Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ynPzV4ymXxmh2G9E_XXMzgMGBlQ.roa
File: ynPzV4ymXxmh2G9E_XXMzgMGBlQ.roa (raw, json)
Hash identifier: kEJ5uE5J9M3y9mlD1ExeRewkdjWkeDlUIp9OaSimBdk=
Subject key identifier: CA:73:F3:57:8C:A6:5F:19:A1:D8:6F:44:FD:75:CC:CE:03:06:06:54
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1ABB31E4
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ynPzV4ymXxmh2G9E_XXMzgMGBlQ.roa
Signing time: Sat 01 Jan 2022 16:03:10 +0000
ROA not before: Sat 01 Jan 2022 16:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197633
IP address blocks: 185.5.176.0/22 maxlen: 22
37.122.229.0/24 maxlen: 24
37.123.0.0/20 maxlen: 20
31.44.192.0/24 maxlen: 24
31.44.193.0/24 maxlen: 24
31.44.204.0/23 maxlen: 23
31.44.202.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448475620 (0x1abb31e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca73f3578ca65f19a1d86f44fd75ccce03060654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0f:a7:20:0d:e8:f8:a0:da:99:f2:47:be:cb:
c4:cc:a5:c9:01:48:25:76:84:f0:32:d4:09:2c:d2:
3d:a0:0c:c8:fc:d5:00:16:1e:92:61:e8:cc:15:df:
76:15:76:96:1f:c7:8c:78:08:0b:44:85:16:1c:a4:
f3:8f:24:35:0b:2c:ba:61:13:c0:39:26:2b:fd:d1:
22:3b:59:37:a7:85:52:a7:df:ff:b8:7a:ba:f1:4f:
6b:51:17:1f:c0:14:c6:27:22:19:e4:6d:92:47:42:
f4:7d:03:f8:12:ba:48:bb:78:ad:17:49:24:3a:a7:
30:03:a1:c0:72:e9:36:0e:4e:50:fe:23:82:bc:a7:
ad:1e:ce:5c:24:1b:36:59:bf:75:9b:72:29:e5:cd:
cf:ef:4c:37:58:98:85:a4:65:bd:c1:8b:d6:1d:cd:
ca:bc:7c:ae:00:5f:4e:a5:c7:a9:74:0b:dc:ec:55:
79:26:94:1c:75:60:32:0b:e3:b2:86:32:d7:b2:3f:
23:08:0a:87:7d:b8:d9:9b:3c:5a:a3:9a:6d:47:ba:
4c:45:3a:18:8a:b5:80:5a:d2:b4:01:ce:51:b0:71:
26:2f:ae:0e:8d:97:5e:d1:80:d5:49:5c:b6:2f:cc:
89:a9:95:46:0b:e0:d3:d7:d9:f0:72:de:1f:f6:7f:
68:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:73:F3:57:8C:A6:5F:19:A1:D8:6F:44:FD:75:CC:CE:03:06:06:54
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ynPzV4ymXxmh2G9E_XXMzgMGBlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.192.0/23
31.44.202.0-31.44.205.255
37.122.229.0/24
37.123.0.0/20
185.5.176.0/22
Signature Algorithm: sha256WithRSAEncryption
06:e1:ab:aa:67:2e:20:94:57:e2:fa:99:8e:52:57:67:19:1b:
f9:af:b2:a7:3a:75:df:f9:9a:e1:d0:91:02:47:fb:d0:e9:dd:
86:4f:1a:e1:74:64:af:ba:7b:a9:70:2e:17:39:3b:74:e8:d4:
68:a9:83:df:85:27:85:fb:d0:d1:e8:ef:a7:fc:7b:cc:33:5b:
6b:a6:15:82:64:51:f9:1b:99:8e:51:b1:01:af:db:20:e9:53:
9c:4d:b4:8f:b9:44:18:a8:0d:eb:33:b2:4a:60:64:b9:ea:5e:
d6:bd:23:d6:06:d2:89:f9:a6:f2:de:59:36:2e:9f:f7:3a:99:
ca:58:a4:a0:d1:80:e9:93:4f:01:3d:b6:00:69:8a:c5:17:b8:
3a:a5:fa:1b:46:96:41:cb:d3:eb:67:91:3a:0b:98:00:99:df:
5b:13:2f:d1:cb:8d:a4:70:00:39:b9:d0:1f:85:79:29:5e:22:
cf:97:bc:fb:08:29:df:b3:20:73:d5:5e:92:6c:5f:68:48:2b:
26:ee:f6:e5:18:92:6a:fb:96:fd:ab:73:96:30:3a:44:b3:b5:
44:de:ab:63:b6:8d:74:18:c9:90:ca:09:01:f9:e6:0d:09:3b:
8b:d3:66:90:cd:38:34:d6:c5:1a:ba:1a:20:a1:c8:92:39:34:
43:70:e0:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEGrsx5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E3M2YzNTc4Y2E2
NWYxOWExZDg2ZjQ0ZmQ3NWNjY2UwMzA2MDY1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8PpyAN6Pig2pnyR77LxMylyQFIJXaE8DLUCSzSPaAMyPzV
ABYekmHozBXfdhV2lh/HjHgIC0SFFhyk848kNQssumETwDkmK/3RIjtZN6eFUqff
/7h6uvFPa1EXH8AUxiciGeRtkkdC9H0D+BK6SLt4rRdJJDqnMAOhwHLpNg5OUP4j
grynrR7OXCQbNlm/dZtyKeXNz+9MN1iYhaRlvcGL1h3Nyrx8rgBfTqXHqXQL3OxV
eSaUHHVgMgvjsoYy17I/IwgKh3242Zs8WqOabUe6TEU6GIq1gFrStAHOUbBxJi+u
Do2XXtGA1Ulcti/MiamVRgvg09fZ8HLeH/Z/aLkCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTKc/NXjKZfGaHYb0T9dczOAwYGVDAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L3luUHpWNHltWHhtaDJHOUVfWFhNemdNR0JsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAR8swDAMAwQBHyzKAwQBHyzMAwQA
JXrlAwQEJXsAAwQCuQWwMA0GCSqGSIb3DQEBCwUAA4IBAQAG4auqZy4glFfi+pmO
UldnGRv5r7KnOnXf+Zrh0JECR/vQ6d2GTxrhdGSvunupcC4XOTt06NRoqYPfhSeF
+9DR6O+n/HvMM1trphWCZFH5G5mOUbEBr9sg6VOcTbSPuUQYqA3rM7JKYGS56l7W
vSPWBtKJ+aby3lk2Lp/3OpnKWKSg0YDpk08BPbYAaYrFF7g6pfobRpZBy9PrZ5E6
C5gAmd9bEy/Ry42kcAA5udAfhXkpXiLPl7z7CCnfsyBz1V6SbF9oSCsm7vblGJJq
+5b9q3OWMDpEs7VE3qtjto10GMmQygkB+eYNCTuL02aQzTg01sUauhogociSOTRD
cOCR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org