Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/yXe-gWaDAlfiaeGafVyUNDotXoo.roa
File: yXe-gWaDAlfiaeGafVyUNDotXoo.roa (raw, json)
Hash identifier: jJ+g5XxAqK1uDARxBLBx1qnSd0Iq6AHxXN/h0+t3Oc0=
Subject key identifier: C9:77:BE:81:66:83:02:57:E2:69:E1:9A:7D:5C:94:34:3A:2D:5E:8A
Certificate issuer: /CN=128f0960bf2fbf70c4c49ae101dff2ecc39875ed
Certificate serial: 366DD517
Authority key identifier: 12:8F:09:60:BF:2F:BF:70:C4:C4:9A:E1:01:DF:F2:EC:C3:98:75:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eo8JYL8vv3DExJrhAd_y7MOYde0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/yXe-gWaDAlfiaeGafVyUNDotXoo.roa
Signing time: Sat 01 Jan 2022 08:53:15 +0000
ROA not before: Sat 01 Jan 2022 08:53:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50535
IP address blocks: 46.18.88.0/22 maxlen: 22
193.107.56.0/22 maxlen: 22
46.18.92.0/22 maxlen: 22
141.138.152.0/22 maxlen: 22
141.138.156.0/22 maxlen: 22
185.116.88.0/22 maxlen: 24
2a00:ce80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 913167639 (0x366dd517)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=128f0960bf2fbf70c4c49ae101dff2ecc39875ed
Validity
Not Before: Jan 1 08:53:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c977be8166830257e269e19a7d5c94343a2d5e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:84:f7:4e:2f:bc:ad:96:19:79:46:f6:08:74:
6e:57:2e:40:dd:6c:fc:fd:0b:85:b0:0d:0a:87:e9:
28:52:00:a9:7b:3f:b7:d5:9c:5e:49:e7:a9:fb:ff:
a5:a1:74:34:3a:a1:e1:11:ff:f7:6f:fb:47:11:cc:
dc:dd:4e:f6:09:3f:e9:06:aa:51:7a:f0:be:87:5d:
ea:d4:64:c6:0c:94:96:6f:3c:eb:8c:42:2e:1f:0e:
f5:62:05:b7:07:9f:c0:92:f5:f7:75:dc:a7:ee:09:
b5:26:2b:a7:0c:89:32:bc:51:ce:07:b0:ec:a7:b1:
7a:7b:7a:0f:f8:f8:2c:24:05:55:bf:5c:dc:f9:54:
48:80:7a:ae:48:13:0a:5d:85:93:43:9a:e7:30:e5:
68:0c:18:4b:19:b0:63:a2:c7:f5:6b:92:d0:c0:9c:
c0:f4:d8:10:c1:f7:18:ba:b6:ab:b8:5f:07:c8:c1:
42:13:15:10:34:fd:8b:ee:8f:47:32:72:fc:cd:82:
72:ff:3f:09:df:17:c0:d8:6b:4f:62:a6:f1:57:96:
90:e1:a6:a4:36:39:66:14:48:44:37:5a:1b:d1:16:
a6:3a:47:c8:d9:1b:63:fb:f9:5a:1c:12:5c:0d:2b:
0a:33:ba:9d:e1:10:f8:23:37:6c:3a:c4:65:5a:4c:
d8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:77:BE:81:66:83:02:57:E2:69:E1:9A:7D:5C:94:34:3A:2D:5E:8A
X509v3 Authority Key Identifier:
keyid:12:8F:09:60:BF:2F:BF:70:C4:C4:9A:E1:01:DF:F2:EC:C3:98:75:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eo8JYL8vv3DExJrhAd_y7MOYde0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/yXe-gWaDAlfiaeGafVyUNDotXoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/Eo8JYL8vv3DExJrhAd_y7MOYde0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.88.0/21
141.138.152.0/21
