Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ySUf5VcSnxPCtTlUmFJL0o_4EhY.roa
File: ySUf5VcSnxPCtTlUmFJL0o_4EhY.roa (raw, json)
Hash identifier: FCf2Pv/NNAAUmBEA3XTY6UZh774KbDKgu1X4hsZEOKY=
Subject key identifier: C9:25:1F:E5:57:12:9F:13:C2:B5:39:54:98:52:4B:D2:8F:F8:12:16
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 0E9997D1
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ySUf5VcSnxPCtTlUmFJL0o_4EhY.roa
Signing time: Sat 01 Jan 2022 13:05:47 +0000
ROA not before: Sat 01 Jan 2022 13:05:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12578
IP address blocks: 95.68.0.0/17 maxlen: 17
78.84.0.0/16 maxlen: 16
185.38.56.0/22 maxlen: 22
62.85.0.0/17 maxlen: 17
46.109.0.0/16 maxlen: 16
91.105.0.0/17 maxlen: 17
2a02:2330::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 244946897 (0xe9997d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Jan 1 13:05:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9251fe557129f13c2b5395498524bd28ff81216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:30:01:1d:38:aa:34:e0:f2:0c:d6:29:f0:80:
aa:56:75:3e:e4:ea:52:38:15:37:fd:8d:b2:ea:c3:
7f:fc:0c:ee:1a:1a:b5:63:e8:4b:a9:78:7b:14:b6:
c3:8e:25:4a:ea:06:85:e0:f4:a6:bb:67:e6:7d:7c:
4d:39:cc:15:58:1f:53:df:62:5b:53:df:23:4e:26:
7e:70:33:c0:6d:59:29:0d:28:48:97:d8:e8:d7:6f:
c6:94:4f:9e:cd:19:39:c3:96:a4:6a:d2:93:8b:ca:
fb:3a:38:08:82:4a:7b:21:9a:e2:47:89:46:69:41:
cc:5a:50:7c:7e:f8:79:4f:bb:59:70:a1:5b:40:3d:
25:3b:24:93:e2:a3:85:5c:6c:27:3b:ce:f6:4d:ad:
26:7f:56:3d:af:e9:a3:34:e3:a9:b8:31:43:f5:34:
d9:e8:1e:3f:81:0c:86:a9:bd:38:3e:5d:a3:c3:9f:
6d:bd:5e:5a:1f:00:ec:b7:67:9f:69:2d:72:fe:7a:
f3:07:8d:fa:10:1e:74:a3:54:ac:45:91:11:7a:a1:
31:53:15:c0:1f:c2:76:50:f5:9b:aa:67:db:de:6a:
c5:96:d8:fc:59:f9:99:6c:7b:35:36:c8:77:70:25:
e3:a4:cc:1f:bc:e7:8c:a2:3b:bf:82:96:f9:4b:aa:
25:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:25:1F:E5:57:12:9F:13:C2:B5:39:54:98:52:4B:D2:8F:F8:12:16
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ySUf5VcSnxPCtTlUmFJL0o_4EhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.85.0.0/17
78.84.0.0/16
91.105.0.0/17
95.68.0.0/17
185.38.56.0/22
IPv6:
2a02:2330::/29
Signature Algorithm: sha256WithRSAEncryption
a9:4e:6a:75:ff:07:9c:0d:aa:38:37:78:6d:1f:ea:1b:f9:03:
02:ae:de:a6:87:25:0c:71:e4:69:e7:ae:9c:53:b0:01:11:f4:
f8:46:97:ad:eb:71:9a:d1:ad:1f:83:67:37:74:a2:89:87:fa:
49:4b:dd:d9:23:7f:c7:50:37:1a:88:70:95:e2:99:95:56:c9:
a5:4b:e3:4c:7e:53:1d:59:e4:77:f3:b9:9c:d2:ae:2a:85:19:
9c:1a:05:e2:d9:e1:c6:e1:3f:61:86:37:06:06:26:23:04:ee:
df:f6:b1:d7:a9:35:71:7e:d9:1e:e8:45:76:40:6a:6d:e4:9a:
70:5e:95:4e:62:57:b2:ed:f2:e9:8c:74:48:c3:16:31:79:e5:
5b:4c:4f:95:7f:98:5c:51:a9:53:dd:56:24:38:67:4a:ec:e6:
df:6b:cc:cb:6c:c2:d0:3f:a4:07:1d:db:d5:92:e3:72:a7:fc:
7c:da:7f:49:ef:e9:98:05:c5:28:2d:c5:61:33:8a:49:49:36:
9c:f2:4f:bc:ac:12:3d:5f:d9:5b:9f:96:34:1a:5b:f2:bb:d4:
7b:52:d5:c1:69:c4:e2:64:6e:fb:af:f2:40:54:95:33:78:a3:
9e:23:e3:af:94:c6:d8:4f:b3:65:16:fd:fb:13:64:a9:e2:0d:
26:33:75:e0
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEDpmX0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
M2JlMDdjYjFmZDRmMWUzYzkyMjMwM2I2NzBhODgxYjgyZTYxNDkxMB4XDTIyMDEw
MTEzMDU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzkyNTFmZTU1NzEy
OWYxM2MyYjUzOTU0OTg1MjRiZDI4ZmY4MTIxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALswAR04qjTg8gzWKfCAqlZ1PuTqUjgVN/2NsurDf/wM7hoa
tWPoS6l4exS2w44lSuoGheD0prtn5n18TTnMFVgfU99iW1PfI04mfnAzwG1ZKQ0o
SJfY6NdvxpRPns0ZOcOWpGrSk4vK+zo4CIJKeyGa4keJRmlBzFpQfH74eU+7WXCh
W0A9JTskk+KjhVxsJzvO9k2tJn9WPa/pozTjqbgxQ/U02egeP4EMhqm9OD5do8Of
bb1eWh8A7Ldnn2ktcv568weN+hAedKNUrEWREXqhMVMVwB/CdlD1m6pn295qxZbY
/Fn5mWx7NTbId3Al46TMH7znjKI7v4KW+UuqJf8CAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBTJJR/lVxKfE8K1OVSYUkvSj/gSFjAfBgNVHSMEGDAWgBTjvgfLH9Tx48ki
MDtnCogbguYUkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ3NEh5eF9VOGVQSklqQTdad3FJRzRMbUZKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvOGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8x
L3lTVWY1VmNTbnhQQ3RUbFVtRkpMMG9fNEVoWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
OGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8xLzQ3NEh5eF9VOGVQ
SklqQTdad3FJRzRMbUZKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwKAQCAAEwIgMDAC5tAwQHPlUAAwMATlQDBAdbaQAD
BAdfRAADBAK5JjgwDQQCAAIwBwMFAyoCIzAwDQYJKoZIhvcNAQELBQADggEBAKlO
anX/B5wNqjg3eG0f6hv5AwKu3qaHJQxx5GnnrpxTsAER9PhGl63rcZrRrR+DZzd0
oomH+klL3dkjf8dQNxqIcJXimZVWyaVL40x+Ux1Z5HfzuZzSriqFGZwaBeLZ4cbh
P2GGNwYGJiME7t/2sdepNXF+2R7oRXZAam3kmnBelU5iV7Lt8umMdEjDFjF55VtM
T5V/mFxRqVPdViQ4Z0rs5t9rzMtswtA/pAcd29WS43Kn/Hzaf0nv6ZgFxSgtxWEz
iklJNpzyT7ysEj1f2VufljQaW/K71HtS1cFpxOJkbvuv8kBUlTN4o54j46+UxthP
s2UW/fsTZKniDSYzdeA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:52 2023 by rpki-client on console-fra.rpki-client.org