Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/ybj643QhvZI-t3fSTFvTl2bHd4M.roa
File: ybj643QhvZI-t3fSTFvTl2bHd4M.roa (raw, json)
Hash identifier: gdFGRxUTDwyBowEQ1EJHw4wSVc1qXuQ29NdYivV2NuE=
Subject key identifier: C9:B8:FA:E3:74:21:BD:92:3E:B7:77:D2:4C:5B:D3:97:66:C7:77:83
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 03DDF697
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/ybj643QhvZI-t3fSTFvTl2bHd4M.roa
Signing time: Sat 01 Jan 2022 11:57:15 +0000
ROA not before: Sat 01 Jan 2022 11:57:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 109.72.192.0/20 maxlen: 20
109.238.176.0/20 maxlen: 20
109.238.184.0/24 maxlen: 24
185.246.4.0/22 maxlen: 22
5.23.112.0/21 maxlen: 21
176.67.64.0/20 maxlen: 20
185.11.176.0/22 maxlen: 22
95.130.58.0/24 maxlen: 24
95.130.57.0/24 maxlen: 24
95.130.56.0/24 maxlen: 24
95.130.56.0/21 maxlen: 21
95.130.59.0/24 maxlen: 24
95.130.63.0/24 maxlen: 24
95.130.62.0/24 maxlen: 24
95.130.61.0/24 maxlen: 24
95.130.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64878231 (0x3ddf697)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Jan 1 11:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9b8fae37421bd923eb777d24c5bd39766c77783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fe:74:cc:d7:a1:0c:52:65:df:af:83:cc:00:
8e:21:43:d8:84:ff:f2:83:1b:53:77:2b:cf:6c:ae:
ef:1b:67:01:b9:b8:fd:b0:8b:0b:dc:8d:2a:ab:f1:
47:9d:8d:4e:0b:7c:81:85:43:e3:09:a5:40:17:2e:
b3:ee:66:5a:eb:51:57:51:2e:c3:73:46:eb:d7:da:
57:c3:e3:2c:a5:55:7e:c6:27:2d:03:2a:2c:74:46:
7e:88:fa:da:ae:d3:21:0e:62:1a:3e:ae:f8:61:92:
1d:79:4d:2c:32:5e:59:96:91:d1:32:b0:0f:cd:20:
5b:43:58:26:4d:e7:c3:a1:1d:b0:30:8b:d7:24:d4:
17:78:8c:bb:6a:af:94:1c:f7:06:43:33:4b:0a:f7:
d4:f8:ec:52:d2:a5:e8:4d:f1:ef:ae:ab:65:ae:88:
70:a4:5b:f9:a4:1e:aa:9e:83:d9:30:10:27:0e:7b:
92:3f:d0:83:58:41:1b:08:40:96:48:c8:3a:15:5f:
ec:55:86:97:94:e9:16:c8:bd:f5:57:90:69:b3:2d:
fa:56:f9:97:bd:5c:8f:d1:8f:19:bf:2f:56:29:13:
e5:8e:0f:01:d9:62:4b:81:ec:37:a1:a7:82:48:de:
d8:f9:5b:60:bb:ac:1c:9a:f5:b4:bb:b0:38:9f:56:
5a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B8:FA:E3:74:21:BD:92:3E:B7:77:D2:4C:5B:D3:97:66:C7:77:83
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/ybj643QhvZI-t3fSTFvTl2bHd4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.112.0/21
95.130.56.0/21
109.72.192.0/20
109.238.176.0/20
176.67.64.0/20
185.11.176.0/22
185.246.4.0/22
Signature Algorithm: sha256WithRSAEncryption
39:58:a6:a7:6f:10:9a:33:f3:f7:45:de:6e:2b:b7:7e:da:b4:
