Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/YVLgssj-rlnso880UQgg7EN0ZMo.roa
File: YVLgssj-rlnso880UQgg7EN0ZMo.roa (raw, json)
Hash identifier: z+TNnV0AAUOFMvE3mY8VKdmKhKo8it6qOeX861SWaos=
Subject key identifier: 61:52:E0:B2:C8:FE:AE:59:EC:A3:CF:34:51:08:20:EC:43:74:64:CA
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 06936DCC
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/YVLgssj-rlnso880UQgg7EN0ZMo.roa
Signing time: Wed 23 Mar 2022 11:56:47 +0000
ROA not before: Wed 23 Mar 2022 11:56:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14537
IP address blocks: 217.147.124.0/24 maxlen: 24
217.147.125.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.121.0/24 maxlen: 24
217.147.120.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
217.147.127.0/24 maxlen: 24
92.249.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110325196 (0x6936dcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Mar 23 11:56:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6152e0b2c8feae59eca3cf34510820ec437464ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:be:94:2f:c0:21:d9:41:45:11:65:15:1f:96:
65:df:65:7d:e6:45:07:b2:00:c9:f8:f7:6b:05:67:
35:f0:ff:89:68:be:49:2a:08:77:4d:5d:d4:ae:a8:
4a:e5:41:51:27:36:c9:74:70:e7:17:95:27:7a:7d:
6e:48:61:a7:c9:c4:6a:f2:1c:da:23:69:b4:0a:47:
ea:cf:f7:22:8b:e3:1d:e8:b0:d4:70:72:67:99:c4:
87:98:5d:a0:28:f4:09:60:cf:43:d6:a5:38:dc:4b:
cf:6e:02:0a:83:be:31:a2:0e:f2:b2:89:a8:9f:00:
e5:d8:f2:b6:26:8f:95:4c:60:43:97:cc:76:94:6e:
97:07:98:90:3c:e9:90:49:ea:21:b0:36:81:8f:07:
a1:00:21:d1:e6:57:a3:41:4f:55:48:ec:f6:f0:08:
33:99:a1:91:34:50:9b:50:4f:1d:0f:92:82:10:0f:
de:8d:22:c9:61:7e:a9:97:87:19:6c:2c:24:62:89:
9c:d6:07:46:93:b1:c2:a9:0f:f9:c6:c2:86:40:f3:
0f:af:d5:8c:f0:64:8b:2d:d3:95:44:22:52:4b:ee:
37:6d:18:97:b4:fb:89:91:fc:77:38:17:d8:ff:5d:
cf:8c:28:7b:0b:55:47:96:46:e7:e4:89:a2:e6:fb:
61:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:52:E0:B2:C8:FE:AE:59:EC:A3:CF:34:51:08:20:EC:43:74:64:CA
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/YVLgssj-rlnso880UQgg7EN0ZMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.5.0/24
217.147.120.0/23
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:9f:e1:aa:6b:aa:8d:29:c2:5a:19:b0:19:b2:bd:72:82:bb:
5a:68:ed:a9:96:16:00:cb:2d:1d:0e:96:5a:dc:b5:88:a5:e6:
de:02:e3:a9:ac:ae:82:9a:fc:b6:59:67:0d:ca:5d:19:82:4b:
7d:1e:31:fb:a9:2f:f6:2f:5d:19:fc:30:c2:65:87:7d:1c:c5:
c4:05:4b:53:8f:cb:10:db:ed:f7:b1:ad:72:2a:b7:27:02:d8:
38:5c:a2:63:43:6e:d8:9d:07:9f:5b:82:5b:11:25:ba:e4:2b:
c8:5c:da:dc:07:3b:1b:5c:0f:41:43:ef:06:a2:65:20:ed:4d:
dd:9e:8f:94:f4:52:72:1f:13:75:ad:a7:63:29:47:f1:fb:0b:
ef:28:c4:6c:be:02:ad:a4:f1:34:e2:37:b5:cc:3a:29:a8:b3:
57:36:9b:0b:ea:d8:70:2a:e3:7d:b5:d6:03:c8:9c:d4:49:a8:
8c:a9:da:f2:b6:13:91:00:32:69:68:a1:54:92:99:9c:e7:d4:
31:91:05:41:14:9b:17:64:5d:90:a7:c9:aa:3a:b5:02:76:b1:
6c:42:dc:18:9f:16:ff:25:74:38:ad:c4:02:18:d7:75:c6:9a:
c0:03:5a:02:34:59:64:f5:c4:4e:1d:7a:f1:b2:7d:14:f5:ac:
76:5e:44:29
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBpNtzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2Y5MTBmMzYyOTFjM2MyMjRkZGI1OTZkOTU2NTQzMTk3ZjE2M2RlMB4XDTIyMDMy
MzExNTY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE1MmUwYjJjOGZl
YWU1OWVjYTNjZjM0NTEwODIwZWM0Mzc0NjRjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN++lC/AIdlBRRFlFR+WZd9lfeZFB7IAyfj3awVnNfD/iWi+
SSoId01d1K6oSuVBUSc2yXRw5xeVJ3p9bkhhp8nEavIc2iNptApH6s/3IovjHeiw
1HByZ5nEh5hdoCj0CWDPQ9alONxLz24CCoO+MaIO8rKJqJ8A5djytiaPlUxgQ5fM
dpRulweYkDzpkEnqIbA2gY8HoQAh0eZXo0FPVUjs9vAIM5mhkTRQm1BPHQ+SghAP
3o0iyWF+qZeHGWwsJGKJnNYHRpOxwqkP+cbChkDzD6/VjPBkiy3TlUQiUkvuN20Y
l7T7iZH8dzgX2P9dz4woewtVR5ZG5+SJoub7YVkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRhUuCyyP6uWeyjzzRRCCDsQ3RkyjAfBgNVHSMEGDAWgBSs+RDzYpHDwiTd
tZbZVlQxl/Fj3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JQa1E4MktSdzhJazNiV1cyVlpVTVpmeFk5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMWY1ZTA3LTMyYjYtNDExNC04YjBkLWQzYjU4ZjY5ODE0OC8x
L1lWTGdzc2otcmxuc284ODBVUWdnN0VOMFpNby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MWY1ZTA3LTMyYjYtNDExNC04YjBkLWQzYjU4ZjY5ODE0OC8xL3JQa1E4MktSdzhJ
azNiV1cyVlpVTVpmeFk5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFz5BQMEAdmTeAMEAtmTfDANBgkq
hkiG9w0BAQsFAAOCAQEADJ/hqmuqjSnCWhmwGbK9coK7WmjtqZYWAMstHQ6WWty1
iKXm3gLjqayugpr8tllnDcpdGYJLfR4x+6kv9i9dGfwwwmWHfRzFxAVLU4/LENvt
97Gtciq3JwLYOFyiY0Nu2J0Hn1uCWxEluuQryFza3Ac7G1wPQUPvBqJlIO1N3Z6P
lPRSch8Tda2nYylH8fsL7yjEbL4CraTxNOI3tcw6KaizVzabC+rYcCrjfbXWA8ic
1EmojKna8rYTkQAyaWihVJKZnOfUMZEFQRSbF2RdkKfJqjq1AnaxbELcGJ8W/yV0
OK3EAhjXdcaawANaAjRZZPXETh168bJ9FPWsdl5EKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org