Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/Yp7D_UeBVrt5PpG1OHifeLZ6siQ.roa
File: Yp7D_UeBVrt5PpG1OHifeLZ6siQ.roa (raw, json)
Hash identifier: rZvpgmzWI/fYFfq0FToiYVEwNI+GTAW6aIubPAAcFrk=
Subject key identifier: 62:9E:C3:FD:47:81:56:BB:79:3E:91:B5:38:78:9F:78:B6:7A:B2:24
Certificate issuer: /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial: 01841628DA1C9881252AD077D8EE6E60B9B7
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/Yp7D_UeBVrt5PpG1OHifeLZ6siQ.roa
Signing time: Wed 26 Oct 2022 21:18:06 +0000
ROA not before: Wed 26 Oct 2022 21:18:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203210
IP address blocks: 91.196.49.0/24 maxlen: 24
91.196.48.0/22 maxlen: 22
91.196.50.0/24 maxlen: 24
91.196.48.0/24 maxlen: 24
91.196.51.0/24 maxlen: 24
77.87.74.0/24 maxlen: 24
77.87.73.0/24 maxlen: 24
195.22.124.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:16:28:da:1c:98:81:25:2a:d0:77:d8:ee:6e:60:b9:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Validity
Not Before: Oct 26 21:18:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=629ec3fd478156bb793e91b538789f78b67ab224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f2:00:99:11:40:8f:12:69:66:a0:7d:2d:24:
8b:aa:aa:ed:ca:49:8b:c4:02:08:f2:ef:da:38:fe:
4f:f0:e9:cd:4b:03:ce:d2:4c:9e:45:0f:f4:95:71:
aa:d7:1f:bc:90:21:6f:b9:34:7a:c7:93:33:fe:db:
68:6a:e6:d5:74:96:8b:ae:b9:e7:4f:e6:d9:ac:9b:
70:3e:f9:fd:21:f8:45:15:55:b3:aa:bb:43:fc:69:
e2:c6:3c:e1:80:6c:55:b6:26:54:52:24:99:34:e4:
92:07:24:06:38:b7:f7:9b:df:bc:aa:b5:30:d2:3f:
b1:ee:59:48:6d:61:91:6f:01:24:c7:a6:fb:0a:98:
57:08:d8:27:77:70:fb:bd:ef:9d:20:9a:1a:0d:43:
db:3c:29:9c:a5:39:39:0b:f4:91:79:cb:65:6e:31:
b4:c1:8d:23:ef:9f:4a:19:b7:48:f6:cc:c9:0e:16:
5b:b0:21:06:ef:7e:cb:bd:8e:36:28:c3:fb:d0:1c:
b1:87:5f:72:ae:17:97:da:f5:ad:a2:45:1c:20:53:
32:88:7b:50:d4:c9:bd:ac:4e:d1:09:cd:c1:cd:58:
46:8b:d9:1e:44:b1:93:68:4f:89:6b:d1:43:c2:1d:
60:dc:ea:60:a8:a9:1a:ac:62:e8:ba:c4:c7:aa:b8:
fb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9E:C3:FD:47:81:56:BB:79:3E:91:B5:38:78:9F:78:B6:7A:B2:24
X509v3 Authority Key Identifier:
keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/Yp7D_UeBVrt5PpG1OHifeLZ6siQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.73.0-77.87.74.255
91.196.48.0/22
195.22.124.0/23
Signature Algorithm: sha256WithRSAEncryption
30:6c:66:a7:1f:ee:3a:b6:02:78:f5:c9:ba:6b:31:14:a7:55:
aa:51:02:08:25:b2:b8:64:89:e7:70:4c:4d:23:f2:98:e9:38:
78:1d:c2:9f:cf:e2:c3:29:83:c0:3d:73:47:22:d9:e5:89:5f:
cb:21:61:60:84:67:8a:32:89:8a:6c:88:2c:8a:f1:5d:c1:9b:
2b:07:3e:8e:46:bf:1a:50:0f:5d:31:1c:c7:98:bd:a0:37:be:
15:44:02:74:ea:1e:ce:bb:68:bf:3a:b8:de:5e:95:48:3a:8d:
10:2d:18:d9:7e:af:62:79:b4:bc:8d:ba:c0:62:74:fe:e0:d9:
51:b1:ce:9a:5f:19:27:60:43:1b:ea:9b:ef:98:f4:76:de:19:
f2:bb:af:ac:fa:9e:97:55:1b:33:96:94:46:69:7d:05:4f:31:
fb:b4:e4:9a:2b:5a:aa:e6:d3:f4:de:58:11:12:60:1c:6c:7b:
33:7c:12:b9:53:21:fc:c9:36:69:39:93:c1:c0:a1:53:7d:18:
22:44:ce:90:8f:26:72:71:9a:7d:19:20:40:58:01:57:4d:64:
2a:35:99:c6:0d:38:6f:b4:cf:f8:89:37:74:24:a6:9d:4e:51:
34:90:6c:c3:03:e9:cd:c1:78:bc:29:48:08:bf:e5:92:3b:83:
41:41:dc:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQWKNocmIElKtB32O5uYLm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzE2OTBlZjU3YWZjZmZhZTczYmRiOTkzNDMwOWY4Yjcw
ZWJiNjEwHhcNMjIxMDI2MjExODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjllYzNmZDQ3ODE1NmJiNzkzZTkxYjUzODc4OWY3OGI2N2FiMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPIAmRFAjxJpZqB9LSSLqqrtykmL
xAII8u/aOP5P8OnNSwPO0kyeRQ/0lXGq1x+8kCFvuTR6x5Mz/ttoaubVdJaLrrnn
T+bZrJtwPvn9IfhFFVWzqrtD/GnixjzhgGxVtiZUUiSZNOSSByQGOLf3m9+8qrUw
0j+x7llIbWGRbwEkx6b7CphXCNgnd3D7ve+dIJoaDUPbPCmcpTk5C/SRectlbjG0
wY0j759KGbdI9szJDhZbsCEG737LvY42KMP70Byxh19yrheX2vWtokUcIFMyiHtQ
1Mm9rE7RCc3BzVhGi9keRLGTaE+Ja9FDwh1g3OpgqKkarGLousTHqrj78QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGKew/1HgVa7eT6RtTh4n3i2erIkMB8GA1UdIwQY
MBaAFHHBaQ71evz/rnO9uZNDCfi3DrthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYt
MDA2ZTliYjhlZDU5LzEvWXA3RF9VZUJWcnQ1UHBHMU9IaWZlTFo2c2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYtMDA2ZTliYjhlZDU5
LzEvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABNV0kD
BABNV0oDBAJbxDADBAHDFnwwDQYJKoZIhvcNAQELBQADggEBADBsZqcf7jq2Anj1
ybprMRSnVapRAgglsrhkiedwTE0j8pjpOHgdwp/P4sMpg8A9c0ci2eWJX8shYWCE
Z4oyiYpsiCyK8V3BmysHPo5GvxpQD10xHMeYvaA3vhVEAnTqHs67aL86uN5elUg6
jRAtGNl+r2J5tLyNusBidP7g2VGxzppfGSdgQxvqm++Y9HbeGfK7r6z6npdVGzOW
lEZpfQVPMfu05JorWqrm0/TeWBESYBxsezN8ErlTIfzJNmk5k8HAoVN9GCJEzpCP
JnJxmn0ZIEBYAVdNZCo1mcYNOG+0z/iJN3Qkpp1OUTSQbMMD6c3BeLwpSAi/5ZI7
g0FB3FI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:48 2024 by rpki-client on console-fra.rpki-client.org