56:a6:1f:bd:0e:cf:0a:86:8c:8b:e9:bb:89:90:68:85:ce:27:
a2:7d:07:2c:64:48:9c:24:d2:2d:10:59:d3:24:99:d0:36:b3:
65:38:fa:7a:c8:ed:d1:45:a3:b5:3c:51:d0:a1:15:44:5e:78:
58:9c:8c:48:27:5a:37:9b:fc:0e:7a:9e:ab:aa:47:2a:49:64:
4c:94:a4:86:57:57:d0:08:31:67:f5:50:fd:06:d5:4e:63:41:
fb:69:6f:e2:68:6d:63:8b:4b:cc:1b:ad:18:35:72:cc:e3:4b:
68:e0:f2:a7:ad:b3:1a:4b:3d:76:20:85:ed:ed:c5:72:7a:3d:
e3:4b:eb:4f:94:f5:7e:a5:ee:7f:39:a2:f5:d9:d1:54:9b:8d:
1e:2a:ef:a2:f8:15:2d:82:66:d6:03:6e:70:0f:24:95:bf:2f:
63:3f:02:30:75:ff:42:69:28:4d:a5:81:00:9d:95:2c:04:61:
b7:14:72:02:f1:c2:56:2b:c7:47:34:2f:c7:a1:83:52:bc:bf:
04:c7:4b:40:20:57:09:e3:40:4e:0f:e3:5a:75:e0:19:a2:d9:
8b:b6:99:ae:02:c2:f0:e7:fc:32:b4:c6:53:e9:e9:9e:90:49:
8e:88:dd:58
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEA932lzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGNhY2NlZWUzNWZmODdjZDY3OGVmNmE5MjI2MmNlZmNlODQ5MmRmMB4XDTIyMDEw
MTExNTcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzliOGZhZTM3NDIx
YmQ5MjNlYjc3N2QyNGM1YmQzOTc2NmM3Nzc4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANP+dMzXoQxSZd+vg8wAjiFD2IT/8oMbU3crz2yu7xtnAbm4
/bCLC9yNKqvxR52NTgt8gYVD4wmlQBcus+5mWutRV1Euw3NG69faV8PjLKVVfsYn
LQMqLHRGfoj62q7TIQ5iGj6u+GGSHXlNLDJeWZaR0TKwD80gW0NYJk3nw6EdsDCL
1yTUF3iMu2qvlBz3BkMzSwr31PjsUtKl6E3x766rZa6IcKRb+aQeqp6D2TAQJw57
kj/Qg1hBGwhAlkjIOhVf7FWGl5TpFsi99VeQabMt+lb5l71cj9GPGb8vVikT5Y4P
AdliS4HsN6Gngkje2PlbYLusHJr1tLuwOJ9WWo8CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTJuPrjdCG9kj63d9JMW9OXZsd3gzAfBgNVHSMEGDAWgBQkyszu41/4fNZ4
72qSJizvzoSS3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pNck03dU5mLUh6V2VPOXFraVlzNzg2RWt0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNjY3MGY5LTQxOGUtNDI3NS04MDAwLWEyOWViMTM5ZTc5ZC8x
L3liajY0M1FodlpJLXQzZlNURnZUbDJiSGQ0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NjY3MGY5LTQxOGUtNDI3NS04MDAwLWEyOWViMTM5ZTc5ZC8xL0pNck03dU5mLUh6
V2VPOXFraVlzNzg2RWt0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAwUXcAMEA1+COAMEBG1IwAMEBG3u
sAMEBLBDQAMEArkLsAMEArn2BDANBgkqhkiG9w0BAQsFAAOCAQEAOVimp28QmjPz
90Xebiu3ftq0VqYfvQ7PCoaMi+m7iZBohc4non0HLGRInCTSLRBZ0ySZ0DazZTj6
esjt0UWjtTxR0KEVRF54WJyMSCdaN5v8Dnqeq6pHKklkTJSkhldX0AgxZ/VQ/QbV
TmNB+2lv4mhtY4tLzButGDVyzONLaODyp62zGks9diCF7e3Fcno940vrT5T1fqXu
fzmi9dnRVJuNHirvovgVLYJm1gNucA8klb8vYz8CMHX/QmkoTaWBAJ2VLARhtxRy
AvHCVivHRzQvx6GDUry/BMdLQCBXCeNATg/jWnXgGaLZi7aZrgLC8Of8MrTGU+np
npBJjojdWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:32 2024 by rpki-client on console-fra.rpki-client.org