Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/_YK717iO0gkHyDUjSfpsBCrOLgM.roa
File: _YK717iO0gkHyDUjSfpsBCrOLgM.roa (raw, json)
Hash identifier: 8I4Pi8zSwq6uI3n2SPSqplkekQ6WvyVX8GaPjg4JACs=
Subject key identifier: FD:82:BB:D7:B8:8E:D2:09:07:C8:35:23:49:FA:6C:04:2A:CE:2E:03
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 35EBF5B2
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/_YK717iO0gkHyDUjSfpsBCrOLgM.roa
Signing time: Sat 01 Jan 2022 03:02:11 +0000
ROA not before: Sat 01 Jan 2022 03:02:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24785
IP address blocks: 213.207.3.0/24 maxlen: 24
213.207.4.0/24 maxlen: 24
213.207.0.0/24 maxlen: 24
213.207.8.0/24 maxlen: 24
213.207.9.0/24 maxlen: 24
213.207.11.0/24 maxlen: 24
213.207.7.0/24 maxlen: 24
213.207.12.0/24 maxlen: 24
217.170.0.0/24 maxlen: 24
217.170.0.0/19 maxlen: 19
213.207.15.0/24 maxlen: 24
213.207.16.0/24 maxlen: 24
213.207.17.0/24 maxlen: 24
217.170.9.0/24 maxlen: 24
217.170.10.0/24 maxlen: 24
217.170.11.0/24 maxlen: 24
213.207.18.0/24 maxlen: 24
217.170.22.0/24 maxlen: 24
217.170.23.0/24 maxlen: 24
217.170.18.0/24 maxlen: 24
217.170.19.0/24 maxlen: 24
217.170.20.0/24 maxlen: 24
2a02:10:31::/48 maxlen: 48
2a02:10::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 904656306 (0x35ebf5b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 03:02:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd82bbd7b88ed20907c8352349fa6c042ace2e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:34:ba:e3:df:1b:dd:58:51:65:aa:0b:76:
fb:30:ca:29:4a:14:15:ce:c8:42:93:f4:7d:d4:c0:
ed:e9:24:37:4a:0b:69:cb:a0:5a:ac:7c:55:72:55:
b3:86:52:09:30:f3:64:1d:0b:e3:85:28:5c:0b:18:
67:c7:51:23:49:a9:a3:31:70:dd:e8:bb:72:f5:e0:
97:a1:35:30:48:4a:75:c2:c9:4f:ec:3c:8c:38:04:
54:85:f7:53:bc:7e:92:84:9d:4b:e3:f5:d0:13:46:
a7:83:0e:e7:07:92:4d:da:aa:a2:82:be:e0:d7:2a:
c4:f7:51:11:2e:41:ee:9a:d0:30:c4:7e:a5:26:5d:
3c:91:30:e2:4e:22:fa:2a:f1:7c:59:37:01:35:8c:
f7:dd:a4:a9:d9:69:75:00:c3:7a:f6:a6:e7:51:83:
a5:4b:8b:cd:9c:69:5f:f3:36:13:3e:b8:be:58:c3:
4f:a0:a8:0e:a4:4a:fd:d0:8b:4c:28:5e:6e:7a:14:
1d:c8:cf:66:19:ee:6f:98:af:65:67:b4:39:ab:01:
30:57:e4:89:aa:80:20:b0:84:0a:40:9c:d5:a7:b4:
a7:97:0f:3f:85:5b:69:81:16:31:18:73:41:3f:32:
c7:bf:b9:56:2d:47:74:df:aa:db:1d:30:34:7a:6b:
62:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:82:BB:D7:B8:8E:D2:09:07:C8:35:23:49:FA:6C:04:2A:CE:2E:03
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/_YK717iO0gkHyDUjSfpsBCrOLgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.207.0.0/24
213.207.3.0-213.207.4.255
213.207.7.0-213.207.9.255
213.207.11.0-213.207.12.255
213.207.15.0-213.207.18.255
217.170.0.0/19
