Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/YE-4U0nR26I4Qit85_EzrgEFDj0.roa
File: YE-4U0nR26I4Qit85_EzrgEFDj0.roa (raw, json)
Hash identifier: kIgD4hjZfNLCUdlpQ1b6PO6X1ansIBrDXMpfgOjscoM=
Subject key identifier: 60:4F:B8:53:49:D1:DB:A2:38:42:2B:7C:E7:F1:33:AE:01:05:0E:3D
Certificate issuer: /CN=ede0294d1305bebaf6894642bfd92fd439825102
Certificate serial: 07CE9A00
Authority key identifier: ED:E0:29:4D:13:05:BE:BA:F6:89:46:42:BF:D9:2F:D4:39:82:51:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7eApTRMFvrr2iUZCv9kv1DmCUQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/YE-4U0nR26I4Qit85_EzrgEFDj0.roa
Signing time: Sat 01 Jan 2022 07:01:10 +0000
ROA not before: Sat 01 Jan 2022 07:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48953
IP address blocks: 185.24.125.0/24 maxlen: 24
185.24.124.0/24 maxlen: 24
185.24.126.0/24 maxlen: 24
185.24.127.0/24 maxlen: 24
46.252.106.0/24 maxlen: 24
46.252.107.0/24 maxlen: 24
46.252.110.0/24 maxlen: 24
46.252.108.0/24 maxlen: 24
46.252.109.0/24 maxlen: 24
46.252.111.0/24 maxlen: 24
185.205.94.0/24 maxlen: 24
185.205.92.0/22 maxlen: 24
46.252.96.0/24 maxlen: 24
46.252.97.0/24 maxlen: 24
46.252.98.0/24 maxlen: 24
46.252.103.0/24 maxlen: 24
46.252.104.0/24 maxlen: 24
46.252.101.0/24 maxlen: 24
46.252.102.0/24 maxlen: 24
46.252.105.0/24 maxlen: 24
46.252.99.0/24 maxlen: 24
46.252.100.0/24 maxlen: 24
46.30.176.0/24 maxlen: 24
46.30.178.0/24 maxlen: 24
46.30.179.0/24 maxlen: 24
46.30.177.0/24 maxlen: 24
46.30.182.0/24 maxlen: 24
46.30.183.0/24 maxlen: 24
46.30.180.0/24 maxlen: 24
46.30.181.0/24 maxlen: 24
2a00:66e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130980352 (0x7ce9a00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ede0294d1305bebaf6894642bfd92fd439825102
Validity
Not Before: Jan 1 07:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=604fb85349d1dba238422b7ce7f133ae01050e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f6:de:0b:7d:1b:27:07:c8:9a:c7:b3:fc:72:
32:67:d3:18:0c:d9:6d:30:4a:a2:fb:72:85:32:2b:
bc:fb:9c:01:d1:38:7f:7c:6e:54:81:14:87:79:86:
64:b8:de:b9:30:1f:b6:ad:7a:e2:d6:64:af:5e:6a:
5e:a4:46:b8:48:b8:67:83:27:a1:a9:de:ce:67:5d:
82:eb:a3:da:6b:0e:62:b0:6b:1e:91:ed:e0:a3:19:
a3:db:b4:0e:e4:8d:1b:24:c2:13:be:e6:c5:ce:f4:
56:8c:8c:b0:97:51:f1:c4:e6:c5:25:81:14:cd:3f:
97:3d:ac:e7:e8:ef:5c:8a:09:31:a1:32:d1:56:8f:
9a:8f:d1:03:4a:12:ae:8a:5c:e1:48:99:db:f9:c1:
ac:60:2e:46:e5:d7:36:33:9f:67:2e:26:b5:9f:21:
99:a3:e2:2c:d3:e3:06:e9:a2:82:9a:d0:78:4a:d1:
29:32:2a:c5:6f:59:c9:f9:58:27:2e:43:11:87:63:
4d:bb:55:9d:74:13:94:9d:19:2b:47:23:03:1a:82:
04:e7:58:1f:8e:f4:87:1f:43:7a:a2:3c:09:44:65:
78:94:e5:87:b1:16:a6:a5:23:97:bf:01:6f:16:37:
0f:59:4f:a0:e3:77:e6:a9:ea:c2:f2:b0:48:50:b3:
aa:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:4F:B8:53:49:D1:DB:A2:38:42:2B:7C:E7:F1:33:AE:01:05:0E:3D
X509v3 Authority Key Identifier:
