Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/yEfy_UE1z3ikzN_b_55k0R_jmMM.roa
File: yEfy_UE1z3ikzN_b_55k0R_jmMM.roa (raw, json)
Hash identifier: FDmDsOXfXRSVPM1B2PQNjVp+mNnYckkot8d8A2qyNGM=
Subject key identifier: C8:47:F2:FD:41:35:CF:78:A4:CC:DF:DB:FF:9E:64:D1:1F:E3:98:C3
Certificate issuer: /CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Certificate serial: 9C04CC
Authority key identifier: CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/yEfy_UE1z3ikzN_b_55k0R_jmMM.roa
Signing time: Sat 01 Jan 2022 00:53:05 +0000
ROA not before: Sat 01 Jan 2022 00:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39869
IP address blocks: 89.107.152.0/21 maxlen: 21
31.6.64.0/21 maxlen: 21
185.24.216.0/22 maxlen: 22
178.19.96.0/20 maxlen: 20
212.59.224.0/19 maxlen: 19
185.230.108.0/22 maxlen: 22
91.188.96.0/19 maxlen: 19
2a02:2430::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10224844 (0x9c04cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Validity
Not Before: Jan 1 00:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c847f2fd4135cf78a4ccdfdbff9e64d11fe398c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ed:02:e1:30:95:1c:f9:11:e9:0c:de:32:a5:
46:aa:0f:18:b7:ab:cc:a7:39:fb:5a:1b:f1:27:e4:
ac:4f:06:a3:44:b7:7c:cc:96:13:d5:bb:70:a2:2e:
e7:9b:5c:f4:14:9a:09:ba:64:60:6c:5a:aa:99:fe:
55:84:39:78:24:1e:e8:de:eb:f4:32:f2:80:d7:9a:
95:e9:0c:af:62:19:5e:0e:f4:63:70:73:9d:67:36:
ad:5e:3b:a1:3d:d3:91:f2:66:5a:56:b1:c5:d7:e0:
c5:42:0d:9b:4f:22:cd:3a:e8:60:ce:86:28:00:6a:
3d:ff:80:4d:8e:ec:30:a3:89:f8:57:fc:d3:75:cb:
b7:6b:ea:c9:9e:50:f1:d9:05:07:17:b2:9e:f1:a1:
0c:e3:7f:3f:97:28:1e:a1:49:4a:41:0c:c8:39:6d:
de:f0:a8:0b:03:4f:4d:ee:23:0b:c0:72:3e:d4:9d:
7c:28:a0:5f:93:74:9c:e9:90:ff:f3:b4:36:be:9b:
63:d4:d6:67:08:85:7e:78:d5:94:8f:8b:5c:85:b4:
36:fc:c1:b9:da:2c:b5:fc:6a:16:bc:8a:d8:dc:61:
ed:44:69:52:78:0d:5d:1f:31:29:b6:ff:c3:7c:6d:
91:70:73:d5:62:50:8a:2b:20:41:1c:ad:81:d2:85:
e5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:47:F2:FD:41:35:CF:78:A4:CC:DF:DB:FF:9E:64:D1:1F:E3:98:C3
X509v3 Authority Key Identifier:
keyid:CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/yEfy_UE1z3ikzN_b_55k0R_jmMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/zWj3o5G3sWSe1JA0gtPpMe0049g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.64.0/21
89.107.152.0/21
91.188.96.0/19
178.19.96.0/20
185.24.216.0/22
185.230.108.0/22
212.59.224.0/19
IPv6:
2a02:2430::/32
Signature Algorithm: sha256WithRSAEncryption
2b:56:d6:48:29:42:4b:b5:02:e2:30:0a:b5:60:1c:3d:28:09:
