Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/YRNPGVzklvnJmsg3E9mULlcldCE.roa
File: YRNPGVzklvnJmsg3E9mULlcldCE.roa (raw, json)
Hash identifier: 95C9Oo+HY93C3T9aAyTuXKgoNkcxykgElb9sqrm0Dek=
Subject key identifier: 61:13:4F:19:5C:E4:96:F9:C9:9A:C8:37:13:D9:94:2E:57:25:74:21
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 018655BE7E3D9EBE524D28AE0E0F9B86AD74
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/YRNPGVzklvnJmsg3E9mULlcldCE.roa
Signing time: Wed 15 Feb 2023 15:43:12 +0000
ROA not before: Wed 15 Feb 2023 15:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34863
IP address blocks: 85.204.24.0/23 maxlen: 24
85.204.21.0/24 maxlen: 24
85.204.20.0/23 maxlen: 24
85.204.25.0/24 maxlen: 24
81.23.34.0/24 maxlen: 24
81.23.32.0/20 maxlen: 24
89.35.96.0/20 maxlen: 24
185.63.48.0/22 maxlen: 24
185.252.195.0/24 maxlen: 24
46.226.128.0/21 maxlen: 24
185.2.252.0/22 maxlen: 24
188.94.202.0/23 maxlen: 23
188.94.201.0/24 maxlen: 24
188.94.200.0/21 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.206.0/24 maxlen: 24
188.94.204.0/22 maxlen: 22
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:be:7e:3d:9e:be:52:4d:28:ae:0e:0f:9b:86:ad:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Feb 15 15:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61134f195ce496f9c99ac83713d9942e57257421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:84:2e:82:b8:58:7c:0d:a6:ba:85:bc:8e:b0:
27:11:31:3a:2c:2e:fe:fe:2c:d1:7c:08:fe:ad:6d:
6d:57:b2:b1:29:5e:24:76:95:08:d7:44:39:e8:3f:
af:92:1f:98:14:80:f5:97:e3:d2:30:9a:4d:d2:cb:
83:e5:b1:65:35:f8:2c:7e:87:8f:67:2f:5a:17:77:
5e:27:b9:e0:67:e3:0c:1c:67:f9:d6:96:0d:cd:66:
5c:86:3a:0c:99:0c:93:1b:f8:f9:8d:f9:66:f1:dd:
2a:32:0a:3a:1b:30:76:e9:48:0d:d6:1c:ab:7c:08:
5c:cc:b9:ec:b6:10:f4:b3:e8:48:96:3b:db:76:5f:
40:bf:33:f4:44:e8:be:66:3f:23:0a:77:c3:e7:e6:
ad:92:17:99:f8:23:f5:ac:0d:1a:49:46:30:ac:d0:
5e:75:c8:a6:16:2c:87:b0:23:ef:26:ba:24:8d:bb:
e9:6e:28:61:fa:e0:ad:de:84:c9:4d:33:c1:df:8c:
f7:de:bf:9f:b6:e8:15:4e:3d:cf:85:0b:bc:25:1f:
2d:4e:aa:f0:68:33:fc:4f:06:29:37:a1:ef:26:8f:
c3:b7:c6:18:9d:89:82:4d:c1:46:6e:31:68:ca:7d:
3b:cd:4d:c5:49:83:dc:50:79:75:79:d7:1e:fa:84:
1d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:13:4F:19:5C:E4:96:F9:C9:9A:C8:37:13:D9:94:2E:57:25:74:21
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/YRNPGVzklvnJmsg3E9mULlcldCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
52:0a:2f:5c:e7:54:df:32:9b:99:c3:02:26:2f:2f:e8:46:c9:
8b:0c:e0:63:7e:fa:9c:7a:c6:87:ed:9d:ba:fe:ee:79:c7:5f:
08:60:58:a7:28:e9:ce:6b:05:8b:d6:80:76:dd:2e:66:9a:c8:
26:9a:a1:72:be:58:00:d4:eb:d0:5b:1f:ea:fa:70:1f:a7:72:
5f:a5:1f:bb:df:35:79:21:f9:4d:5a:45:37:3c:d5:8b:17:e1:
ea:a1:13:84:a3:c2:86:d6:fc:d4:17:87:fd:14:81:26:30:87:
ef:de:b9:b1:ab:6f:32:8a:c6:52:a0:36:14:da:d7:db:40:f2:
b7:25:41:2a:6d:41:fc:57:95:1b:db:3a:3b:6d:5b:7f:cb:e8:
b4:d9:7e:c8:67:e2:38:59:e4:8d:82:b2:aa:98:43:db:29:ac:
77:cc:96:cd:11:c5:8e:57:b6:9f:1e:b2:44:5b:f3:20:46:11:
65:38:72:5d:1f:58:57:1e:ed:6b:44:8d:a7:e4:56:9d:01:d8:
af:a8:1e:63:1a:f9:d2:85:17:c7:38:f8:04:16:54:5b:2d:a7:
d8:41:4e:11:8d:a7:80:17:5f:9d:03:b8:8a:73:78:32:56:1d:
8b:84:f7:ea:0a:35:83:2f:37:34:e9:3f:d6:a3:5e:65:d0:7d:
71:fa:73:64
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYZVvn49nr5STSiuDg+bhq10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjMwMjE1MTU0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTEzNGYxOTVjZTQ5NmY5Yzk5YWM4MzcxM2Q5OTQyZTU3MjU3NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4QugrhYfA2muoW8jrAnETE6LC7+
/izRfAj+rW1tV7KxKV4kdpUI10Q56D+vkh+YFID1l+PSMJpN0suD5bFlNfgsfoeP
Zy9aF3deJ7ngZ+MMHGf51pYNzWZchjoMmQyTG/j5jflm8d0qMgo6GzB26UgN1hyr
fAhczLnsthD0s+hIljvbdl9AvzP0ROi+Zj8jCnfD5+atkheZ+CP1rA0aSUYwrNBe
dcimFiyHsCPvJrokjbvpbihh+uCt3oTJTTPB34z33r+ftugVTj3PhQu8JR8tTqrw
aDP8TwYpN6HvJo/Dt8YYnYmCTcFGbjFoyn07zU3FSYPcUHl1edce+oQdfQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGETTxlc5Jb5yZrINxPZlC5XJXQhMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvWVJOUEdWemtsdm5KbXNnM0U5bVVMbGNsZENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLuKAAwQE
URcgAwQBVcwUAwQBVcwYAwQEWSNgAwQCuQL8AwQCuT8wAwQAufzDAwQDvF7IMBQE
AgACMA4DBQAqAA/IAwUAKgB4IDANBgkqhkiG9w0BAQsFAAOCAQEAUgovXOdU3zKb
mcMCJi8v6EbJiwzgY376nHrGh+2duv7uecdfCGBYpyjpzmsFi9aAdt0uZprIJpqh
cr5YANTr0Fsf6vpwH6dyX6Ufu981eSH5TVpFNzzVixfh6qEThKPChtb81BeH/RSB
JjCH7965satvMorGUqA2FNrX20DytyVBKm1B/FeVG9s6O21bf8votNl+yGfiOFnk
jYKyqphD2ymsd8yWzRHFjle2nx6yRFvzIEYRZThyXR9YVx7ta0SNp+RWnQHYr6ge
Yxr50oUXxzj4BBZUWy2n2EFOEY2ngBdfnQO4inN4MlYdi4T36go1gy83NOk/1qNe
ZdB9cfpzZA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:23:01 2025 by rpki-client