185.116.88.0/22
193.107.56.0/22
IPv6:
2a00:ce80::/32
Signature Algorithm: sha256WithRSAEncryption
a5:c2:1c:d7:f5:22:ec:94:8b:d5:04:79:e1:0b:94:2e:98:f2:
ab:a7:2c:2b:61:60:57:39:32:cc:b9:f4:9c:c1:03:de:2f:c8:
5d:3b:61:fd:dc:e5:f4:cd:60:4b:40:de:84:8e:35:75:dc:64:
d2:ef:dc:cd:9a:87:da:4e:70:26:51:6b:72:1e:e3:f2:b7:21:
f5:cd:8a:d1:0e:f8:db:e6:e8:b9:6f:01:c2:91:9f:16:ce:07:
d2:d6:e5:55:16:a8:f9:f8:4a:67:9e:09:a1:3f:02:a3:ce:ee:
58:b7:3f:4a:ba:ba:09:46:71:c0:45:c3:70:a8:5c:4c:db:82:
91:41:99:34:50:b4:e1:8b:0f:6f:8b:97:1e:16:1a:e4:ad:54:
c1:48:06:9c:2f:cf:32:34:3d:40:d9:67:c2:d7:41:6a:a6:5e:
2c:94:bf:73:2b:bd:ec:a5:fd:89:15:98:fd:7d:a5:0c:54:9a:
c5:80:3e:47:9b:ae:0f:9b:15:f9:e0:a1:61:e1:94:dc:90:be:
9e:8a:11:a2:4f:53:50:66:08:2a:78:c3:fb:e7:60:b4:34:59:
5f:19:f8:9a:29:5e:ac:b0:8f:b0:c8:73:ea:39:77:c4:6a:39:
ed:4f:dd:72:02:a6:35:3b:4f:90:10:14:65:59:de:c7:34:39:
16:54:c0:f4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENm3VFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MjhmMDk2MGJmMmZiZjcwYzRjNDlhZTEwMWRmZjJlY2MzOTg3NWVkMB4XDTIyMDEw
MTA4NTMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk3N2JlODE2Njgz
MDI1N2UyNjllMTlhN2Q1Yzk0MzQzYTJkNWU4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSE904vvK2WGXlG9gh0blcuQN1s/P0LhbANCofpKFIAqXs/
t9WcXknnqfv/paF0NDqh4RH/92/7RxHM3N1O9gk/6QaqUXrwvodd6tRkxgyUlm88
64xCLh8O9WIFtwefwJL193Xcp+4JtSYrpwyJMrxRzgew7Kexent6D/j4LCQFVb9c
3PlUSIB6rkgTCl2Fk0Oa5zDlaAwYSxmwY6LH9WuS0MCcwPTYEMH3GLq2q7hfB8jB
QhMVEDT9i+6PRzJy/M2Ccv8/Cd8XwNhrT2Km8VeWkOGmpDY5ZhRIRDdaG9EWpjpH
yNkbY/v5WhwSXA0rCjO6neEQ+CM3bDrEZVpM2EkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTJd76BZoMCV+Jp4Zp9XJQ0Oi1eijAfBgNVHSMEGDAWgBQSjwlgvy+/cMTE
muEB3/Lsw5h17TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VvOEpZTDh2djNERXhKcmhBZF95N01PWWRlMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMDA4NjgxLWRmNzktNDc3Yi05MjM2LTQ1MzA5YTVlMjc2OC8x
L3lYZS1nV2FEQWxmaWFlR2FmVnlVTkRvdFhvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MDA4NjgxLWRmNzktNDc3Yi05MjM2LTQ1MzA5YTVlMjc2OC8xL0VvOEpZTDh2djNE
RXhKcmhBZF95N01PWWRlMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAy4SWAMEA42KmAMEArl0WAMEAsFr
ODANBAIAAjAHAwUAKgDOgDANBgkqhkiG9w0BAQsFAAOCAQEApcIc1/Ui7JSL1QR5
4QuULpjyq6csK2FgVzkyzLn0nMED3i/IXTth/dzl9M1gS0DehI41ddxk0u/czZqH
2k5wJlFrch7j8rch9c2K0Q742+bouW8BwpGfFs4H0tblVRao+fhKZ54JoT8Co87u
WLc/Srq6CUZxwEXDcKhcTNuCkUGZNFC04YsPb4uXHhYa5K1UwUgGnC/PMjQ9QNln
wtdBaqZeLJS/cyu97KX9iRWY/X2lDFSaxYA+R5uuD5sV+eChYeGU3JC+nooRok9T
UGYIKnjD++dgtDRZXxn4milerLCPsMhz6jl3xGo57U/dcgKmNTtPkBAUZVnexzQ5
FlTA9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-ams.rpki-client.org