IPv6:
2a02:10::/29
Signature Algorithm: sha256WithRSAEncryption
05:7f:60:08:7e:d7:1e:f2:74:c6:ec:f8:be:69:db:44:1f:72:
c4:52:9a:64:65:fa:df:0b:61:42:d8:c1:1a:08:b8:8f:d4:e0:
10:89:9c:9b:65:d8:6b:3d:46:ee:88:89:c4:00:cd:4c:20:39:
d2:07:f4:75:34:a9:f6:09:76:36:0f:4f:15:cd:92:6f:a0:ed:
e0:f7:91:4b:ae:2c:ee:33:c5:c6:7f:39:86:07:c8:8b:b2:7f:
fc:bf:73:12:3e:41:6b:e8:2e:39:da:90:e8:9b:5a:d1:2d:cf:
26:a6:a1:8e:c1:ff:40:5a:dc:19:ce:06:39:c0:2e:14:2d:8a:
d5:c6:95:b0:41:3b:4b:d2:62:4c:81:94:25:1c:e7:f3:27:ff:
ec:c7:03:4a:0f:df:52:f1:e2:a5:cd:da:be:38:b6:fa:47:a6:
71:3c:0b:ae:c8:7c:7e:c0:72:b5:76:57:48:47:1d:05:44:37:
f0:0e:d7:ca:32:0a:c2:13:57:48:7c:84:42:6a:f3:a5:89:4e:
71:76:76:26:8a:38:8c:56:6d:9f:4f:ce:ef:fd:c3:26:0c:53:
eb:2f:c8:d0:56:9a:86:49:58:60:a0:2d:22:89:79:f7:25:c0:
b7:79:32:e5:2c:68:f9:4d:7d:10:36:44:04:27:c1:a3:c7:07:
51:81:75:60
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIENev1sjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDFmZTMwZmM2YjRiMGQwZjZkYjRlMWJmYmJkNTAxOTVkY2E1NzVjMB4XDTIyMDEw
MTAzMDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ4MmJiZDdiODhl
ZDIwOTA3YzgzNTIzNDlmYTZjMDQyYWNlMmUwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL92NLrj3xvdWFFlqgt2+zDKKUoUFc7IQpP0fdTA7ekkN0oL
acugWqx8VXJVs4ZSCTDzZB0L44UoXAsYZ8dRI0mpozFw3ei7cvXgl6E1MEhKdcLJ
T+w8jDgEVIX3U7x+koSdS+P10BNGp4MO5weSTdqqooK+4NcqxPdRES5B7prQMMR+
pSZdPJEw4k4i+irxfFk3ATWM992kqdlpdQDDevam51GDpUuLzZxpX/M2Ez64vljD
T6CoDqRK/dCLTChebnoUHcjPZhnub5ivZWe0OasBMFfkiaqAILCECkCc1ae0p5cP
P4VbaYEWMRhzQT8yx7+5Vi1HdN+q2x0wNHprYhECAwEAAaOCAlYwggJSMB0GA1Ud
DgQWBBT9grvXuI7SCQfINSNJ+mwEKs4uAzAfBgNVHSMEGDAWgBQgH+MPxrSw0Pbb
Thv7vVAZXcpXXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lCX2pEOGEwc05EMjIwNGItNzFRR1YzS1Yxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8x
L19ZSzcxN2lPMGdrSHlEVWpTZnBzQkNyT0xnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
OGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8xL0lCX2pEOGEwc05E
MjIwNGItNzFRR1YzS1Yxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBs
BggrBgEFBQcBBwEB/wRdMFswSgQCAAEwRAMEANXPADAMAwQA1c8DAwQA1c8EMAwD
BADVzwcDBAHVzwgwDAMEANXPCwMEANXPDDAMAwQA1c8PAwQA1c8SAwQF2aoAMA0E
AgACMAcDBQMqAgAQMA0GCSqGSIb3DQEBCwUAA4IBAQAFf2AIftce8nTG7Pi+adtE
H3LEUppkZfrfC2FC2MEaCLiP1OAQiZybZdhrPUbuiInEAM1MIDnSB/R1NKn2CXY2
D08VzZJvoO3g95FLrizuM8XGfzmGB8iLsn/8v3MSPkFr6C452pDom1rRLc8mpqGO
wf9AWtwZzgY5wC4ULYrVxpWwQTtL0mJMgZQlHOfzJ//sxwNKD99S8eKlzdq+OLb6
R6ZxPAuuyHx+wHK1dldIRx0FRDfwDtfKMgrCE1dIfIRCavOliU5xdnYmijiMVm2f
T87v/cMmDFPrL8jQVpqGSVhgoC0iiXn3JcC3eTLlLGj5TX0QNkQEJ8GjxwdRgXVg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:54 2023 by rpki-client on console-ams.rpki-client.org