEkDzgrK1AnVUnWbwt5KjVWcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.240.174.0/24
185.7.228.0/22
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0/24
192.124.197.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
8a:5f:67:45:2b:ae:59:c1:db:2d:5d:fc:af:f2:3b:6a:5e:9f:
35:c6:86:8c:41:e0:65:fd:d7:42:99:e3:6b:48:04:58:ac:b3:
54:ee:e3:4d:5a:0c:fd:62:a2:4f:14:b7:fb:ee:e5:18:45:9b:
a0:90:d5:84:31:ec:9e:3f:18:b3:45:ec:18:a2:a4:76:1f:bc:
cb:a4:0c:22:52:67:23:c7:46:e1:d6:d1:69:02:c0:39:13:2c:
69:08:f6:ad:d8:1b:ca:58:26:4c:ed:cc:56:42:30:77:d6:39:
c4:8c:23:10:c6:e0:d0:8b:aa:df:29:d4:6f:45:d5:8f:db:4f:
2f:a6:8e:09:04:08:28:0c:1a:2a:85:83:2b:b3:70:37:df:9c:
c2:d5:8c:2e:55:a9:a2:df:1f:a5:81:f9:fa:24:83:9b:02:bd:
85:2c:fe:35:47:98:5f:21:ff:36:3b:de:e4:49:9d:42:86:02:
c5:dc:3b:4e:8d:85:50:03:1c:17:83:ad:e5:a9:cc:fe:97:77:
79:47:20:ae:53:25:85:25:82:42:4c:de:8c:41:95:47:c0:4b:
17:d9:2b:8b:57:e0:f8:6f:3f:c5:ce:d7:11:30:f9:14:60:e6:
67:e8:ea:6f:ee:72:ba:22:b3:eb:49:e6:32:6c:03:4b:fe:ab:
31:fd:4a:bf
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIEOKyECTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OGI1ZmU2N2MyMDc5N2QzOTQxNTU1NTU0ZjhjOTg4Y2EyZjdjMTdiMB4XDTIyMDYw
OTE2MDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJmNzg0OTAzY2Uw
YWNhZDQwOWQ1NTI3NTliYzJkZTRhOGQ1NTljODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhtZZ1uTO70TeM3a8BcIGdzT07Knk/LuzAljCfaaEMwYjOI
xIH3Vv8lnk+yqIWnIkmFUGqWSkK68/rdSD1/Kx05mCnYlNq7rId67HShPZd4F5ai
9gqUQXEPSWREwJCWmT40po97l0gYgRyOcUrHMthlwg+E5Jk9byd2bD/rRVOey2Mg
r5Wj9wrOvm8Sn3Wbzs7nTwsp3kzNXXtE198zXFCBBAlZzopjt+9bwmMWme/kbjBu
Q2B9hkWwLB6a9KVG0am/qFDx4f7ihDGidz2ZqCpqF0x+GO5PM+k93ZIDWp/ixijb
piEIjhPRv69IkgJqROaTp8GvC/ATAy0ORq+X5xECAwEAAaOCAnUwggJxMB0GA1Ud
DgQWBBRi94SQPOCsrUCdVSdZvC3kqNVZyDAfBgNVHSMEGDAWgBSotf5nwgeX05QV
VVVPjJiMovfBezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FMWC1aOElIbDlPVUZWVlZUNHlZaktMM3dYcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvZTdjYmYzLTY0ZTYtNDAyMy1iZWZkLTFjYzYxOTE5NzU1MS8x
L1l2ZUVrRHpncksxQW5WVW5XYnd0NUtqVldjZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
ZTdjYmYzLTY0ZTYtNDAyMy1iZWZkLTFjYzYxOTE5NzU1MS8xL3FMWC1aOElIbDlP
VUZWVlZUNHlZaktMM3dYcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
igYIKwYBBQUHAQcBAf8EezB5MGgEAgABMGIDBAMu4gADBANZIFgDBABb8K4DBAK5
B+QDBAK5IggDBAK5SZgDBAK5ZEQDBAK5ekADBAK58MgDBAK88RQDBADAfMEwDAME
AMB8xQMEAMB8xgMEAMB8yAMEAMB8ywMEAcB8zjANBAIAAjAHAwUAKgCmADANBgkq
hkiG9w0BAQsFAAOCAQEAil9nRSuuWcHbLV38r/I7al6fNcaGjEHgZf3XQpnja0gE
WKyzVO7jTVoM/WKiTxS3++7lGEWboJDVhDHsnj8Ys0XsGKKkdh+8y6QMIlJnI8dG
4dbRaQLAORMsaQj2rdgbylgmTO3MVkIwd9Y5xIwjEMbg0Iuq3ynUb0XVj9tPL6aO
CQQIKAwaKoWDK7NwN9+cwtWMLlWpot8fpYH5+iSDmwK9hSz+NUeYXyH/Njve5Emd
QoYCxdw7To2FUAMcF4Ot5anM/pd3eUcgrlMlhSWCQkzejEGVR8BLF9kri1fg+G8/
xc7XETD5FGDmZ+jqb+5yuiKz60nmMmwDS/6rMf1Kvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:06 2024 by rpki-client on console-fra.rpki-client.org