Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/ypccyLduuL1V1WjZVO9jzGFvojs.roa
File: ypccyLduuL1V1WjZVO9jzGFvojs.roa (raw, json)
Hash identifier: BM/cAkGBb6qNOjC2cdNZ9ZPSo03LDXce4On2It8lOGE=
Subject key identifier: CA:97:1C:C8:B7:6E:B8:BD:55:D5:68:D9:54:EF:63:CC:61:6F:A2:3B
Certificate issuer: /CN=51f866f32b47c69d478ad95354e257e51a236a57
Certificate serial: 44A7F029
Authority key identifier: 51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/ypccyLduuL1V1WjZVO9jzGFvojs.roa
Signing time: Sat 01 Jan 2022 11:57:20 +0000
ROA not before: Sat 01 Jan 2022 11:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197530
IP address blocks: 193.138.118.0/24 maxlen: 24
46.21.208.0/20 maxlen: 20
94.232.152.0/21 maxlen: 21
158.255.88.0/21 maxlen: 21
2a02:2928::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1151856681 (0x44a7f029)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f866f32b47c69d478ad95354e257e51a236a57
Validity
Not Before: Jan 1 11:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca971cc8b76eb8bd55d568d954ef63cc616fa23b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1c:83:61:dd:39:53:99:2d:b1:a2:a9:65:4c:
01:33:99:34:a2:1f:cf:fd:96:da:f2:ec:ac:1e:b8:
59:84:a2:43:6e:54:ac:b5:e4:50:b4:a7:7f:9a:10:
06:d7:d9:67:e4:37:0b:b0:d1:36:ef:18:4f:3a:55:
be:5d:6d:09:6f:82:2d:68:b1:cc:dc:24:3e:15:42:
99:50:4f:36:b1:89:2d:d5:e1:47:14:ce:1c:aa:03:
85:8f:41:31:24:fe:4b:75:6e:68:05:e9:41:68:49:
00:53:35:4c:cc:04:54:d3:a4:78:da:ab:33:5e:85:
75:87:4b:c9:98:02:86:bc:d6:6a:ce:fd:00:64:65:
87:60:7a:66:8b:b3:c3:4c:0a:08:d4:a0:57:0d:af:
90:4f:48:81:b3:18:8c:ad:d4:85:bd:6a:24:23:8a:
14:92:b4:60:4e:fa:b3:e0:8f:d6:95:fb:e3:b0:07:
8b:90:5a:ac:90:99:68:ef:e7:98:92:8d:c6:a8:23:
fe:31:5f:8f:c7:9f:29:7d:29:b7:0d:81:e8:61:0d:
d3:35:90:03:0d:29:f5:f8:57:37:d6:6d:36:39:7d:
df:07:7f:c4:46:31:3d:37:35:44:60:11:e9:a2:d7:
d5:3d:2c:fb:4b:d3:19:a2:88:02:20:d6:fd:cd:a2:
84:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:97:1C:C8:B7:6E:B8:BD:55:D5:68:D9:54:EF:63:CC:61:6F:A2:3B
X509v3 Authority Key Identifier:
keyid:51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/ypccyLduuL1V1WjZVO9jzGFvojs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Ufhm8ytHxp1HitlTVOJX5Rojalc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.208.0/20
94.232.152.0/21
158.255.88.0/21
193.138.118.0/24
IPv6:
2a02:2928::/32
Signature Algorithm: sha256WithRSAEncryption
56:87:d3:ed:bf:25:90:c3:55:85:4f:13:35:24:a0:a2:1a:70:
