Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/yMc3C3lqd43KcUdlIV9K__oeXk8.roa
File: yMc3C3lqd43KcUdlIV9K__oeXk8.roa (raw, json)
Hash identifier: kQ3QPZdOQIqB/8pZQIgV5n26YaOaKzSKljoFLRZDC58=
Subject key identifier: C8:C7:37:0B:79:6A:77:8D:CA:71:47:65:21:5F:4A:FF:FA:1E:5E:4F
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 3AC52402
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/yMc3C3lqd43KcUdlIV9K__oeXk8.roa
Signing time: Wed 29 Jun 2022 06:36:02 +0000
ROA not before: Wed 29 Jun 2022 06:36:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.73.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.20.0/23 maxlen: 23
185.24.148.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 985998338 (0x3ac52402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 29 06:36:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8c7370b796a778dca714765215f4afffa1e5e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:da:e9:9d:b9:44:b6:2d:d2:12:e8:6b:01:5b:
6e:b9:97:0f:96:c6:0a:db:22:dd:1d:a1:f2:20:0c:
1b:a9:55:b9:be:17:22:41:01:1e:55:36:c8:6a:3c:
a5:05:9b:5a:11:45:4f:19:94:14:32:2b:e0:f6:7c:
ea:13:cd:68:69:33:ad:2e:77:b1:b4:9b:bb:07:0f:
4f:76:67:a2:d0:f2:94:1f:e7:25:ae:07:a6:7d:64:
76:22:38:3f:bf:6d:3c:7d:e2:51:0b:df:b3:69:eb:
58:23:cd:a7:5c:38:6b:0d:a7:7f:35:0a:95:8f:b3:
14:03:cd:00:8d:59:e8:86:04:aa:a4:ef:2f:76:d2:
47:aa:66:3a:af:46:dd:7c:8a:87:d9:27:6b:e3:36:
6d:d3:6c:89:4e:29:bd:0d:78:57:c8:11:9c:7c:d1:
dc:01:f4:c9:37:c9:e3:eb:60:af:6c:ba:b3:79:b8:
11:76:ae:d9:d5:bb:61:42:e5:34:cf:13:36:db:99:
e5:ad:03:d1:3b:61:00:18:68:f4:04:98:55:68:c8:
6c:a8:70:90:68:0c:bf:68:c8:15:26:eb:59:1b:d4:
c2:38:1a:81:74:10:d7:ca:cc:d9:4d:72:da:66:87:
5d:f5:08:51:04:8a:0e:5d:f1:fa:81:5c:6e:a8:d0:
26:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C7:37:0B:79:6A:77:8D:CA:71:47:65:21:5F:4A:FF:FA:1E:5E:4F
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/yMc3C3lqd43KcUdlIV9K__oeXk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
185.24.148.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
07:14:66:15:12:6b:0f:c5:64:a5:5d:2d:bc:b4:d9:2b:3e:18:
80:3d:de:19:8e:6e:7f:d0:45:80:7c:a2:98:38:18:ca:43:a8:
61:66:50:c3:84:85:3c:96:ab:e2:e0:04:4a:84:a6:7e:ee:2d:
28:60:bb:c2:b8:0c:63:91:01:cf:1f:fc:9c:21:2b:d1:ee:5c:
d0:0f:d3:44:38:f6:21:6b:ad:fb:1d:a9:93:c0:b5:df:b0:a7:
e2:25:2b:1b:ea:72:cd:6e:57:8f:b5:1f:c0:5f:bf:cc:64:78:
a7:bd:9b:84:d4:62:a6:84:d5:45:de:eb:1d:1d:07:b9:02:df:
a3:c9:ca:d2:7a:53:f2:e7:88:cb:bd:60:9f:29:2e:a8:da:07:
1d:1d:14:37:7d:f1:05:77:1d:0d:62:54:c7:03:e9:48:9a:a5:
6f:fe:60:5f:0a:50:9e:15:77:c1:25:6b:63:3d:91:f4:bd:47:
74:ed:41:2b:eb:ca:3e:99:2a:c4:07:c0:9d:9d:29:2f:80:7e:
c2:35:af:86:1a:07:f6:0d:5a:6e:c3:2a:f6:b7:ab:22:68:78:
8d:8f:48:f4:0a:f7:29:0e:49:7c:bd:ec:77:fb:00:3a:e5:c0:
b8:52:eb:bf:30:91:4a:1d:e3:24:19:87:4d:df:fd:91:dd:7e:
e2:8f:98:23
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEOsUkAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDYy
OTA2MzYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhjNzM3MGI3OTZh
Nzc4ZGNhNzE0NzY1MjE1ZjRhZmZmYTFlNWU0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHa6Z25RLYt0hLoawFbbrmXD5bGCtsi3R2h8iAMG6lVub4X
IkEBHlU2yGo8pQWbWhFFTxmUFDIr4PZ86hPNaGkzrS53sbSbuwcPT3ZnotDylB/n
Ja4Hpn1kdiI4P79tPH3iUQvfs2nrWCPNp1w4aw2nfzUKlY+zFAPNAI1Z6IYEqqTv
L3bSR6pmOq9G3XyKh9kna+M2bdNsiU4pvQ14V8gRnHzR3AH0yTfJ4+tgr2y6s3m4
EXau2dW7YULlNM8TNtuZ5a0D0TthABho9ASYVWjIbKhwkGgMv2jIFSbrWRvUwjga
gXQQ18rM2U1y2maHXfUIUQSKDl3x+oFcbqjQJnUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTIxzcLeWp3jcpxR2UhX0r/+h5eTzAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L3lNYzNDM2xxZDQzS2NVZGxJVjlLX19vZVhrOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAC4mgQMEAC4mgwMEAC4mjAMEALkY
lAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
BxRmFRJrD8VkpV0tvLTZKz4YgD3eGY5uf9BFgHyimDgYykOoYWZQw4SFPJar4uAE
SoSmfu4tKGC7wrgMY5EBzx/8nCEr0e5c0A/TRDj2IWut+x2pk8C137Cn4iUrG+py
zW5Xj7UfwF+/zGR4p72bhNRipoTVRd7rHR0HuQLfo8nK0npT8ueIy71gnykuqNoH
HR0UN33xBXcdDWJUxwPpSJqlb/5gXwpQnhV3wSVrYz2R9L1HdO1BK+vKPpkqxAfA
nZ0pL4B+wjWvhhoH9g1absMq9rerImh4jY9I9Ar3KQ5JfL3sd/sAOuXAuFLrvzCR
Sh3jJBmHTd/9kd1+4o+YIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:40 2023 by rpki-client on console-ams.rpki-client.org