Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/YspsV3P2K2E6JIUSSj98sSkGLME.roa
File: YspsV3P2K2E6JIUSSj98sSkGLME.roa (raw, json)
Hash identifier: MyA8aIG2BzWR3cfMazinSreO0XP64VZifGiXa1uYf/A=
Subject key identifier: 62:CA:6C:57:73:F6:2B:61:3A:24:85:12:4A:3F:7C:B1:29:06:2C:C1
Certificate issuer: /CN=10e8da8407f9f748e81fe9da9eb06b3b17d067dd
Certificate serial: 32E0FAFA
Authority key identifier: 10:E8:DA:84:07:F9:F7:48:E8:1F:E9:DA:9E:B0:6B:3B:17:D0:67:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EOjahAf590joH-nanrBrOxfQZ90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/YspsV3P2K2E6JIUSSj98sSkGLME.roa
Signing time: Sun 20 Feb 2022 10:29:46 +0000
ROA not before: Sun 20 Feb 2022 10:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57468
IP address blocks: 194.60.240.0/23 maxlen: 23
45.15.220.0/22 maxlen: 22
194.60.241.0/24 maxlen: 24
185.6.210.0/24 maxlen: 24
185.6.208.0/22 maxlen: 22
185.6.211.0/24 maxlen: 24
185.6.209.0/24 maxlen: 24
185.144.32.0/22 maxlen: 22
2a03:1040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 853605114 (0x32e0fafa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10e8da8407f9f748e81fe9da9eb06b3b17d067dd
Validity
Not Before: Feb 20 10:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62ca6c5773f62b613a2485124a3f7cb129062cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e8:37:00:98:3a:68:bf:8c:40:39:f7:c8:fc:
8a:b1:67:4d:3d:ba:33:75:9a:af:70:a6:40:b6:53:
ac:35:d7:5f:c0:4a:30:f1:ea:5b:05:78:40:cb:4d:
51:1a:0c:2f:9a:8c:d3:0c:61:c0:c1:a8:d7:66:34:
cf:cd:5a:19:0a:7a:c7:47:37:a1:77:2e:11:8b:d5:
af:ac:39:98:14:1a:f7:eb:32:e6:d4:d4:ed:16:f4:
e6:7a:93:31:c6:3c:02:95:3d:2f:f9:b1:7a:28:46:
4a:fc:ce:a8:85:b2:2e:eb:27:e1:07:73:58:e7:eb:
58:ac:86:c0:81:2c:62:ed:7b:90:d5:a7:37:54:5f:
77:3a:59:f7:6b:d9:d3:d9:fc:a1:66:5f:24:19:36:
86:8c:c4:dd:96:a2:86:f1:0a:f6:e3:06:4e:39:fc:
d3:2d:1e:69:9e:f0:91:f5:b7:ba:76:e3:ef:1c:ad:
50:b5:a7:8e:67:cd:4c:7f:16:31:d0:cd:bd:07:cd:
a4:48:10:5a:f8:c2:4e:12:5c:bd:4e:2b:9a:58:45:
52:bf:ee:ae:59:82:d5:6a:67:44:21:65:ca:5f:61:
a0:83:3c:04:d0:b6:b4:67:d7:4f:df:9f:69:b5:f1:
0d:5c:8c:43:d7:9d:68:66:1b:82:81:f2:c5:52:2c:
02:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:CA:6C:57:73:F6:2B:61:3A:24:85:12:4A:3F:7C:B1:29:06:2C:C1
X509v3 Authority Key Identifier:
keyid:10:E8:DA:84:07:F9:F7:48:E8:1F:E9:DA:9E:B0:6B:3B:17:D0:67:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EOjahAf590joH-nanrBrOxfQZ90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/YspsV3P2K2E6JIUSSj98sSkGLME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/EOjahAf590joH-nanrBrOxfQZ90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.220.0/22
185.6.208.0/22
