Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ykejdkvDoeDw2UODyQrLlUdElvM.roa
File: ykejdkvDoeDw2UODyQrLlUdElvM.roa (raw, json)
Hash identifier: Sz7RsuYz7G15uCPoag4TDSm4sQtXK6sZuhy6R2ipjYE=
Subject key identifier: CA:47:A3:76:4B:C3:A1:E0:F0:D9:43:83:C9:0A:CB:95:47:44:96:F3
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 0182EB24AE90942ED0541805768BD660020A
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ykejdkvDoeDw2UODyQrLlUdElvM.roa
Signing time: Mon 29 Aug 2022 19:47:05 +0000
ROA not before: Mon 29 Aug 2022 19:47:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 185.125.200.0/22 maxlen: 24
95.140.152.0/21 maxlen: 21
80.90.184.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:eb:24:ae:90:94:2e:d0:54:18:05:76:8b:d6:60:02:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Aug 29 19:47:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca47a3764bc3a1e0f0d94383c90acb95474496f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fd:f9:1e:44:b7:98:d4:a7:2f:4d:81:8c:82:
4b:97:52:f5:80:f2:5a:63:2b:d2:b5:1c:62:d2:69:
4d:d5:a9:8e:8a:d8:7a:9b:3f:59:e0:4e:b1:6f:d5:
e3:4d:47:79:1e:44:aa:7c:b0:e0:c9:48:83:f8:d2:
94:f0:bf:7f:c4:4d:bc:54:9d:f2:88:a6:79:39:da:
03:3e:34:39:48:93:49:bd:40:b4:cb:22:49:93:ec:
a2:8d:d2:df:a3:52:73:81:75:fc:ba:40:f3:61:01:
98:1d:8f:58:35:5f:dd:3d:d6:09:0c:6d:47:c7:33:
c9:da:a9:5a:c6:c8:e9:d1:90:94:72:16:86:2b:db:
eb:19:76:a7:f2:88:85:0a:91:97:5c:1b:63:ab:63:
45:5e:46:65:48:bc:92:9c:5d:17:3e:24:ba:aa:fb:
ee:c3:a5:3e:38:bd:f0:83:ad:d0:07:21:07:50:2c:
e7:47:cc:9f:0f:c2:20:76:2a:bf:2a:d7:a6:21:7e:
ca:9e:ef:00:11:ae:0a:7a:00:76:1c:66:32:bf:88:
93:1b:3d:11:90:7c:7c:ad:44:17:ae:54:5f:e5:7a:
53:bb:a8:7a:d4:aa:f1:dd:f1:86:99:41:38:0b:5f:
8e:6f:b1:21:0b:59:02:ea:b1:1e:e9:7a:96:0e:b1:
12:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:47:A3:76:4B:C3:A1:E0:F0:D9:43:83:C9:0A:CB:95:47:44:96:F3
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ykejdkvDoeDw2UODyQrLlUdElvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.184.0/21
95.140.152.0/21
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:36:a5:37:18:71:37:20:1a:9d:0f:1b:ff:e0:c2:bc:2a:10:
f4:ec:11:4d:83:cd:30:ac:71:1a:aa:d1:e4:7e:55:af:ae:80:
cc:00:a8:d7:36:d6:44:00:52:9e:57:ef:25:cf:7e:7d:26:19:
b9:47:86:76:cf:6e:d5:9e:b5:c4:44:4a:1b:d8:e2:a8:06:e3:
4e:d1:89:9c:4d:d8:1a:ca:dd:7d:d4:af:12:71:24:ca:ce:e3:
21:83:c4:e4:1d:30:40:ec:b8:bd:87:f0:05:55:d4:79:7e:9a:
6b:17:1f:21:14:22:0a:9e:24:c9:5d:d5:65:da:87:d4:a4:89:
04:a3:e0:52:89:92:8d:cb:80:78:b6:7d:e3:df:08:a5:ca:0c:
0e:ca:0b:d9:59:ed:92:1c:9f:1b:82:c6:36:ec:fb:20:53:d3:
7f:f7:cc:25:96:35:eb:81:8d:f5:3e:2b:46:cc:f0:09:ee:8a:
b2:00:d5:02:bf:49:e4:00:83:e4:38:6f:a4:7c:02:e3:82:02:
67:0b:24:39:63:79:da:32:d0:79:72:16:0d:79:18:13:9b:fa:
24:6d:e7:82:8b:e0:12:5f:75:87:1f:55:14:51:e3:4f:cb:90:
27:05:42:57:ae:dc:a6:16:de:48:72:46:7b:bc:b2:c2:b5:b3:
5d:d6:72:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLrJK6QlC7QVBgFdovWYAIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjIwODI5MTk0NzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ3YTM3NjRiYzNhMWUwZjBkOTQzODNjOTBhY2I5NTQ3NDQ5NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv35HkS3mNSnL02BjIJLl1L1gPJa
YyvStRxi0mlN1amOith6mz9Z4E6xb9XjTUd5HkSqfLDgyUiD+NKU8L9/xE28VJ3y
iKZ5OdoDPjQ5SJNJvUC0yyJJk+yijdLfo1JzgXX8ukDzYQGYHY9YNV/dPdYJDG1H
xzPJ2qlaxsjp0ZCUchaGK9vrGXan8oiFCpGXXBtjq2NFXkZlSLySnF0XPiS6qvvu
w6U+OL3wg63QByEHUCznR8yfD8Igdiq/KtemIX7Knu8AEa4KegB2HGYyv4iTGz0R
kHx8rUQXrlRf5XpTu6h61Krx3fGGmUE4C1+Ob7EhC1kC6rEe6XqWDrESUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMpHo3ZLw6Hg8NlDg8kKy5VHRJbzMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEveWtlamRrdkRvZUR3MlVPRHlRckxsVWRFbHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUFq4AwQD
X4yYAwQCuX3IMA0GCSqGSIb3DQEBCwUAA4IBAQA6NqU3GHE3IBqdDxv/4MK8KhD0
7BFNg80wrHEaqtHkflWvroDMAKjXNtZEAFKeV+8lz359Jhm5R4Z2z27VnrXEREob
2OKoBuNO0YmcTdgayt191K8ScSTKzuMhg8TkHTBA7Li9h/AFVdR5fpprFx8hFCIK
niTJXdVl2ofUpIkEo+BSiZKNy4B4tn3j3wilygwOygvZWe2SHJ8bgsY27PsgU9N/
98wlljXrgY31PitGzPAJ7oqyANUCv0nkAIPkOG+kfALjggJnCyQ5Y3naMtB5chYN
eRgTm/okbeeCi+ASX3WHH1UUUeNPy5AnBUJXrtymFt5IckZ7vLLCtbNd1nIV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org