Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa
File: yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa (raw, json)
Hash identifier: lOMolxDzCAcXaSrN+2D1FFGjW1FRqalWjkvfdpUS6uc=
Subject key identifier: C8:99:93:10:27:34:C4:01:36:DD:66:29:77:66:6C:6D:94:19:D7:3E
Certificate issuer: /CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Certificate serial: 018378E26C5C9F90517CADA547D400F5C817
Authority key identifier: EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa
Signing time: Mon 26 Sep 2022 08:20:48 +0000
ROA not before: Mon 26 Sep 2022 08:20:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8251
IP address blocks: 212.79.96.0/20 maxlen: 20
31.47.96.0/20 maxlen: 20
185.99.64.0/22 maxlen: 22
81.201.48.0/21 maxlen: 21
81.201.56.0/21 maxlen: 21
81.201.48.175/32 maxlen: 32
78.108.96.0/20 maxlen: 20
2a01:490::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:78:e2:6c:5c:9f:90:51:7c:ad:a5:47:d4:00:f5:c8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Validity
Not Before: Sep 26 08:20:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c89993102734c40136dd662977666c6d9419d73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:04:0e:8d:e6:15:39:43:5e:87:b5:e3:86:0a:
66:d6:d7:d5:94:d9:f0:af:20:53:21:b8:d7:85:c0:
45:ce:28:0b:fa:bf:e1:fe:00:89:d4:a5:84:af:f8:
fd:8a:b8:21:09:6f:64:96:c5:78:2e:df:d5:5d:08:
0c:4b:2e:cc:99:5c:33:24:6f:b7:5a:f8:70:18:96:
3d:f1:a1:2e:51:9c:66:64:2f:b3:3e:2b:98:f5:82:
54:05:f6:01:0f:0e:8f:56:78:38:2c:8f:44:dc:3c:
eb:36:fe:f9:9e:86:3d:63:a0:99:89:e3:39:2e:90:
f5:df:61:d8:fd:09:66:2b:ae:a3:f4:a1:30:42:75:
fa:4b:9b:ca:14:39:51:c4:ee:10:82:b7:37:99:c3:
dc:a4:6d:a5:b9:95:81:87:7e:a9:f3:ae:04:67:ae:
a8:dc:e4:51:b8:77:51:b9:1b:a7:b4:46:ef:32:68:
7a:38:db:aa:d8:22:2d:a3:0c:96:14:0e:52:b3:78:
ad:2d:7a:7f:e2:18:20:32:de:8d:17:98:9c:69:ca:
8b:f4:33:ee:dd:c1:41:0a:d6:a9:d7:26:24:7e:30:
6f:b7:ab:ff:04:de:f5:d3:2c:0a:07:7f:a5:b3:0c:
ce:d2:68:fd:d6:29:1d:92:a8:c3:8f:75:90:4c:74:
9b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:99:93:10:27:34:C4:01:36:DD:66:29:77:66:6C:6D:94:19:D7:3E
X509v3 Authority Key Identifier:
keyid:EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.96.0/20
78.108.96.0/20
81.201.48.0/20
185.99.64.0/22
212.79.96.0/20
IPv6:
2a01:490::/32
Signature Algorithm: sha256WithRSAEncryption
2c:1e:70:33:0b:fd:e9:99:93:33:f0:2e:be:6f:f6:66:f2:e2:
15:f3:43:11:ec:36:cc:ed:8c:63:95:8d:30:bc:c5:6a:b9:9b:
46:55:17:42:6b:93:c6:ab:a8:88:0b:fd:15:6c:7e:42:b0:44:
8f:21:af:11:82:55:7c:cb:53:f7:d2:27:a2:79:17:32:c1:37:
ed:42:60:75:79:ba:54:6a:7c:0f:d8:5c:2b:3d:3e:0d:0b:8f:
7e:67:90:f8:7d:29:10:77:0a:60:3d:52:d7:67:75:c4:d7:69:
9f:ba:ff:97:29:1f:97:a1:fe:34:89:33:06:55:32:64:54:fd:
98:06:bf:99:2e:8a:ae:b4:25:ff:47:39:33:3c:b3:3b:9a:3b:
f9:ca:07:40:85:ac:63:52:72:26:1b:e8:cb:03:c0:fd:ed:68:
15:63:37:42:c5:d2:25:5b:90:17:6d:06:28:30:7b:23:de:6d:
0a:83:09:f8:bc:75:ee:f1:46:c8:a3:10:c1:b4:dc:98:ff:8c:
fb:83:7f:a5:0c:9b:db:62:ff:c0:a6:7e:e3:c6:8b:04:6f:08:
33:ff:4d:b4:76:91:6b:51:9c:68:c0:9d:4d:4f:87:a1:a7:9d:
67:95:e5:5f:b6:44:d8:13:53:35:ab:37:90:99:7e:cc:71:04:
2d:1c:07:08
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYN44mxcn5BRfK2lR9QA9cgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTA4MmQzN2ZiYzgxOTk4YmZjZjk0OGE1YmJkZGE2M2Vk
ZmRlZTAwHhcNMjIwOTI2MDgyMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk5OTMxMDI3MzRjNDAxMzZkZDY2Mjk3NzY2NmM2ZDk0MTlkNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQQOjeYVOUNeh7Xjhgpm1tfVlNnw
ryBTIbjXhcBFzigL+r/h/gCJ1KWEr/j9irghCW9klsV4Lt/VXQgMSy7MmVwzJG+3
WvhwGJY98aEuUZxmZC+zPiuY9YJUBfYBDw6PVng4LI9E3DzrNv75noY9Y6CZieM5
LpD132HY/QlmK66j9KEwQnX6S5vKFDlRxO4Qgrc3mcPcpG2luZWBh36p864EZ66o
3ORRuHdRuRuntEbvMmh6ONuq2CItowyWFA5Ss3itLXp/4hggMt6NF5icacqL9DPu
3cFBCtap1yYkfjBvt6v/BN710ywKB3+lswzO0mj91ikdkqjDj3WQTHSbwwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMiZkxAnNMQBNt1mKXdmbG2UGdc+MB8GA1UdIwQY
MBaAFO9QgtN/vIGZi/z5SKW73aY+397gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYt
OTE5NWQwMmRlZDU1LzEveUptVEVDYzB4QUUyM1dZcGQyWnNiWlFaMXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYtOTE5NWQwMmRlZDU1
LzEvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEHy9gAwQE
TmxgAwQEUckwAwQCuWNAAwQE1E9gMA0EAgACMAcDBQAqAQSQMA0GCSqGSIb3DQEB
CwUAA4IBAQAsHnAzC/3pmZMz8C6+b/Zm8uIV80MR7DbM7YxjlY0wvMVquZtGVRdC
a5PGq6iIC/0VbH5CsESPIa8RglV8y1P30ieieRcywTftQmB1ebpUanwP2FwrPT4N
C49+Z5D4fSkQdwpgPVLXZ3XE12mfuv+XKR+Xof40iTMGVTJkVP2YBr+ZLoqutCX/
RzkzPLM7mjv5ygdAhaxjUnImG+jLA8D97WgVYzdCxdIlW5AXbQYoMHsj3m0Kgwn4
vHXu8UbIoxDBtNyY/4z7g3+lDJvbYv/Apn7jxosEbwgz/020dpFrUZxowJ1NT4eh
p51nleVftkTYE1M1qzeQmX7McQQtHAcI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:17 2023 by rpki-client on console-fra.rpki-client.org