185.144.32.0/22
194.60.240.0/23
IPv6:
2a03:1040::/32
Signature Algorithm: sha256WithRSAEncryption
0f:1f:59:01:57:7f:a1:0e:57:57:e4:01:1a:32:56:ca:3b:19:
7f:b8:3e:fe:4c:7f:ba:55:ca:f2:97:8b:a2:df:db:d3:c2:f0:
6c:33:d8:db:eb:e1:7b:24:9f:1f:c3:c6:ac:8d:50:ad:bf:b6:
72:d4:23:25:ba:23:d6:fb:e7:bf:6b:3d:f9:3d:2e:19:f7:5c:
15:80:e8:78:1b:4d:20:75:d6:1b:65:d8:0d:ae:b9:27:21:0e:
2e:e0:bf:91:18:5e:15:f5:b5:e5:ee:1d:7b:9c:46:fd:bd:c8:
f9:d4:17:ac:61:70:4b:b5:e9:dc:c5:b6:a0:a2:4c:25:1d:d9:
85:25:99:22:0b:43:2b:0a:ac:06:1c:24:96:a1:10:d5:bf:33:
45:48:10:7f:72:de:1c:f3:98:6c:2b:e4:a9:b9:be:30:9f:b8:
c7:11:ed:e4:2a:99:23:41:00:3e:79:ad:b2:51:47:9a:f4:97:
a3:96:46:9a:cb:2f:0d:aa:b5:93:01:6f:5a:f4:a0:82:f8:6e:
aa:8f:4f:3d:87:80:67:82:95:af:7d:c5:2c:b1:72:7e:fe:dc:
68:d8:7d:6e:68:1c:8b:1c:79:d5:25:f5:ba:29:3e:53:4f:7f:
8a:cb:40:f4:81:b0:6c:eb:31:25:1c:d9:78:6f:c5:aa:d5:f1:
e7:21:cb:a8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEMuD6+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MGU4ZGE4NDA3ZjlmNzQ4ZTgxZmU5ZGE5ZWIwNmIzYjE3ZDA2N2RkMB4XDTIyMDIy
MDEwMjk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJjYTZjNTc3M2Y2
MmI2MTNhMjQ4NTEyNGEzZjdjYjEyOTA2MmNjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvoNwCYOmi/jEA598j8irFnTT26M3War3CmQLZTrDXXX8BK
MPHqWwV4QMtNURoML5qM0wxhwMGo12Y0z81aGQp6x0c3oXcuEYvVr6w5mBQa9+sy
5tTU7Rb05nqTMcY8ApU9L/mxeihGSvzOqIWyLusn4QdzWOfrWKyGwIEsYu17kNWn
N1RfdzpZ92vZ09n8oWZfJBk2hozE3ZaihvEK9uMGTjn80y0eaZ7wkfW3unbj7xyt
ULWnjmfNTH8WMdDNvQfNpEgQWvjCThJcvU4rmlhFUr/urlmC1WpnRCFlyl9hoIM8
BNC2tGfXT9+fabXxDVyMQ9edaGYbgoHyxVIsAgkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRiymxXc/YrYTokhRJKP3yxKQYswTAfBgNVHSMEGDAWgBQQ6NqEB/n3SOgf
6dqesGs7F9Bn3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VPamFoQWY1OTBqb0gtbmFuckJyT3hmUVo5MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvNTU0OTg4LWQxYTktNGI1NC05M2VlLTJjZWVhNWNhZjNhMC8x
L1lzcHNWM1AySzJFNkpJVVNTajk4c1NrR0xNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
NTU0OTg4LWQxYTktNGI1NC05M2VlLTJjZWVhNWNhZjNhMC8xL0VPamFoQWY1OTBq
b0gtbmFuckJyT3hmUVo5MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi0P3AMEArkG0AMEArmQIAMEAcI8
8DANBAIAAjAHAwUAKgMQQDANBgkqhkiG9w0BAQsFAAOCAQEADx9ZAVd/oQ5XV+QB
GjJWyjsZf7g+/kx/ulXK8peLot/b08LwbDPY2+vheySfH8PGrI1Qrb+2ctQjJboj
1vvnv2s9+T0uGfdcFYDoeBtNIHXWG2XYDa65JyEOLuC/kRheFfW15e4de5xG/b3I
+dQXrGFwS7Xp3MW2oKJMJR3ZhSWZIgtDKwqsBhwklqEQ1b8zRUgQf3LeHPOYbCvk
qbm+MJ+4xxHt5CqZI0EAPnmtslFHmvSXo5ZGmssvDaq1kwFvWvSggvhuqo9PPYeA
Z4KVr33FLLFyfv7caNh9bmgcixx51SX1uik+U09/istA9IGwbOsxJRzZeG/FqtXx
5yHLqA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:51 2023 by rpki-client on console-fra.rpki-client.org