Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/YaXfH_sU3mTGk2Gre_Mk7eLSGhE.roa
File: YaXfH_sU3mTGk2Gre_Mk7eLSGhE.roa (raw, json)
Hash identifier: mp50rEpxm7yrZhL7WvdQ6aCnVtnC3Zom6vbHjvdXhh0=
Subject key identifier: 61:A5:DF:1F:FB:14:DE:64:C6:93:61:AB:7B:F3:24:ED:E2:D2:1A:11
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01840A18041A339FC2F79B0339826C2C1FF9
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/YaXfH_sU3mTGk2Gre_Mk7eLSGhE.roa
Signing time: Mon 24 Oct 2022 13:04:16 +0000
ROA not before: Mon 24 Oct 2022 13:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.4.0/24 maxlen: 24
212.80.20.0/23 maxlen: 23
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:18:04:1a:33:9f:c2:f7:9b:03:39:82:6c:2c:1f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 24 13:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61a5df1ffb14de64c69361ab7bf324ede2d21a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1c:76:f4:92:b7:d5:f4:a3:31:6e:9c:8b:1a:
87:7f:42:e6:f4:97:b9:eb:35:e6:fc:86:39:9c:22:
ca:84:ab:b5:c7:82:0d:99:08:51:8d:e1:0a:09:4d:
a2:f0:7c:55:2a:55:7a:58:52:75:06:c8:c1:3d:e2:
3a:1b:22:a8:15:19:4a:c1:18:4b:90:47:20:dd:50:
c2:03:c2:4d:05:a3:86:3b:86:ec:18:1e:94:ba:82:
9d:26:45:1a:d7:39:54:d9:29:58:22:71:4e:cb:66:
4e:ef:66:df:a8:d1:36:bf:9e:0b:03:a5:60:02:65:
7b:b2:91:74:31:63:96:d7:d7:0c:91:86:61:0d:d7:
6f:ac:d8:e0:bf:a1:47:25:91:c6:f8:c5:57:a3:8f:
ab:13:e9:07:98:e4:65:6b:86:fa:1c:2e:cb:aa:d0:
3d:67:5c:2a:a6:cd:79:d3:9f:3e:90:23:17:7f:47:
fa:58:f4:19:8a:d3:18:f0:e9:c1:bd:b7:16:29:2a:
86:01:4a:26:ed:58:c2:65:c2:d3:8b:35:a5:5d:bb:
6b:d7:9a:33:28:7f:82:3c:68:d1:cf:03:8c:73:c7:
88:5e:af:ab:ca:ed:ab:ac:2e:46:bb:90:51:aa:74:
04:7a:4e:0f:79:03:cb:ef:cd:93:39:fd:72:92:9b:
67:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A5:DF:1F:FB:14:DE:64:C6:93:61:AB:7B:F3:24:ED:E2:D2:1A:11
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/YaXfH_sU3mTGk2Gre_Mk7eLSGhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.150.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
23:6a:cd:a4:99:3a:d4:71:6f:2e:28:51:f6:d2:fd:56:66:79:
80:bc:af:4b:22:70:8b:08:ab:3d:cd:dc:7c:f7:14:5f:44:e4:
1a:3d:1f:d0:88:c6:bc:c9:aa:86:25:ce:7a:de:dd:70:ff:09:
16:48:f0:dc:65:1a:08:da:33:21:a4:24:be:e9:5a:35:e2:84:
58:a5:de:93:39:a9:ba:29:37:83:ab:54:8f:06:0e:f4:71:0e:
e5:e7:51:5f:f3:4d:5d:11:d1:2b:6f:84:a9:c1:a9:e4:68:ca:
0d:5e:8d:9c:e2:43:41:a1:62:db:6d:8b:20:39:6b:79:b6:82:
fe:1f:32:96:eb:c4:18:18:f3:84:de:c4:fe:0e:86:96:a2:2c:
5e:70:a5:27:25:e0:4e:f4:84:f9:07:c1:10:64:1d:42:ae:67:
03:f9:66:28:e7:67:cb:e1:0c:b1:c8:af:20:b6:20:d8:b4:d9:
ab:4d:de:34:32:82:43:12:2c:4e:fd:c0:fa:7a:fe:96:33:cc:
a0:be:38:ad:58:a7:ff:d6:40:5e:02:36:f3:fb:83:f2:e0:07:
84:5d:73:30:a3:e1:07:97:56:65:e8:da:57:24:e7:20:00:78:
b1:63:eb:b1:40:50:a4:28:be:f7:ad:3a:80:2c:39:d1:03:2a:
29:44:16:82
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYQKGAQaM5/C95sDOYJsLB/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIxMDI0MTMwNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE1ZGYxZmZiMTRkZTY0YzY5MzYxYWI3YmYzMjRlZGUyZDIxYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphx29JK31fSjMW6cixqHf0Lm9Je5
6zXm/IY5nCLKhKu1x4INmQhRjeEKCU2i8HxVKlV6WFJ1BsjBPeI6GyKoFRlKwRhL
kEcg3VDCA8JNBaOGO4bsGB6UuoKdJkUa1zlU2SlYInFOy2ZO72bfqNE2v54LA6Vg
AmV7spF0MWOW19cMkYZhDddvrNjgv6FHJZHG+MVXo4+rE+kHmORla4b6HC7LqtA9
Z1wqps15058+kCMXf0f6WPQZitMY8OnBvbcWKSqGAUom7VjCZcLTizWlXbtr15oz
KH+CPGjRzwOMc8eIXq+ryu2rrC5Gu5BRqnQEek4PeQPL782TOf1ykptnYQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGGl3x/7FN5kxpNhq3vzJO3i0hoRMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvWWFYZkhfc1UzbVRHazJHcmVfTWs3ZUxTR2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALiaBAwQA
LiaDAwQALiaMAwQALiaWAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2AMA0GCSqG
SIb3DQEBCwUAA4IBAQAjas2kmTrUcW8uKFH20v1WZnmAvK9LInCLCKs9zdx89xRf
ROQaPR/QiMa8yaqGJc563t1w/wkWSPDcZRoI2jMhpCS+6Vo14oRYpd6TOam6KTeD
q1SPBg70cQ7l51Ff801dEdErb4SpwankaMoNXo2c4kNBoWLbbYsgOWt5toL+HzKW
68QYGPOE3sT+DoaWoixecKUnJeBO9IT5B8EQZB1CrmcD+WYo52fL4QyxyK8gtiDY
tNmrTd40MoJDEixO/cD6ev6WM8ygvjitWKf/1kBeAjbz+4Py4AeEXXMwo+EHl1Zl
6NpXJOcgAHixY+uxQFCkKL73rTqALDnRAyopRBaC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:58 2023 by rpki-client on console-fra.rpki-client.org