Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/YA7CLNZkKfMUGcdsXYMYact2HJc.roa
File: YA7CLNZkKfMUGcdsXYMYact2HJc.roa (raw, json)
Hash identifier: /s8q7zJvwsmrs346ka5SB88E9uCY1evX+hTh+TT+hPs=
Subject key identifier: 60:0E:C2:2C:D6:64:29:F3:14:19:C7:6C:5D:83:18:69:CB:76:1C:97
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 01822B224814F73688B0D8E0620F4E3B5DA2
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/YA7CLNZkKfMUGcdsXYMYact2HJc.roa
Signing time: Sat 23 Jul 2022 12:57:23 +0000
ROA not before: Sat 23 Jul 2022 12:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47285
IP address blocks: 185.105.236.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
45.139.9.0/24 maxlen: 24
2a12:2600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2b:22:48:14:f7:36:88:b0:d8:e0:62:0f:4e:3b:5d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Jul 23 12:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=600ec22cd66429f31419c76c5d831869cb761c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:57:ee:21:39:80:0e:c2:57:30:19:f7:b4:2f:
0e:d7:68:f0:da:c6:6b:76:c6:0c:54:24:fe:ea:ec:
a7:34:a9:45:8c:f0:a5:fd:a6:e1:be:fd:1e:98:1f:
7b:af:db:fb:bd:78:9a:0f:cb:b7:c5:bb:df:84:4b:
7e:c3:40:c4:58:4f:e0:3c:a0:69:22:b3:2c:f0:74:
7d:ba:cf:6b:33:06:3a:2b:99:6c:9a:71:0e:5c:c7:
09:36:7b:26:6f:13:6e:b4:38:2c:55:34:92:3a:96:
71:f2:fe:57:68:d5:eb:75:6c:b8:93:8b:99:46:78:
5b:c2:10:05:ff:7a:54:e4:3d:ed:d8:82:69:03:16:
12:91:e9:4d:38:3e:6c:4d:c0:a5:d1:4d:fb:06:5f:
be:d8:5c:93:6f:09:b7:63:bf:0c:00:60:1c:41:94:
c3:ae:d6:cc:81:c8:0b:63:48:7e:56:f9:9a:b1:7d:
1d:3d:67:0f:97:c1:c3:d1:21:fd:2a:03:bb:14:1e:
47:92:4f:dd:e1:85:0f:2f:ed:ec:fb:61:16:fe:93:
0d:45:bf:9e:15:dd:a1:84:30:56:c3:72:bd:9d:c5:
93:ac:d0:12:84:3f:80:f0:9b:7b:84:3e:9a:7a:3f:
c7:04:69:11:c9:68:94:da:21:ce:65:f7:18:ca:ad:
8c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0E:C2:2C:D6:64:29:F3:14:19:C7:6C:5D:83:18:69:CB:76:1C:97
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/YA7CLNZkKfMUGcdsXYMYact2HJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.9.0/24
185.105.236.0/24
185.105.238.0/24
IPv6:
2a12:2600::/29
Signature Algorithm: sha256WithRSAEncryption
89:04:ae:5a:40:41:84:4d:6d:bf:09:cc:7f:3f:7c:2d:d5:c2:
5a:6e:cd:7b:8b:03:65:0a:84:4d:f2:95:d2:02:da:b0:07:f1:
a8:05:03:1a:f5:32:9b:38:68:88:d0:2b:01:ef:12:cc:12:7a:
72:61:0c:93:00:dd:f9:26:b6:97:ff:c5:a3:42:c4:63:eb:ab:
68:03:07:29:7a:af:72:86:a3:84:3a:65:94:01:6a:70:37:39:
7d:a1:b4:f3:fa:df:53:40:64:56:19:3b:cd:95:bb:b3:7b:1a:
2c:4f:66:02:db:d6:71:f8:40:08:6d:cc:3a:35:9f:85:a6:5e:
99:a0:34:16:f9:8f:f0:4b:8c:2a:13:95:88:7d:15:6f:35:c2:
6f:00:51:2a:79:e5:30:e3:8d:58:b5:c0:55:46:fd:00:26:1a:
b3:3f:43:56:5b:e2:bd:a1:3f:d7:2c:37:58:48:e2:92:f5:53:
c2:25:c8:14:3d:6e:91:a4:d2:b7:e8:10:c5:29:b0:d6:73:bd:
cb:17:44:2a:f4:1f:10:7e:f7:46:86:c0:f7:1e:29:9e:68:b3:
37:0b:05:81:b1:34:ec:51:50:b7:fd:7e:ae:e4:b1:8a:37:81:
73:33:2b:1e:41:d3:22:d7:c3:9c:56:29:16:32:94:65:8e:dd:
35:7d:8e:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYIrIkgU9zaIsNjgYg9OO12iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIwNzIzMTI1NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBlYzIyY2Q2NjQyOWYzMTQxOWM3NmM1ZDgzMTg2OWNiNzYxYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVfuITmADsJXMBn3tC8O12jw2sZr
dsYMVCT+6uynNKlFjPCl/abhvv0emB97r9v7vXiaD8u3xbvfhEt+w0DEWE/gPKBp
IrMs8HR9us9rMwY6K5lsmnEOXMcJNnsmbxNutDgsVTSSOpZx8v5XaNXrdWy4k4uZ
RnhbwhAF/3pU5D3t2IJpAxYSkelNOD5sTcCl0U37Bl++2FyTbwm3Y78MAGAcQZTD
rtbMgcgLY0h+VvmasX0dPWcPl8HD0SH9KgO7FB5Hkk/d4YUPL+3s+2EW/pMNRb+e
Fd2hhDBWw3K9ncWTrNAShD+A8Jt7hD6aej/HBGkRyWiU2iHOZfcYyq2M0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGAOwizWZCnzFBnHbF2DGGnLdhyXMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvWUE3Q0xOWmtLZk1VR2Nkc1hZTVlhY3QySEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYsJAwQA
uWnsAwQAuWnuMA0EAgACMAcDBQMqEiYAMA0GCSqGSIb3DQEBCwUAA4IBAQCJBK5a
QEGETW2/Ccx/P3wt1cJabs17iwNlCoRN8pXSAtqwB/GoBQMa9TKbOGiI0CsB7xLM
EnpyYQyTAN35JraX/8WjQsRj66toAwcpeq9yhqOEOmWUAWpwNzl9obTz+t9TQGRW
GTvNlbuzexosT2YC29Zx+EAIbcw6NZ+Fpl6ZoDQW+Y/wS4wqE5WIfRVvNcJvAFEq
eeUw441YtcBVRv0AJhqzP0NWW+K9oT/XLDdYSOKS9VPCJcgUPW6RpNK36BDFKbDW
c73LF0Qq9B8QfvdGhsD3HimeaLM3CwWBsTTsUVC3/X6u5LGKN4FzMyseQdMi18Oc
VikWMpRljt01fY7O
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:20 2023 by rpki-client on console-fra.rpki-client.org