Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/YvNhrbITEQZRTYnoTEwJmbLhnec.roa
File: YvNhrbITEQZRTYnoTEwJmbLhnec.roa (raw, json)
Hash identifier: F46SPfAm7Xwon32Vk5Zjucq9PUItBn/1jJC38Z9f5fI=
Subject key identifier: 62:F3:61:AD:B2:13:11:06:51:4D:89:E8:4C:4C:09:99:B2:E1:9D:E7
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 0181EC3BFD5D6B9C20B27BA70CF63F66D5A1
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/YvNhrbITEQZRTYnoTEwJmbLhnec.roa
Signing time: Mon 11 Jul 2022 07:49:23 +0000
ROA not before: Mon 11 Jul 2022 07:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204873
IP address blocks: 46.238.240.0/21 maxlen: 21
185.174.152.0/23 maxlen: 24
94.101.16.0/20 maxlen: 21
89.191.152.0/23 maxlen: 23
46.238.236.0/22 maxlen: 22
2001:90f::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ec:3b:fd:5d:6b:9c:20:b2:7b:a7:0c:f6:3f:66:d5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jul 11 07:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62f361adb2131106514d89e84c4c0999b2e19de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:c2:a1:69:12:f8:a5:0a:8f:49:37:96:8b:
6a:4b:eb:fb:de:bf:2e:d6:20:17:67:fd:ec:84:ea:
44:0c:34:96:43:11:e1:b1:c8:86:a0:e3:37:aa:4a:
dc:30:3b:1d:86:0b:bd:20:97:86:10:57:85:b7:e0:
ea:03:bc:0a:49:67:45:bd:2c:bd:4b:3d:e1:62:4a:
a2:06:88:08:57:3f:8c:a5:ae:95:02:23:2b:36:46:
15:5d:96:7d:65:7d:17:03:0b:4a:6d:e5:e7:82:d0:
09:b6:dc:e2:a1:71:39:fc:b4:0d:37:a3:db:03:7b:
45:dc:4c:80:66:10:a3:6d:09:4a:04:07:37:29:4a:
76:e2:fc:99:f4:a6:79:2a:76:59:0a:1f:f0:f0:4f:
cc:62:af:0c:35:cf:a7:3c:34:21:86:45:ec:8a:b2:
33:94:db:a3:60:a4:eb:77:a7:ad:5a:db:3f:db:81:
00:0a:f2:2a:5a:a1:92:2c:64:2b:93:6e:b2:32:62:
90:2b:cf:dd:01:64:48:99:eb:f9:7a:dd:ba:85:af:
38:63:a2:e2:75:8e:e7:81:5d:be:9f:87:33:98:1f:
9d:f7:b6:e6:af:15:2c:b7:0a:54:1b:71:98:86:d9:
08:6a:73:53:ee:34:53:cc:90:20:3c:6a:1d:a3:07:
43:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F3:61:AD:B2:13:11:06:51:4D:89:E8:4C:4C:09:99:B2:E1:9D:E7
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/YvNhrbITEQZRTYnoTEwJmbLhnec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.236.0-46.238.247.255
89.191.152.0/23
94.101.16.0/20
185.174.152.0/23
IPv6:
2001:90f::/32
Signature Algorithm: sha256WithRSAEncryption
4e:f9:02:d9:c5:6f:6e:c5:6c:47:fe:a9:8e:32:8e:39:2b:10:
f5:9e:c1:a6:59:15:4d:ca:97:bb:2c:63:86:e8:82:de:37:0c:
1c:c7:30:0e:30:70:a0:45:68:c7:bd:3b:56:11:e8:07:4f:ed:
46:e9:ec:48:fa:0a:e3:8a:d2:6d:6f:93:c8:09:86:27:98:75:
04:e2:f3:ea:02:b9:8d:0d:d6:39:20:c4:7b:82:82:ac:94:b7:
1a:d5:3f:64:35:13:87:3a:2b:48:ce:3f:59:2c:fd:79:99:55:
59:44:89:fb:bd:cd:91:31:f2:ef:5b:bb:bd:ec:07:74:53:2d:
29:a0:e0:1c:7d:00:a7:f6:d2:38:95:6d:fe:30:cf:76:77:ab:
64:c4:4a:56:52:e1:f4:a6:43:18:85:c0:24:8a:9e:a4:9b:24:
58:d3:8d:60:ee:cc:dd:20:bd:a5:40:2e:d4:cf:61:19:1d:1a:
d8:b9:5b:cc:94:a9:9b:4b:db:58:92:83:e7:58:c9:65:f8:84:
fe:8c:f4:11:20:85:a7:ec:5f:fa:52:94:45:aa:94:2d:25:b6:
7c:a9:1d:fb:a3:82:21:0a:e5:15:6c:6e:bb:9a:12:26:bb:ab:
0e:91:89:ab:86:7e:8a:ec:45:65:09:16:5a:c8:00:d5:9d:a5:
c8:85:f2:b0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYHsO/1da5wgsnunDPY/ZtWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjIwNzExMDc0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYzNjFhZGIyMTMxMTA2NTE0ZDg5ZTg0YzRjMDk5OWIyZTE5ZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH3CoWkS+KUKj0k3lotqS+v73r8u
1iAXZ/3shOpEDDSWQxHhsciGoOM3qkrcMDsdhgu9IJeGEFeFt+DqA7wKSWdFvSy9
Sz3hYkqiBogIVz+Mpa6VAiMrNkYVXZZ9ZX0XAwtKbeXngtAJttzioXE5/LQNN6Pb
A3tF3EyAZhCjbQlKBAc3KUp24vyZ9KZ5KnZZCh/w8E/MYq8MNc+nPDQhhkXsirIz
lNujYKTrd6etWts/24EACvIqWqGSLGQrk26yMmKQK8/dAWRImev5et26ha84Y6Li
dY7ngV2+n4czmB+d97bmrxUstwpUG3GYhtkIanNT7jRTzJAgPGodowdD4wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGLzYa2yExEGUU2J6ExMCZmy4Z3nMB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvWXZOaHJiSVRFUVpSVFlub1RFd0ptYkxobmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAIu7uwD
BAMu7vADBAFZv5gDBAReZRADBAG5rpgwDQQCAAIwBwMFACABCQ8wDQYJKoZIhvcN
AQELBQADggEBAE75AtnFb27FbEf+qY4yjjkrEPWewaZZFU3Kl7ssY4bogt43DBzH
MA4wcKBFaMe9O1YR6AdP7Ubp7Ej6CuOK0m1vk8gJhieYdQTi8+oCuY0N1jkgxHuC
gqyUtxrVP2Q1E4c6K0jOP1ks/XmZVVlEifu9zZEx8u9bu73sB3RTLSmg4Bx9AKf2
0jiVbf4wz3Z3q2TESlZS4fSmQxiFwCSKnqSbJFjTjWDuzN0gvaVALtTPYRkdGti5
W8yUqZtL21iSg+dYyWX4hP6M9BEghafsX/pSlEWqlC0ltnypHfujgiEK5RVsbrua
Eia7qw6RiauGforsRWUJFlrIANWdpciF8rA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-fra.rpki-client.org