Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/yagRl-423d6puaCakzStogHAs3w.roa
File: yagRl-423d6puaCakzStogHAs3w.roa (raw, json)
Hash identifier: oSqwV7t8ocEn0wj0mrkagi3PrIei6Q7AvEa2od7QLYg=
Subject key identifier: C9:A8:11:97:EE:36:DD:DE:A9:B9:A0:9A:93:34:AD:A2:01:C0:B3:7C
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 1ED8EC51
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/yagRl-423d6puaCakzStogHAs3w.roa
Signing time: Sat 01 Jan 2022 08:56:11 +0000
ROA not before: Sat 01 Jan 2022 08:56:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43612
IP address blocks: 146.255.94.0/23 maxlen: 23
31.11.64.0/21 maxlen: 21
217.16.88.0/22 maxlen: 22
217.16.94.0/24 maxlen: 24
217.16.92.0/23 maxlen: 23
31.11.80.0/21 maxlen: 21
92.53.12.0/22 maxlen: 22
92.53.16.0/22 maxlen: 22
92.53.20.0/22 maxlen: 22
92.53.24.0/22 maxlen: 22
92.53.28.0/22 maxlen: 22
212.110.92.0/23 maxlen: 23
92.53.32.0/22 maxlen: 22
92.53.36.0/22 maxlen: 22
92.53.40.0/22 maxlen: 22
92.53.44.0/22 maxlen: 22
146.255.75.0/24 maxlen: 24
92.53.48.0/22 maxlen: 22
146.255.73.0/24 maxlen: 24
146.255.74.0/24 maxlen: 24
92.53.56.0/22 maxlen: 22
94.100.96.0/20 maxlen: 20
92.53.52.0/22 maxlen: 22
92.53.60.0/22 maxlen: 22
185.80.164.0/22 maxlen: 22
185.100.245.0/24 maxlen: 24
185.100.244.0/24 maxlen: 24
185.5.4.0/22 maxlen: 22
217.196.192.0/20 maxlen: 20
31.11.120.0/21 maxlen: 21
188.44.2.0/24 maxlen: 24
188.44.7.0/24 maxlen: 24
188.44.6.0/24 maxlen: 24
78.157.0.0/19 maxlen: 22
31.3.94.0/24 maxlen: 24
31.3.93.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
178.249.112.0/21 maxlen: 21
185.89.246.0/23 maxlen: 24
185.89.244.0/22 maxlen: 22
92.53.0.0/22 maxlen: 23
92.53.4.0/22 maxlen: 22
92.53.8.0/22 maxlen: 22
78.157.16.0/22 maxlen: 22
2a01:b780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 517532753 (0x1ed8ec51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Jan 1 08:56:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9a81197ee36dddea9b9a09a9334ada201c0b37c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:bd:fc:b7:16:cf:75:4e:b1:af:ca:a3:a2:
39:45:9a:6e:c1:7b:3c:05:f1:b8:e9:d4:45:ef:38:
15:ed:32:28:6e:82:90:c1:94:7a:31:5d:47:f5:27:
66:29:50:2d:2c:07:e8:1e:7d:19:24:e2:40:01:fc:
9e:d2:c3:3b:06:1b:a1:5c:4f:a2:57:7a:ae:27:fd:
e9:d4:ff:93:81:0e:3e:8e:d2:f0:f1:72:e5:19:a9:
1b:80:a7:4b:ae:f9:95:70:28:0b:a9:ef:5a:be:09:
44:44:70:31:01:21:a4:8a:f0:72:94:90:b6:27:56:
26:8c:04:d4:48:f6:33:7e:79:18:65:34:aa:c4:33:
0c:90:2e:0f:a2:32:a5:be:8b:a0:35:54:de:ae:33:
20:a5:43:b2:97:88:6d:f0:cc:29:43:58:84:30:34:
20:96:29:89:98:d9:c7:6b:e7:d7:8e:84:ff:11:ac:
3d:62:f4:8b:2f:f7:07:3b:a4:99:75:7b:4f:e2:cd:
84:42:eb:a3:5b:09:ad:35:fa:ce:be:37:c7:a6:0f:
92:8b:05:24:a1:65:09:52:20:fd:24:01:1f:e1:d4:
5e:a3:98:99:68:63:67:3c:fa:33:4c:f2:8d:86:9e:
1e:10:f3:5a:1f:a6:62:54:e4:47:97:e9:78:85:34:
37:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A8:11:97:EE:36:DD:DE:A9:B9:A0:9A:93:34:AD:A2:01:C0:B3:7C
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/yagRl-423d6puaCakzStogHAs3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.93.0-31.3.94.255
