Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/YR3-a1GO-I50Z0J1OEZZeWHv9sk.roa
File: YR3-a1GO-I50Z0J1OEZZeWHv9sk.roa (raw, json)
Hash identifier: gGClh1xRD6riOVwiXP8Zm3u53PQRDr/5mS5Wxv0IvMA=
Subject key identifier: 61:1D:FE:6B:51:8E:F8:8E:74:67:42:75:38:46:59:79:61:EF:F6:C9
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 029341E0
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/YR3-a1GO-I50Z0J1OEZZeWHv9sk.roa
Signing time: Sat 01 Jan 2022 06:59:04 +0000
ROA not before: Sat 01 Jan 2022 06:59:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.69.223.0/24 maxlen: 24
185.69.221.0/24 maxlen: 24
185.69.222.0/24 maxlen: 24
185.69.220.0/24 maxlen: 24
185.69.220.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43205088 (0x29341e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 06:59:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=611dfe6b518ef88e746742753846597961eff6c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:7f:81:1b:b1:26:0a:80:6e:84:d4:e7:e4:
e6:17:fd:97:41:ee:ff:ac:e2:54:38:9e:ea:ca:32:
a3:61:89:56:7c:ea:1c:c7:2b:11:8d:2e:0e:f7:51:
d7:96:42:9c:44:3e:91:eb:8a:32:aa:f5:81:fe:71:
44:c5:10:72:26:4c:15:7e:bd:24:ee:1b:be:68:6c:
6a:8f:ec:ea:9f:ef:f9:ee:a8:4e:cb:a5:25:01:df:
84:20:6e:e8:fd:4a:cb:47:fd:a8:7c:1f:2b:be:12:
82:d2:ce:23:29:52:ef:29:80:89:be:d6:de:47:c6:
10:c1:a1:1e:82:d6:cd:c8:d2:fc:31:67:9d:de:98:
d5:ff:98:24:b9:13:61:54:f8:3a:56:6a:82:26:c5:
c3:a6:28:2c:05:04:20:11:9e:3c:48:70:ea:84:3d:
97:2e:02:f3:1b:23:14:85:5a:6a:a6:c6:32:a2:f5:
c6:c0:51:c9:d9:fc:5d:d6:b5:42:34:8b:3a:44:5f:
f2:89:28:7f:15:ed:0c:27:68:6d:91:01:bc:6d:3f:
38:55:8e:81:8d:98:87:f9:b9:4b:3b:dc:60:66:a1:
c9:20:81:da:0e:4b:ae:3c:6d:5a:05:db:47:10:99:
4a:24:16:4f:0e:a4:a6:4b:81:0d:79:c3:51:2c:fb:
3d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1D:FE:6B:51:8E:F8:8E:74:67:42:75:38:46:59:79:61:EF:F6:C9
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/YR3-a1GO-I50Z0J1OEZZeWHv9sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.220.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:15:f4:1b:d7:f9:66:df:89:05:80:39:a0:6e:1f:38:e9:e9:
cc:c7:db:ed:8d:f8:8d:07:88:5a:03:66:09:ab:42:8a:76:ab:
79:ac:56:ce:91:5a:6c:03:cb:e6:b2:0b:b3:3c:61:b2:c0:0e:
20:56:39:df:f8:a0:1d:eb:cc:f5:de:e7:f7:ee:44:59:b6:15:
20:6b:44:f6:87:9d:2f:a3:f5:6f:fa:18:b9:4f:43:75:f8:15:
c3:39:07:9f:f0:87:09:eb:1d:2f:95:22:c2:ec:5b:06:be:b5:
61:b1:ec:76:d3:20:b4:df:cb:f9:c4:da:c1:de:9b:43:2b:aa:
6f:fe:ed:69:ef:7a:d6:a6:9c:24:e2:7e:a1:a7:20:24:c1:e0:
59:09:e4:15:5e:b9:b8:cb:06:22:17:0c:00:36:cd:3d:34:6a:
a6:3b:09:ff:ab:d2:41:f9:a6:0d:67:14:b8:d2:7a:f2:bd:c4:
57:aa:d5:d8:90:30:84:34:e1:80:79:9f:b5:fe:a0:96:37:76:
f3:3c:7c:4e:1c:bf:3d:06:c8:50:d2:36:b7:da:20:46:d9:c0:
3f:a2:d3:27:40:8e:61:c8:b6:af:ed:2b:c4:99:d0:cf:b3:0a:
16:06:c6:9a:32:fa:fc:7b:23:d5:b6:cb:6d:61:5e:95:8a:44:
83:87:ea:1a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEApNB4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWVhODkzNmY4ZTUzMDYzYjRiM2JkZjBmM2IxNWIyYWU2NjdlZjEzMB4XDTIyMDEw
MTA2NTkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjExZGZlNmI1MThl
Zjg4ZTc0Njc0Mjc1Mzg0NjU5Nzk2MWVmZjZjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3+f4EbsSYKgG6E1Ofk5hf9l0Hu/6ziVDie6soyo2GJVnzq
HMcrEY0uDvdR15ZCnEQ+keuKMqr1gf5xRMUQciZMFX69JO4bvmhsao/s6p/v+e6o
TsulJQHfhCBu6P1Ky0f9qHwfK74SgtLOIylS7ymAib7W3kfGEMGhHoLWzcjS/DFn
nd6Y1f+YJLkTYVT4OlZqgibFw6YoLAUEIBGePEhw6oQ9ly4C8xsjFIVaaqbGMqL1
xsBRydn8Xda1QjSLOkRf8okofxXtDCdobZEBvG0/OFWOgY2Yh/m5SzvcYGahySCB
2g5LrjxtWgXbRxCZSiQWTw6kpkuBDXnDUSz7PdUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRhHf5rUY74jnRnQnU4Rll5Ye/2yTAfBgNVHSMEGDAWgBS56ok2+OUwY7Sz
vfDzsVsq5mfvEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VlcUpOdmpsTUdPMHM3M3c4N0ZiS3Vabjd4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvZWMyOWUyLTM0NDAtNDA5YS05ODZhLWIyNTA5OTdmYzc1ZC8x
L1lSMy1hMUdPLUk1MFowSjFPRVpaZVdIdjlzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
ZWMyOWUyLTM0NDAtNDA5YS05ODZhLWIyNTA5OTdmYzc1ZC8xL3VlcUpOdmpsTUdP
MHM3M3c4N0ZiS3Vabjd4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlF3DANBgkqhkiG9w0BAQsFAAOC
AQEAuhX0G9f5Zt+JBYA5oG4fOOnpzMfb7Y34jQeIWgNmCatCinareaxWzpFabAPL
5rILszxhssAOIFY53/igHevM9d7n9+5EWbYVIGtE9oedL6P1b/oYuU9DdfgVwzkH
n/CHCesdL5UiwuxbBr61YbHsdtMgtN/L+cTawd6bQyuqb/7tae961qacJOJ+oacg
JMHgWQnkFV65uMsGIhcMADbNPTRqpjsJ/6vSQfmmDWcUuNJ68r3EV6rV2JAwhDTh
gHmftf6gljd28zx8Thy/PQbIUNI2t9ogRtnAP6LTJ0COYci2r+0rxJnQz7MKFgbG
mjL6/Hsj1bbLbWFelYpEg4fqGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org