Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yBCTaER9MP9xTztWPrgPJo63adI.roa
File: yBCTaER9MP9xTztWPrgPJo63adI.roa (raw, json)
Hash identifier: mpRyHj16vgMDmmW78WjoUfJfztwembLyXLqvycE2pgQ=
Subject key identifier: C8:10:93:68:44:7D:30:FF:71:4F:3B:56:3E:B8:0F:26:8E:B7:69:D2
Certificate issuer: /CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Certificate serial: 18FB12FC
Authority key identifier: EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yBCTaER9MP9xTztWPrgPJo63adI.roa
Signing time: Sat 01 Jan 2022 15:05:26 +0000
ROA not before: Sat 01 Jan 2022 15:05:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8251
IP address blocks: 31.47.96.0/20 maxlen: 20
212.79.96.0/20 maxlen: 20
185.99.64.0/22 maxlen: 22
81.201.48.0/21 maxlen: 21
81.201.56.0/21 maxlen: 21
78.108.96.0/20 maxlen: 20
2a01:490::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419107580 (0x18fb12fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Validity
Not Before: Jan 1 15:05:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8109368447d30ff714f3b563eb80f268eb769d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2a:46:34:42:86:a1:c6:66:ba:4d:9a:f2:ea:
40:f6:1f:8c:8c:fd:50:aa:5d:ac:d1:b8:50:56:5f:
2a:14:f2:c8:56:15:74:1c:6b:ca:d6:32:8a:05:83:
a2:78:91:b4:a8:5b:aa:d4:0d:f9:9a:24:99:a0:e7:
1a:27:25:ee:51:e4:8f:68:f9:56:3f:8a:8c:d1:07:
32:40:73:81:8e:7b:23:e9:7b:68:7b:11:a9:a3:a7:
17:6d:4c:62:7b:84:7c:05:e8:72:e2:d7:94:cf:17:
77:ad:57:58:f8:9b:87:90:1e:55:e2:ec:d6:af:d7:
7d:fb:1a:e2:d0:0b:d3:03:4e:f0:61:be:25:18:77:
aa:c3:86:9f:a9:de:2c:35:65:a2:0e:73:7e:ed:0f:
f7:59:9a:23:89:46:f7:bd:ba:94:62:ab:21:8a:a9:
d1:23:e3:ba:b5:b3:e8:c2:66:b2:be:31:b6:cd:22:
86:d2:98:5b:b2:ac:08:b8:5c:c7:7b:fd:52:89:65:
6f:0c:da:39:6a:f0:80:9c:78:31:b3:59:39:03:78:
3d:04:d3:7c:4b:89:d1:06:2d:4a:ae:f4:e8:7e:94:
7f:b9:c5:c8:69:a2:2e:ab:88:00:10:02:6b:b4:c4:
50:c6:33:42:0c:b8:a0:10:b6:75:17:fb:28:8f:eb:
0e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:10:93:68:44:7D:30:FF:71:4F:3B:56:3E:B8:0F:26:8E:B7:69:D2
X509v3 Authority Key Identifier:
keyid:EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yBCTaER9MP9xTztWPrgPJo63adI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.96.0/20
78.108.96.0/20
81.201.48.0/20
185.99.64.0/22
212.79.96.0/20
IPv6:
2a01:490::/32
Signature Algorithm: sha256WithRSAEncryption
34:b7:b9:75:47:e9:0f:59:f1:62:4f:97:f5:79:6e:e8:79:b6:
08:5f:f1:43:4d:54:a6:2d:d4:0b:86:d1:c1:b1:ea:be:8a:3a:
7f:59:0d:2c:fe:64:e9:f8:13:14:25:0d:1f:65:0e:5c:48:f0:
a0:b6:12:99:31:19:28:26:f3:d0:27:97:93:18:26:c6:4d:3c:
d2:63:d0:fc:d8:9c:77:c1:20:75:df:20:38:72:7b:42:c3:5e:
d5:89:55:4e:d0:67:4e:88:9c:d9:cc:26:31:5b:3d:57:87:36:
35:6e:d9:7b:59:e9:ce:50:80:de:ef:91:72:ce:54:a2:49:18:
28:87:22:1b:a9:5d:1c:f0:56:01:4b:40:2a:1c:fa:4c:fa:a2:
3b:df:ba:05:3a:92:07:e6:8c:f7:02:8e:3d:ce:b5:dd:ea:ea:
04:8d:5d:2a:b5:e4:c6:dd:5b:00:fe:b0:a9:90:73:06:29:dc:
a7:80:04:62:14:f5:aa:3c:04:a7:dc:7c:89:fc:06:35:3c:4d:
33:44:2c:de:77:4c:1d:4e:08:ba:0e:ea:a2:76:dd:0c:3c:1d:
6d:ae:f2:f4:4b:f4:49:29:63:fd:0c:64:ac:d3:79:1e:73:75:
2a:8b:a6:ce:b0:78:a2:d3:01:7a:07:b6:62:e2:4f:8c:6e:13:
48:7b:7a:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGPsS/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjUwODJkMzdmYmM4MTk5OGJmY2Y5NDhhNWJiZGRhNjNlZGZkZWUwMB4XDTIyMDEw
MTE1MDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzgxMDkzNjg0NDdk
MzBmZjcxNGYzYjU2M2ViODBmMjY4ZWI3NjlkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIqRjRChqHGZrpNmvLqQPYfjIz9UKpdrNG4UFZfKhTyyFYV
dBxrytYyigWDoniRtKhbqtQN+ZokmaDnGicl7lHkj2j5Vj+KjNEHMkBzgY57I+l7
aHsRqaOnF21MYnuEfAXocuLXlM8Xd61XWPibh5AeVeLs1q/Xffsa4tAL0wNO8GG+
JRh3qsOGn6neLDVlog5zfu0P91maI4lG9726lGKrIYqp0SPjurWz6MJmsr4xts0i
htKYW7KsCLhcx3v9UollbwzaOWrwgJx4MbNZOQN4PQTTfEuJ0QYtSq706H6Uf7nF
yGmiLquIABACa7TEUMYzQgy4oBC2dRf7KI/rDr8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTIEJNoRH0w/3FPO1Y+uA8mjrdp0jAfBgNVHSMEGDAWgBTvUILTf7yBmYv8
+Uilu92mPt/e4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxQ0MwMy04Z1ptTF9QbElwYnZkcGo3ZjN1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMGMzYzRkLTAxZDItNDQwYS1hNTFmLTkxOTVkMDJkZWQ1NS8x
L3lCQ1RhRVI5TVA5eFR6dFdQcmdQSm82M2FkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MGMzYzRkLTAxZDItNDQwYS1hNTFmLTkxOTVkMDJkZWQ1NS8xLzcxQ0MwMy04Z1pt
TF9QbElwYnZkcGo3ZjN1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBB8vYAMEBE5sYAMEBFHJMAMEArlj
QAMEBNRPYDANBAIAAjAHAwUAKgEEkDANBgkqhkiG9w0BAQsFAAOCAQEANLe5dUfp
D1nxYk+X9Xlu6Hm2CF/xQ01Upi3UC4bRwbHqvoo6f1kNLP5k6fgTFCUNH2UOXEjw
oLYSmTEZKCbz0CeXkxgmxk080mPQ/Nicd8Egdd8gOHJ7QsNe1YlVTtBnToic2cwm
MVs9V4c2NW7Ze1npzlCA3u+Rcs5UokkYKIciG6ldHPBWAUtAKhz6TPqiO9+6BTqS
B+aM9wKOPc613erqBI1dKrXkxt1bAP6wqZBzBincp4AEYhT1qjwEp9x8ifwGNTxN
M0Qs3ndMHU4Iug7qonbdDDwdba7y9Ev0SSlj/QxkrNN5HnN1KoumzrB4otMBege2
YuJPjG4TSHt6ZQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:17 2023 by rpki-client on console-fra.rpki-client.org