Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/YTBYCfuAgJEQFQOqEH8TIOUKhJY.roa
File: YTBYCfuAgJEQFQOqEH8TIOUKhJY.roa (raw, json)
Hash identifier: TkUfOzNB9P2ppYbI3uHWT4bg1cgvImeVccWailtoCyY=
Subject key identifier: 61:30:58:09:FB:80:80:91:10:15:03:AA:10:7F:13:20:E5:0A:84:96
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 018476459D0E786A8BCF014715669BA7CE7A
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/YTBYCfuAgJEQFQOqEH8TIOUKhJY.roa
Signing time: Mon 14 Nov 2022 13:13:04 +0000
ROA not before: Mon 14 Nov 2022 13:13:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 185.190.25.0/24 maxlen: 24
194.36.172.0/23 maxlen: 23
194.36.172.0/24 maxlen: 24
194.36.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:45:9d:0e:78:6a:8b:cf:01:47:15:66:9b:a7:ce:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Nov 14 13:13:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61305809fb808091101503aa107f1320e50a8496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fe:76:b6:c6:40:a7:dd:30:82:45:3d:ff:c4:
b5:dc:be:a9:28:44:03:c7:31:4f:71:f9:cc:2c:8f:
97:9e:c6:7b:30:e4:e7:b4:6c:c3:25:63:2a:c6:84:
dd:d3:2a:78:68:33:49:88:b2:d6:64:16:3d:5a:96:
77:39:8e:4c:28:4e:80:e3:58:05:8c:ef:10:65:c6:
fe:e1:15:9d:e1:83:03:a6:8a:c3:43:a9:45:37:30:
d7:e7:a0:8c:4a:26:1b:68:6d:4d:ce:1f:51:80:20:
9b:eb:2c:0e:a5:16:cf:0c:bd:b4:40:ae:81:b9:44:
69:02:7c:3f:42:39:56:7a:9e:59:c9:5a:26:f7:16:
c4:68:eb:9f:b8:47:ba:57:7e:a4:31:e2:47:d1:6d:
03:b0:da:4c:05:17:49:50:0d:c3:7e:09:29:12:ee:
5c:ee:56:f5:56:8e:e3:f4:46:3d:f9:cd:44:05:bb:
0f:92:57:59:52:23:f5:8d:1f:91:5e:b4:70:b4:70:
db:2d:99:41:ae:da:28:ae:d4:3e:01:4d:f0:c3:84:
e5:ef:dc:ca:74:75:c6:a1:30:b6:f0:a8:e0:45:42:
0b:61:4f:81:1a:d4:75:95:67:ef:b3:69:9c:50:35:
f8:dd:34:d1:18:3c:95:53:33:92:8a:09:d2:61:3d:
10:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:30:58:09:FB:80:80:91:10:15:03:AA:10:7F:13:20:E5:0A:84:96
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/YTBYCfuAgJEQFQOqEH8TIOUKhJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.25.0/24
194.36.172.0/23
Signature Algorithm: sha256WithRSAEncryption
52:cb:25:60:67:6a:bf:5c:c5:49:bb:5d:e6:eb:83:0a:ea:dc:
5b:5f:2b:0d:6d:0e:5d:6c:38:8a:5b:13:34:d6:b1:85:46:ae:
fe:57:b9:89:44:3f:47:7a:03:e8:5f:49:6e:61:b4:d0:a0:c2:
28:01:da:62:60:b7:ad:24:20:7f:da:7a:70:e6:a4:af:ad:70:
89:44:ef:e3:da:d0:49:30:95:0d:7e:b0:0b:f8:a9:4b:5a:a0:
39:1a:71:65:97:db:f2:91:65:ea:33:ee:94:21:12:78:23:03:
21:94:d6:eb:58:aa:45:61:11:e8:16:1a:75:db:b3:fd:99:46:
62:db:6b:db:58:77:99:51:ad:e6:99:2d:85:b8:1c:54:c4:0a:
66:5c:b8:2b:74:6d:10:e5:4f:9b:c3:47:7a:03:c6:d6:dd:d3:
4d:ee:61:01:9b:df:30:b4:c5:2b:ae:c6:12:c0:8d:71:0f:ad:
60:b7:b5:4e:1e:5b:9c:c8:03:ca:fd:49:3b:a9:6c:9d:99:9f:
de:38:f4:e2:4b:30:23:2a:ed:6d:de:23:c7:fa:3f:ee:12:42:
05:0f:89:1b:54:30:59:d2:e7:1d:d6:47:9c:26:8c:23:51:0f:
8e:c3:75:0a:25:f0:14:3f:f4:de:18:c1:8f:e4:44:01:67:35:
21:0e:32:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR2RZ0OeGqLzwFHFWabp856MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIxMTE0MTMxMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTMwNTgwOWZiODA4MDkxMTAxNTAzYWExMDdmMTMyMGU1MGE4NDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgv52tsZAp90wgkU9/8S13L6pKEQD
xzFPcfnMLI+XnsZ7MOTntGzDJWMqxoTd0yp4aDNJiLLWZBY9WpZ3OY5MKE6A41gF
jO8QZcb+4RWd4YMDporDQ6lFNzDX56CMSiYbaG1Nzh9RgCCb6ywOpRbPDL20QK6B
uURpAnw/QjlWep5ZyVom9xbEaOufuEe6V36kMeJH0W0DsNpMBRdJUA3DfgkpEu5c
7lb1Vo7j9EY9+c1EBbsPkldZUiP1jR+RXrRwtHDbLZlBrtoortQ+AU3ww4Tl79zK
dHXGoTC28KjgRUILYU+BGtR1lWfvs2mcUDX43TTRGDyVUzOSignSYT0QkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGEwWAn7gICREBUDqhB/EyDlCoSWMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvWVRCWUNmdUFnSkVRRlFPcUVIOFRJT1VLaEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub4ZAwQB
wiSsMA0GCSqGSIb3DQEBCwUAA4IBAQBSyyVgZ2q/XMVJu13m64MK6txbXysNbQ5d
bDiKWxM01rGFRq7+V7mJRD9HegPoX0luYbTQoMIoAdpiYLetJCB/2npw5qSvrXCJ
RO/j2tBJMJUNfrAL+KlLWqA5GnFll9vykWXqM+6UIRJ4IwMhlNbrWKpFYRHoFhp1
27P9mUZi22vbWHeZUa3mmS2FuBxUxApmXLgrdG0Q5U+bw0d6A8bW3dNN7mEBm98w
tMUrrsYSwI1xD61gt7VOHlucyAPK/Uk7qWydmZ/eOPTiSzAjKu1t3iPH+j/uEkIF
D4kbVDBZ0ucd1kecJowjUQ+Ow3UKJfAUP/TeGMGP5EQBZzUhDjJ5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org