31.11.64.0/21
31.11.80.0/21
31.11.120.0/21
78.157.0.0/19
92.53.0.0/18
94.100.96.0/20
109.69.40.0/21
146.255.73.0-146.255.75.255
146.255.94.0/23
178.249.112.0/21
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/23
188.44.2.0/24
188.44.6.0/23
212.110.92.0/23
217.16.88.0-217.16.94.255
217.196.192.0/20
IPv6:
2a01:b780::/32
Signature Algorithm: sha256WithRSAEncryption
3b:64:1c:21:fe:d0:fb:d5:0c:1f:40:cf:e6:94:6e:66:7e:ee:
1c:91:40:1a:45:6d:b1:a8:52:cf:fa:00:4c:ba:ce:5a:67:06:
38:20:03:17:e6:8c:d2:69:f4:7b:f5:ed:b4:a3:57:2c:46:ff:
01:32:2e:d4:eb:45:a4:e4:24:7e:e2:31:1f:c1:e7:4c:86:c5:
fa:f4:dc:15:ea:98:69:2a:03:60:a2:14:86:d1:61:d8:30:55:
b7:90:dd:32:4f:15:61:09:45:8c:b2:0e:2c:4d:7b:f4:a0:3d:
45:ff:0a:57:be:ec:66:4f:d8:a0:c0:25:a2:41:26:8e:cf:d5:
6e:05:8a:05:72:8c:20:b4:b7:6d:c5:d5:15:f2:59:81:b5:30:
08:3d:ad:37:54:f3:8b:23:ac:59:ec:06:8b:a8:3a:cf:69:38:
16:d3:6a:df:7a:6d:94:6c:71:5c:9f:3a:9f:79:8f:43:e7:c9:
f2:d5:72:8e:f6:f0:97:5c:f5:c6:fc:68:15:20:d8:18:76:54:
26:0e:d7:ac:be:71:dd:e8:50:17:7f:81:28:f5:64:3c:96:65:
b4:a2:d2:35:b7:c8:aa:12:80:92:6a:fd:ff:cd:2c:de:d6:7d:
7d:c5:d5:46:55:40:52:5f:ba:8c:09:df:ff:55:ea:8e:5f:1f:
92:d9:39:df
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIEHtjsUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWU3MjA5YThjOWIxNzZmYmY2MjNlZGYzZWUwYjgyMDA3ZmMyYzQwMB4XDTIyMDEw
MTA4NTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzlhODExOTdlZTM2
ZGRkZWE5YjlhMDlhOTMzNGFkYTIwMWMwYjM3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJTvfy3Fs91TrGvyqOiOUWabsF7PAXxuOnURe84Fe0yKG6C
kMGUejFdR/UnZilQLSwH6B59GSTiQAH8ntLDOwYboVxPold6rif96dT/k4EOPo7S
8PFy5RmpG4CnS675lXAoC6nvWr4JRERwMQEhpIrwcpSQtidWJowE1Ej2M355GGU0
qsQzDJAuD6Iypb6LoDVU3q4zIKVDspeIbfDMKUNYhDA0IJYpiZjZx2vn146E/xGs
PWL0iy/3BzukmXV7T+LNhELro1sJrTX6zr43x6YPkosFJKFlCVIg/SQBH+HUXqOY
mWhjZzz6M0zyjYaeHhDzWh+mYlTkR5fpeIU0N7MCAwEAAaOCAqcwggKjMB0GA1Ud
DgQWBBTJqBGX7jbd3qm5oJqTNK2iAcCzfDAfBgNVHSMEGDAWgBSZ5yCajJsXb79i
Pt8+4LggB/wsQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21lY2dtb3liRjItX1lqN2ZQdUM0SUFmOExFQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvZWY1ODU2LWJiYzAtNDVhNC04OTFlLWIyZGNjMTg2M2U4Yi8x
L3lhZ1JsLTQyM2Q2cHVhQ2FrelN0b2dIQXMzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
ZWY1ODU2LWJiYzAtNDVhNC04OTFlLWIyZGNjMTg2M2U4Yi8xL21lY2dtb3liRjIt
X1lqN2ZQdUM0SUFmOExFQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vAYIKwYBBQUHAQcBAf8EgawwgakwgZcEAgABMIGQMAwDBAAfA10DBAAfA14DBAMf
C0ADBAMfC1ADBAMfC3gDBAVOnQADBAZcNQADBAReZGADBANtRSgwDAMEAJL/SQME
ApL/SAMEAZL/XgMEA7L5cAMEArkFBAMEArlQpAMEArlZ9AMEAblk9AMEALwsAgME
AbwsBgMEAdRuXDAMAwQD2RBYAwQA2RBeAwQE2cTAMA0EAgACMAcDBQAqAbeAMA0G
CSqGSIb3DQEBCwUAA4IBAQA7ZBwh/tD71QwfQM/mlG5mfu4ckUAaRW2xqFLP+gBM
us5aZwY4IAMX5ozSafR79e20o1csRv8BMi7U60Wk5CR+4jEfwedMhsX69NwV6php
KgNgohSG0WHYMFW3kN0yTxVhCUWMsg4sTXv0oD1F/wpXvuxmT9igwCWiQSaOz9Vu
BYoFcowgtLdtxdUV8lmBtTAIPa03VPOLI6xZ7AaLqDrPaTgW02rfem2UbHFcnzqf
eY9D58ny1XKO9vCXXPXG/GgVINgYdlQmDtesvnHd6FAXf4Eo9WQ8lmW0otI1t8iq
EoCSav3/zSze1n19xdVGVUBSX7qMCd//VeqOXx+S2Tnf
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net