Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/YPfC0gw6PEIB26yYMmvxRCfGLEo.roa
File: YPfC0gw6PEIB26yYMmvxRCfGLEo.roa (raw, json)
Hash identifier: JWf65K9hyzzkOrtKx2h7rKNITbPWRc5KCfOiL+9PUfs=
Subject key identifier: 60:F7:C2:D2:0C:3A:3C:42:01:DB:AC:98:32:6B:F1:44:27:C6:2C:4A
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018291041BD265EE0D8B27A45BAC32ED1B4C
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/YPfC0gw6PEIB26yYMmvxRCfGLEo.roa
Signing time: Fri 12 Aug 2022 07:45:41 +0000
ROA not before: Fri 12 Aug 2022 07:45:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12850
IP address blocks: 212.91.64.0/19 maxlen: 24
37.139.88.0/21 maxlen: 24
212.29.128.0/19 maxlen: 24
80.247.64.0/20 maxlen: 24
178.239.176.0/20 maxlen: 24
87.248.32.0/19 maxlen: 24
185.48.32.0/22 maxlen: 24
185.21.172.0/22 maxlen: 24
2001:4d38::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:91:04:1b:d2:65:ee:0d:8b:27:a4:5b:ac:32:ed:1b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Aug 12 07:45:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60f7c2d20c3a3c4201dbac98326bf14427c62c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:89:69:d1:7a:22:3d:56:bf:3b:a3:d5:0c:8a:
92:72:fc:65:9b:98:0d:fe:a8:f9:20:97:23:19:ad:
7d:9c:61:d4:d1:ef:07:36:1e:bb:fe:2d:98:6a:87:
34:ad:17:97:34:8d:74:05:79:80:71:05:82:70:76:
22:63:75:27:96:53:3f:fd:da:1f:24:85:eb:68:15:
e2:1f:02:cd:1e:10:7f:e5:cb:e4:b1:1a:6b:ad:9f:
3b:39:a0:ab:19:50:95:a9:ee:7e:97:10:78:fd:6c:
ae:26:68:71:29:ef:4a:d5:31:fb:e4:f2:be:87:54:
65:54:b1:c8:e2:1c:98:58:01:ef:d2:13:4d:c2:f3:
0f:21:e0:37:9c:83:6b:18:5d:b5:4f:41:ee:93:6b:
a9:33:a3:32:8f:ce:de:1e:ab:65:a2:75:68:ed:69:
41:3c:03:40:c5:2e:dc:fe:f8:a5:d8:18:e8:e1:15:
b1:1b:ea:77:43:97:06:8b:d4:47:63:99:ee:0a:97:
e0:ef:07:62:d0:e4:bc:8d:f4:1b:cd:d2:91:ac:9e:
f4:f6:d6:68:d4:06:07:87:37:76:97:64:f8:24:75:
f0:95:e4:06:66:f7:36:de:e5:e6:37:75:a6:97:10:
5b:44:87:58:b1:6a:d5:f7:aa:3c:cf:ab:c7:fc:c7:
3f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F7:C2:D2:0C:3A:3C:42:01:DB:AC:98:32:6B:F1:44:27:C6:2C:4A
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/YPfC0gw6PEIB26yYMmvxRCfGLEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.88.0/21
80.247.64.0/20
87.248.32.0/19
178.239.176.0/20
185.21.172.0/22
185.48.32.0/22
212.29.128.0/19
212.91.64.0/19
IPv6:
2001:4d38::/32
Signature Algorithm: sha256WithRSAEncryption
67:9b:df:1b:6e:f5:8a:dd:6a:f6:14:c4:59:40:72:04:7d:0a:
52:8c:d1:16:87:15:fb:98:6c:c6:6c:70:49:c4:ac:73:a7:5f:
2a:a1:ee:0c:a9:5c:ee:ca:c1:39:22:a0:ae:ce:c5:51:db:cf:
90:fc:ba:03:2f:54:67:3e:f4:f2:de:8d:3b:59:5c:04:ed:9f:
3a:98:76:3b:a4:ca:3c:8d:98:a4:89:9b:82:aa:ca:fd:71:10:
db:7f:8c:10:21:34:ec:db:a0:c4:89:a3:36:48:e3:ee:e0:d6:
e8:12:26:6f:75:95:b9:c7:18:34:02:66:91:93:d0:a7:03:64:
3f:17:93:26:20:33:20:55:ca:38:2f:94:c5:61:1b:53:87:b5:
ac:53:6c:da:6c:26:2d:26:a3:ce:84:dc:ac:de:a6:9d:fd:60:
70:6a:42:de:15:0e:a2:d2:04:3b:39:a5:9a:cd:2c:a3:42:9e:
be:2c:d7:27:c3:06:12:57:99:62:56:9b:d8:17:ca:da:7b:29:
12:ff:9b:29:7f:42:be:75:d6:88:17:8e:90:f1:ae:6a:ef:68:
5d:49:1a:56:b2:01:7b:0a:21:85:19:b0:67:68:58:73:e1:5f:
ad:52:70:47:49:0a:ff:33:ca:44:e6:3e:e4:34:77:5f:b2:74:
c7:51:79:43
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYKRBBvSZe4NiyekW6wy7RtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjIwODEyMDc0NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY3YzJkMjBjM2EzYzQyMDFkYmFjOTgzMjZiZjE0NDI3YzYyYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIlp0XoiPVa/O6PVDIqScvxlm5gN
/qj5IJcjGa19nGHU0e8HNh67/i2Yaoc0rReXNI10BXmAcQWCcHYiY3UnllM//dof
JIXraBXiHwLNHhB/5cvksRprrZ87OaCrGVCVqe5+lxB4/WyuJmhxKe9K1TH75PK+
h1RlVLHI4hyYWAHv0hNNwvMPIeA3nINrGF21T0Huk2upM6Myj87eHqtlonVo7WlB
PANAxS7c/vil2Bjo4RWxG+p3Q5cGi9RHY5nuCpfg7wdi0OS8jfQbzdKRrJ709tZo
1AYHhzd2l2T4JHXwleQGZvc23uXmN3WmlxBbRIdYsWrV96o8z6vH/Mc/kQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGD3wtIMOjxCAdusmDJr8UQnxixKMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvWVBmQzBndzZQRUlCMjZ5WU1tdnhSQ2ZHTEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJYtYAwQE
UPdAAwQFV/ggAwQEsu+wAwQCuRWsAwQCuTAgAwQF1B2AAwQF1FtAMA0EAgACMAcD
BQAgAU04MA0GCSqGSIb3DQEBCwUAA4IBAQBnm98bbvWK3Wr2FMRZQHIEfQpSjNEW
hxX7mGzGbHBJxKxzp18qoe4MqVzuysE5IqCuzsVR28+Q/LoDL1RnPvTy3o07WVwE
7Z86mHY7pMo8jZikiZuCqsr9cRDbf4wQITTs26DEiaM2SOPu4NboEiZvdZW5xxg0
AmaRk9CnA2Q/F5MmIDMgVco4L5TFYRtTh7WsU2zabCYtJqPOhNys3qad/WBwakLe
FQ6i0gQ7OaWazSyjQp6+LNcnwwYSV5liVpvYF8raeykS/5spf0K+ddaIF46Q8a5q
72hdSRpWsgF7CiGFGbBnaFhz4V+tUnBHSQr/M8pE5j7kNHdfsnTHUXlD
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:37 2023 by rpki-client on console.sobornost.net