Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/YaWXyMQepQhznchYL3bOPA8xlXU.roa
File: YaWXyMQepQhznchYL3bOPA8xlXU.roa (raw, json)
Hash identifier: Qksac8BlmApV1wKIMPHPqDhVL5opI+UVqyuqs4mh05c=
Subject key identifier: 61:A5:97:C8:C4:1E:A5:08:73:9D:C8:58:2F:76:CE:3C:0F:31:95:75
Certificate issuer: /CN=c8593923257b20eda4aa4bc3c4a0c30d8490ea56
Certificate serial: 0725B75A
Authority key identifier: C8:59:39:23:25:7B:20:ED:A4:AA:4B:C3:C4:A0:C3:0D:84:90:EA:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/YaWXyMQepQhznchYL3bOPA8xlXU.roa
Signing time: Sat 01 Jan 2022 13:07:24 +0000
ROA not before: Sat 01 Jan 2022 13:07:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43809
IP address blocks: 185.215.8.0/22 maxlen: 24
185.8.80.0/22 maxlen: 24
185.184.92.0/22 maxlen: 24
95.128.112.0/21 maxlen: 24
83.171.228.0/22 maxlen: 22
2a0a:9c40::/29 maxlen: 29
2a02:d900::/29 maxlen: 29
2a0f:10c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119912282 (0x725b75a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8593923257b20eda4aa4bc3c4a0c30d8490ea56
Validity
Not Before: Jan 1 13:07:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61a597c8c41ea508739dc8582f76ce3c0f319575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:00:49:d1:6e:1b:09:7c:81:13:86:b1:88:17:
ef:6e:0a:69:3c:a4:79:41:d8:df:c5:13:2f:21:ff:
69:2c:5f:0d:89:33:a9:36:2b:e7:eb:d7:ab:84:d0:
65:be:b5:e4:65:b7:c3:d6:46:b3:9f:37:48:3b:79:
f1:5e:3a:b8:02:bc:43:8d:03:45:dd:50:c6:0a:92:
04:81:ce:81:eb:9f:04:6e:72:c8:cc:0a:12:5f:90:
bd:6a:9f:ab:0c:7f:c6:87:f5:dd:a4:fc:74:d8:53:
1d:52:79:f5:95:81:4c:f1:53:ba:01:7b:90:80:ef:
86:ba:91:29:fe:a7:5a:3d:2a:88:0e:41:0d:df:95:
da:a6:38:0d:1b:a3:c6:d4:d9:c4:10:f7:7a:01:e4:
e4:de:15:8b:a2:70:26:52:12:36:e0:68:b1:1b:89:
ed:eb:44:76:73:0a:75:49:5a:54:73:a4:e7:50:82:
ef:56:9c:43:7d:b9:fd:d7:22:d3:e3:37:5a:68:63:
91:c7:6a:2a:69:0a:a9:47:08:85:52:4d:be:14:4a:
80:f3:4e:a5:37:d0:79:62:e4:11:e1:bf:9b:02:ea:
28:a8:1c:84:96:7d:91:58:7f:3c:ff:4f:63:e0:e9:
38:fe:9b:04:46:7c:d0:1d:2d:1d:a7:5f:8b:2a:2e:
3d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A5:97:C8:C4:1E:A5:08:73:9D:C8:58:2F:76:CE:3C:0F:31:95:75
X509v3 Authority Key Identifier:
keyid:C8:59:39:23:25:7B:20:ED:A4:AA:4B:C3:C4:A0:C3:0D:84:90:EA:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/YaWXyMQepQhznchYL3bOPA8xlXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.228.0/22
95.128.112.0/21
185.8.80.0/22
185.184.92.0/22
185.215.8.0/22
IPv6:
2a02:d900::/29
2a0a:9c40::/29
2a0f:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:2d:7b:15:1e:11:af:f0:13:fb:c6:f5:d2:b4:bd:c8:b3:cd:
02:9a:fd:8f:8a:c7:2a:65:d8:c4:45:ff:e9:87:b7:1a:4d:cf:
97:96:ae:7b:f2:46:0c:a0:f1:4a:f4:72:f6:3e:6d:23:c1:f3:
9c:b7:d3:a7:4b:6f:43:c3:51:c3:46:b1:db:93:20:84:a8:40:
77:eb:ee:5e:60:62:59:c6:88:ba:c7:dc:aa:82:e7:18:fa:9c:
43:fe:ff:1d:ff:6b:4d:7b:cc:38:9a:8b:91:24:b0:1e:6d:c9:
96:62:1f:75:90:6f:93:bf:40:25:fe:93:4b:07:90:2c:f4:99:
2c:4f:5f:7d:93:bb:e1:f6:ab:0a:13:c7:bb:14:7b:7d:11:d9:
21:ba:39:f8:41:40:45:d8:ce:88:67:fb:3d:eb:e0:b5:6e:80:
01:2d:24:af:d3:ba:74:07:c8:8e:67:84:f9:da:41:47:41:71:
84:ff:3f:44:08:35:7b:b7:3c:c1:3e:21:f3:58:62:02:ee:72:
1b:42:39:b2:8c:99:b9:58:0e:3f:b2:1b:7c:6e:00:91:4a:5a:
03:a7:00:f5:b5:26:77:ed:b4:4d:88:a2:52:6e:0a:fa:59:6b:
30:81:71:70:1a:27:08:27:bf:59:41:6c:d7:ee:71:45:b3:1a:
62:bd:43:f8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEByW3WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODU5MzkyMzI1N2IyMGVkYTRhYTRiYzNjNGEwYzMwZDg0OTBlYTU2MB4XDTIyMDEw
MTEzMDcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFhNTk3YzhjNDFl
YTUwODczOWRjODU4MmY3NmNlM2MwZjMxOTU3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQASdFuGwl8gROGsYgX724KaTykeUHY38UTLyH/aSxfDYkz
qTYr5+vXq4TQZb615GW3w9ZGs583SDt58V46uAK8Q40DRd1QxgqSBIHOgeufBG5y
yMwKEl+QvWqfqwx/xof13aT8dNhTHVJ59ZWBTPFTugF7kIDvhrqRKf6nWj0qiA5B
Dd+V2qY4DRujxtTZxBD3egHk5N4Vi6JwJlISNuBosRuJ7etEdnMKdUlaVHOk51CC
71acQ325/dci0+M3WmhjkcdqKmkKqUcIhVJNvhRKgPNOpTfQeWLkEeG/mwLqKKgc
hJZ9kVh/PP9PY+DpOP6bBEZ80B0tHadfiyouPS8CAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBRhpZfIxB6lCHOdyFgvds48DzGVdTAfBgNVHSMEGDAWgBTIWTkjJXsg7aSq
S8PEoMMNhJDqVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lGazVJeVY3SU8ya3FrdkR4S0RERFlTUTZsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYTA0OTU2LTc0NjItNDllYi1hOWRiLWRjNmJlOGNlNWZiMi8x
L1lhV1h5TVFlcFFoem5jaFlMM2JPUEE4eGxYVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YTA0OTU2LTc0NjItNDllYi1hOWRiLWRjNmJlOGNlNWZiMi8xL3lGazVJeVY3SU8y
a3FrdkR4S0RERFlTUTZsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwJAQCAAEwHgMEAlOr5AMEA1+AcAMEArkIUAMEArm4
XAMEArnXCDAbBAIAAjAVAwUDKgLZAAMFAyoKnEADBQMqDxDAMA0GCSqGSIb3DQEB
CwUAA4IBAQBvLXsVHhGv8BP7xvXStL3Is80Cmv2PiscqZdjERf/ph7caTc+Xlq57
8kYMoPFK9HL2Pm0jwfOct9OnS29Dw1HDRrHbkyCEqEB36+5eYGJZxoi6x9yqgucY
+pxD/v8d/2tNe8w4mouRJLAebcmWYh91kG+Tv0Al/pNLB5As9JksT199k7vh9qsK
E8e7FHt9Edkhujn4QUBF2M6IZ/s96+C1boABLSSv07p0B8iOZ4T52kFHQXGE/z9E
CDV7tzzBPiHzWGIC7nIbQjmyjJm5WA4/sht8bgCRSloDpwD1tSZ37bRNiKJSbgr6
WWswgXFwGicIJ79ZQWzX7nFFsxpivUP4
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net