keyid:ED:E0:29:4D:13:05:BE:BA:F6:89:46:42:BF:D9:2F:D4:39:82:51:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7eApTRMFvrr2iUZCv9kv1DmCUQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/YE-4U0nR26I4Qit85_EzrgEFDj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/7eApTRMFvrr2iUZCv9kv1DmCUQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.176.0/21
46.252.96.0/20
185.24.124.0/22
185.205.92.0/22
IPv6:
2a00:66e0::/32
Signature Algorithm: sha256WithRSAEncryption
3d:84:60:39:4b:c7:59:35:67:88:b8:fe:ba:7d:ae:83:1a:3b:
01:28:d4:6f:e1:c2:8a:6e:6a:9f:dd:e7:a1:bf:78:12:b7:a6:
c2:2d:76:5d:51:64:66:7d:bc:4c:dc:47:aa:d3:7c:c1:33:d8:
91:5f:be:d7:2c:51:9b:b1:1c:02:c9:e3:35:34:49:f7:de:52:
a5:53:9e:6f:30:6a:ec:14:e6:5d:ef:67:33:93:12:e1:fd:da:
31:9b:11:87:d8:d3:a9:07:60:08:cb:d0:b5:92:c4:12:a8:ef:
0b:60:40:b1:f1:eb:a4:ed:be:18:9d:60:ab:64:2b:67:26:37:
2a:2f:bf:0b:60:b0:0b:5f:59:4e:97:7c:eb:92:5e:4d:dd:ee:
c0:76:5a:d2:53:6f:86:73:5a:31:8a:f7:ed:32:e8:2a:16:3d:
28:3a:0b:2c:1f:dd:d7:ec:c4:2a:27:b4:2b:b7:52:5e:bf:48:
24:bf:16:b4:b4:3e:5d:f4:1e:2b:82:b1:0b:42:14:0d:f2:b9:
a7:69:f5:40:bf:93:41:fa:27:ce:8b:39:59:04:c9:60:08:b3:
63:fc:cc:2b:5b:0c:37:21:4a:94:1f:73:0a:e5:37:88:8e:9d:
e9:81:08:88:1c:15:ae:f1:ec:5e:61:8f:54:2b:55:70:1c:ca:
98:9a:03:8e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEB86aADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZGUwMjk0ZDEzMDViZWJhZjY4OTQ2NDJiZmQ5MmZkNDM5ODI1MTAyMB4XDTIyMDEw
MTA3MDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA0ZmI4NTM0OWQx
ZGJhMjM4NDIyYjdjZTdmMTMzYWUwMTA1MGUzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJr23gt9GycHyJrHs/xyMmfTGAzZbTBKovtyhTIrvPucAdE4
f3xuVIEUh3mGZLjeuTAftq164tZkr15qXqRGuEi4Z4Mnoanezmddguuj2msOYrBr
HpHt4KMZo9u0DuSNGyTCE77mxc70VoyMsJdR8cTmxSWBFM0/lz2s5+jvXIoJMaEy
0VaPmo/RA0oSropc4UiZ2/nBrGAuRuXXNjOfZy4mtZ8hmaPiLNPjBumigprQeErR
KTIqxW9ZyflYJy5DEYdjTbtVnXQTlJ0ZK0cjAxqCBOdYH470hx9DeqI8CURleJTl
h7EWpqUjl78BbxY3D1lPoON35qnqwvKwSFCzqusCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRgT7hTSdHbojhCK3zn8TOuAQUOPTAfBgNVHSMEGDAWgBTt4ClNEwW+uvaJ
RkK/2S/UOYJRAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdlQXBUUk1GdnJyMmlVWkN2OWt2MURtQ1VRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvNjYxNmFjLTg3Y2QtNGVkZi1iMTA3LTA0NmEzYTlhYWNiOS8x
L1lFLTRVMG5SMjZJNFFpdDg1X0V6cmdFRkRqMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
NjYxNmFjLTg3Y2QtNGVkZi1iMTA3LTA0NmEzYTlhYWNiOS8xLzdlQXBUUk1GdnJy
MmlVWkN2OWt2MURtQ1VRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAy4esAMEBC78YAMEArkYfAMEArnN
XDANBAIAAjAHAwUAKgBm4DANBgkqhkiG9w0BAQsFAAOCAQEAPYRgOUvHWTVniLj+
un2ugxo7ASjUb+HCim5qn93nob94Eremwi12XVFkZn28TNxHqtN8wTPYkV++1yxR
m7EcAsnjNTRJ995SpVOebzBq7BTmXe9nM5MS4f3aMZsRh9jTqQdgCMvQtZLEEqjv
C2BAsfHrpO2+GJ1gq2QrZyY3Ki+/C2CwC19ZTpd865JeTd3uwHZa0lNvhnNaMYr3
7TLoKhY9KDoLLB/d1+zEKie0K7dSXr9IJL8WtLQ+XfQeK4KxC0IUDfK5p2n1QL+T
Qfonzos5WQTJYAizY/zMK1sMNyFKlB9zCuU3iI6d6YEIiBwVrvHsXmGPVCtVcBzK
mJoDjg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:25 2023 by rpki-client on console-ams.rpki-client.org