Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/yttmcfhGgB62yahgHdLS7DpsouA.roa
File: yttmcfhGgB62yahgHdLS7DpsouA.roa (raw, json)
Hash identifier: MRP6Ody4q3pk3Rlduw9gsqbWKEJa2QJSOXlXIMfg4uc=
Subject key identifier: CA:DB:66:71:F8:46:80:1E:B6:C9:A8:60:1D:D2:D2:EC:3A:6C:A2:E0
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AB2E045
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/yttmcfhGgB62yahgHdLS7DpsouA.roa
Signing time: Sat 01 Jan 2022 16:03:05 +0000
ROA not before: Sat 01 Jan 2022 16:03:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43391
IP address blocks: 212.252.24.0/24 maxlen: 24
213.74.4.0/24 maxlen: 24
212.252.27.0/24 maxlen: 24
212.252.26.0/24 maxlen: 24
212.252.25.0/24 maxlen: 24
212.252.36.0/24 maxlen: 24
212.252.46.0/24 maxlen: 24
212.252.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447930437 (0x1ab2e045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cadb6671f846801eb6c9a8601dd2d2ec3a6ca2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5a:71:c4:c4:24:5e:a4:96:53:88:10:28:08:
14:a6:40:cf:68:8d:29:86:ce:1c:c3:f5:28:fb:b0:
96:6e:f8:f9:5a:a0:fa:54:0f:90:58:fa:f4:55:5e:
95:78:cf:32:e6:04:e4:b7:01:86:a4:21:d0:c4:bf:
ca:b9:71:7d:2c:32:f5:ec:a3:82:8c:12:66:30:28:
9a:ec:50:53:76:bc:7c:92:46:17:e0:19:ee:f1:4a:
cb:60:82:7c:9b:10:cc:5f:87:b9:2b:8d:33:59:ec:
f9:5d:c7:6a:d5:72:5b:4d:21:53:5f:3e:34:e5:9f:
7b:9c:a6:9b:a0:5f:cc:aa:a6:f3:57:a8:0e:53:00:
63:86:e7:ef:f9:6c:59:dd:a5:35:0d:62:b8:03:00:
cc:21:0a:3d:51:bd:5c:a3:79:a9:f0:43:4c:aa:1f:
a0:3b:33:ed:ff:cf:c5:8c:d4:c2:60:73:95:e0:4d:
b8:37:18:0e:bd:95:67:97:52:53:85:fa:cc:ee:b4:
ca:e2:57:b4:14:bd:49:28:c1:b4:19:b2:1d:b5:fb:
ac:8c:c8:82:7f:e9:c7:6c:cc:80:68:a0:4f:83:11:
f7:6a:42:0e:03:4c:1f:23:96:dd:e4:a4:ee:e6:29:
42:21:b0:bf:57:4d:f1:38:fb:f5:b7:9e:25:1d:5a:
dd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DB:66:71:F8:46:80:1E:B6:C9:A8:60:1D:D2:D2:EC:3A:6C:A2:E0
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/yttmcfhGgB62yahgHdLS7DpsouA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.24.0/22
212.252.36.0/24
212.252.45.0-212.252.46.255
213.74.4.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:0d:85:92:0b:32:f0:d4:4c:f8:39:f3:ba:93:e4:58:84:69:
9f:3c:cd:d0:42:56:6a:d0:ec:82:ba:ef:d9:e3:56:b9:21:c1:
a0:95:f7:06:22:3d:31:54:c9:6f:4d:01:b4:67:16:d3:84:65:
82:ae:f7:06:5a:77:ab:3d:31:58:00:c3:05:53:32:4a:18:70:
86:ee:0a:bf:5b:6e:52:4c:63:e9:7c:11:a9:37:a8:92:83:4d:
e7:ce:a4:03:46:53:21:0d:db:c9:16:81:4f:9b:c7:07:b6:16:
2a:08:2c:9e:9a:5d:88:14:dd:ad:dd:d8:6b:83:75:ae:24:7e:
86:03:4c:9e:fe:b3:8d:44:1c:22:52:18:6b:46:27:c7:b7:87:
e7:fd:78:3c:5d:11:0c:96:f9:5f:00:c4:fc:96:d0:a9:8f:90:
15:79:80:cb:1f:38:6f:db:78:49:0d:61:fd:d0:0c:ad:c8:0e:
7e:51:38:01:88:6d:94:f8:64:7c:29:5b:ff:33:31:6b:26:b0:
bc:16:ac:c7:a8:23:8d:39:26:7e:5f:f3:b9:b1:05:e5:a1:be:
ad:1a:ae:aa:55:65:4b:24:4f:e2:ac:ee:5e:5d:a6:8c:e1:3c:
75:e7:d7:96:4e:bd:ff:28:20:04:49:14:f1:91:69:59:be:11:
66:4f:09:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEGrLgRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FkYjY2NzFmODQ2
ODAxZWI2YzlhODYwMWRkMmQyZWMzYTZjYTJlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBaccTEJF6kllOIECgIFKZAz2iNKYbOHMP1KPuwlm74+Vqg
+lQPkFj69FVelXjPMuYE5LcBhqQh0MS/yrlxfSwy9eyjgowSZjAomuxQU3a8fJJG
F+AZ7vFKy2CCfJsQzF+HuSuNM1ns+V3HatVyW00hU18+NOWfe5ymm6BfzKqm81eo
DlMAY4bn7/lsWd2lNQ1iuAMAzCEKPVG9XKN5qfBDTKofoDsz7f/PxYzUwmBzleBN
uDcYDr2VZ5dSU4X6zO60yuJXtBS9SSjBtBmyHbX7rIzIgn/px2zMgGigT4MR92pC
DgNMHyOW3eSk7uYpQiGwv1dN8Tj79beeJR1a3SMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTK22Zx+EaAHrbJqGAd0tLsOmyi4DAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L3l0dG1jZmhHZ0I2MnlhaGdIZExTN0Rwc291QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAtT8GAMEANT8JDAMAwQA1PwtAwQA
1PwuAwQA1UoEMA0GCSqGSIb3DQEBCwUAA4IBAQAeDYWSCzLw1Ez4OfO6k+RYhGmf
PM3QQlZq0OyCuu/Z41a5IcGglfcGIj0xVMlvTQG0ZxbThGWCrvcGWnerPTFYAMMF
UzJKGHCG7gq/W25STGPpfBGpN6iSg03nzqQDRlMhDdvJFoFPm8cHthYqCCyeml2I
FN2t3dhrg3WuJH6GA0ye/rONRBwiUhhrRifHt4fn/Xg8XREMlvlfAMT8ltCpj5AV
eYDLHzhv23hJDWH90AytyA5+UTgBiG2U+GR8KVv/MzFrJrC8FqzHqCONOSZ+X/O5
sQXlob6tGq6qVWVLJE/irO5eXaaM4Tx159eWTr3/KCAESRTxkWlZvhFmTwmz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org