6a:b5:49:c1:bc:1b:5f:86:6e:0a:96:a8:49:23:33:1a:1d:58:
0a:10:2b:f3:fd:91:fa:d5:86:a1:60:5a:ff:d6:56:73:f0:b8:
5c:66:b0:e2:86:85:22:aa:65:37:86:71:77:44:32:dc:4b:0e:
96:d5:a8:9a:11:ed:09:c3:3b:25:d7:4e:33:cf:57:23:ee:18:
c4:d1:7c:02:0e:12:79:13:78:dc:09:1b:68:3b:e1:2b:c3:88:
5e:b1:50:e5:b5:eb:4c:41:f8:c9:6c:12:93:29:4d:ea:2e:e2:
15:e0:32:61:df:7b:5d:60:69:67:cd:a6:e4:3a:ea:54:a7:81:
0b:11:36:06:8c:31:f0:a1:23:95:dd:12:b8:06:54:53:f3:77:
aa:b6:40:3a:26:76:ec:10:7d:58:80:e3:71:c8:ee:27:c2:d8:
4f:ba:2b:da:b9:e8:91:3d:dd:e4:34:f7:29:64:50:6e:1f:49:
04:f6:73:f5:7f:52:09:58:e3:dd:e4:f5:40:23:b4:23:84:7e:
d7:a5:66:dc:5a:ad:a6:59:a8:3d:36:db:cf:44:1c:b1:67:f5:
72:ee:78:d9:17:91:64:f9:be:eb:16:5d:bf:2b:3e:d8:2c:4c:
c5:38:f5:cf
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEAJwEzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDY4ZjdhMzkxYjdiMTY0OWVkNDkwMzQ4MmQzZTkzMWVkMzRlM2Q4MB4XDTIyMDEw
MTAwNTMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg0N2YyZmQ0MTM1
Y2Y3OGE0Y2NkZmRiZmY5ZTY0ZDExZmUzOThjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIztAuEwlRz5EekM3jKlRqoPGLerzKc5+1ob8SfkrE8Go0S3
fMyWE9W7cKIu55tc9BSaCbpkYGxaqpn+VYQ5eCQe6N7r9DLygNealekMr2IZXg70
Y3BznWc2rV47oT3TkfJmWlaxxdfgxUINm08izTroYM6GKABqPf+ATY7sMKOJ+Ff8
03XLt2vqyZ5Q8dkFBxeynvGhDON/P5coHqFJSkEMyDlt3vCoCwNPTe4jC8ByPtSd
fCigX5N0nOmQ//O0Nr6bY9TWZwiFfnjVlI+LXIW0NvzBudostfxqFryK2Nxh7URp
UngNXR8xKbb/w3xtkXBz1WJQiisgQRytgdKF5fUCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTIR/L9QTXPeKTM39v/nmTRH+OYwzAfBgNVHSMEGDAWgBTNaPejkbexZJ7U
kDSC0+kx7TTj2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pXajNvNUczc1dTZTFKQTBndFBwTWUwMDQ5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvOGIwNWJmLTMzZjEtNGI1Yi04OGE0LTE2NzNhZDhjNDAxMi8x
L3lFZnlfVUUxejNpa3pOX2JfNTVrMFJfam1NTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
OGIwNWJmLTMzZjEtNGI1Yi04OGE0LTE2NzNhZDhjNDAxMi8xL3pXajNvNUczc1dT
ZTFKQTBndFBwTWUwMDQ5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAx8GQAMEA1lrmAMEBVu8YAMEBLIT
YAMEArkY2AMEArnmbAMEBdQ74DANBAIAAjAHAwUAKgIkMDANBgkqhkiG9w0BAQsF
AAOCAQEAK1bWSClCS7UC4jAKtWAcPSgJarVJwbwbX4ZuCpaoSSMzGh1YChAr8/2R
+tWGoWBa/9ZWc/C4XGaw4oaFIqplN4Zxd0Qy3EsOltWomhHtCcM7JddOM89XI+4Y
xNF8Ag4SeRN43AkbaDvhK8OIXrFQ5bXrTEH4yWwSkylN6i7iFeAyYd97XWBpZ82m
5DrqVKeBCxE2Bowx8KEjld0SuAZUU/N3qrZAOiZ27BB9WIDjccjuJ8LYT7or2rno
kT3d5DT3KWRQbh9JBPZz9X9SCVjj3eT1QCO0I4R+16Vm3FqtplmoPTbbz0QcsWf1
cu542ReRZPm+6xZdvys+2CxMxTj1zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:23 2024 by rpki-client on console-ams.rpki-client.org