3b:ff:6f:f9:c2:69:f6:f7:d5:ee:84:97:a8:77:4a:30:72:c1:
49:33:23:49:53:41:a5:c4:1c:4c:37:04:d8:3e:87:e3:c2:19:
7f:89:76:2a:15:bf:a6:d9:bd:20:80:61:e8:c7:79:c5:19:e5:
8a:b9:6f:78:47:fe:55:a0:0d:98:bc:ca:d8:3d:2b:f0:aa:21:
af:ed:31:aa:30:46:ce:70:53:9e:29:d6:45:c1:ca:f0:3c:10:
9d:0d:6e:55:1d:aa:bc:d2:da:a2:fb:88:6e:02:f1:bd:ae:99:
55:01:2a:3a:9e:c1:3a:8e:62:7e:be:3e:16:d2:d6:fb:e7:45:
3f:87:eb:11:88:fd:6c:4e:cc:25:53:56:24:4e:ab:be:24:9f:
0f:04:16:d5:35:f5:69:31:80:32:70:e0:58:f7:bf:61:84:96:
d0:e4:d4:ea:4a:9b:08:e1:a5:26:17:03:7e:07:40:cc:43:29:
42:1e:77:62:d5:fe:f2:24:2a:41:18:4e:a2:4a:6c:44:5f:15:
f6:26:b0:ff:58:bf:b1:fc:61:f8:ba:1c:5b:56:d3:56:18:ff:
43:e3:41:54:8f:3d:d4:42:9c:5d:1d:9b:17:e9:6a:6d:cd:54:
c6:48:02:41
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIERKfwKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWY4NjZmMzJiNDdjNjlkNDc4YWQ5NTM1NGUyNTdlNTFhMjM2YTU3MB4XDTIyMDEw
MTExNTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E5NzFjYzhiNzZl
YjhiZDU1ZDU2OGQ5NTRlZjYzY2M2MTZmYTIzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUcg2HdOVOZLbGiqWVMATOZNKIfz/2W2vLsrB64WYSiQ25U
rLXkULSnf5oQBtfZZ+Q3C7DRNu8YTzpVvl1tCW+CLWixzNwkPhVCmVBPNrGJLdXh
RxTOHKoDhY9BMST+S3VuaAXpQWhJAFM1TMwEVNOkeNqrM16FdYdLyZgChrzWas79
AGRlh2B6Zouzw0wKCNSgVw2vkE9IgbMYjK3Uhb1qJCOKFJK0YE76s+CP1pX747AH
i5BarJCZaO/nmJKNxqgj/jFfj8efKX0ptw2B6GEN0zWQAw0p9fhXN9ZtNjl93wd/
xEYxPTc1RGAR6aLX1T0s+0vTGaKIAiDW/c2ihE0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTKlxzIt264vVXVaNlU72PMYW+iOzAfBgNVHSMEGDAWgBRR+GbzK0fGnUeK
2VNU4lflGiNqVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VmaG04eXRIeHAxSGl0bFRWT0pYNVJvamFsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8x
L3lwY2N5TGR1dUwxVjFXalpWTzlqekdGdm9qcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8xL1VmaG04eXRIeHAx
SGl0bFRWT0pYNVJvamFsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBC4V0AMEA17omAMEA57/WAMEAMGK
djANBAIAAjAHAwUAKgIpKDANBgkqhkiG9w0BAQsFAAOCAQEAVofT7b8lkMNVhU8T
NSSgohpwO/9v+cJp9vfV7oSXqHdKMHLBSTMjSVNBpcQcTDcE2D6H48IZf4l2KhW/
ptm9IIBh6Md5xRnlirlveEf+VaANmLzK2D0r8Kohr+0xqjBGznBTninWRcHK8DwQ
nQ1uVR2qvNLaovuIbgLxva6ZVQEqOp7BOo5ifr4+FtLW++dFP4frEYj9bE7MJVNW
JE6rviSfDwQW1TX1aTGAMnDgWPe/YYSW0OTU6kqbCOGlJhcDfgdAzEMpQh53YtX+
8iQqQRhOokpsRF8V9iaw/1i/sfxh+LocW1bTVhj/Q+NBVI891EKcXR2bF+lqbc1U
xkgCQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:26 2024 by rpki-client on console-fra.rpki-client.org