Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/Y-2uZcvo8VMnLyT_LH70lG2A-N4.roa
File: Y-2uZcvo8VMnLyT_LH70lG2A-N4.roa (raw, json)
Hash identifier: OS79t52+iJwWYPBHOqMCEGRnV1Xzj5FqMuB4aA+T55w=
Subject key identifier: 63:ED:AE:65:CB:E8:F1:53:27:2F:24:FF:2C:7E:F4:94:6D:80:F8:DE
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 0182EF4F862B488744E52CC99C04CF160EF1
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/Y-2uZcvo8VMnLyT_LH70lG2A-N4.roa
Signing time: Tue 30 Aug 2022 15:12:22 +0000
ROA not before: Tue 30 Aug 2022 15:12:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16276
IP address blocks: 152.228.128.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
51.178.0.0/16 maxlen: 16
51.210.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
135.125.128.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
51.75.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
162.19.128.0/17 maxlen: 17
51.38.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
91.134.0.0/16 maxlen: 16
145.239.0.0/16 maxlen: 16
149.202.0.0/16 maxlen: 16
137.74.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
188.165.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
91.121.0.0/16 maxlen: 16
51.89.0.0/16 maxlen: 16
5.39.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
5.135.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
57.128.0.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
51.91.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
217.182.0.0/16 maxlen: 16
164.132.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
54.36.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
147.135.128.0/17 maxlen: 17
162.19.0.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
51.83.0.0/16 maxlen: 16
213.251.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:4f:86:2b:48:87:44:e5:2c:c9:9c:04:cf:16:0e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Aug 30 15:12:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63edae65cbe8f153272f24ff2c7ef4946d80f8de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:98:e8:ca:f7:a6:64:14:09:cb:56:2a:77:
c8:14:e7:d5:61:f9:77:a7:5c:2b:d3:d2:b7:b6:7d:
ab:8a:c2:fa:22:07:f7:1b:25:62:0d:13:1d:3e:12:
bb:1d:02:4e:6b:98:58:f3:ab:76:1e:61:33:c7:ba:
c3:d1:dd:b6:03:a0:44:f4:ab:2d:7d:95:30:0d:af:
d1:83:05:89:99:a6:7a:70:9f:b8:db:d4:8c:8f:d7:
0a:c5:af:52:b6:de:d2:cb:5b:1a:2f:f5:c8:ed:9a:
24:c8:bc:83:0a:ba:f8:7e:0f:19:e1:b5:7a:dd:89:
c6:7b:6e:02:35:cc:7d:7c:73:20:87:2f:61:97:01:
33:35:5e:55:c8:c9:89:81:3f:1a:cc:8a:5a:39:ae:
db:e2:b9:b6:5b:dd:81:08:96:ce:3d:e2:dc:24:db:
12:34:3b:a9:f9:c5:07:ce:1f:e5:81:1c:ef:c9:dc:
cc:b6:07:08:3b:ce:ea:54:3a:7e:fb:6d:41:5c:06:
c5:36:54:12:26:52:9c:11:0e:d1:f2:54:c2:03:6e:
c3:c2:6b:40:97:d7:8c:9c:ef:d5:02:75:b2:bb:59:
cb:47:c7:a2:03:5c:43:86:f8:2b:46:03:bb:30:fb:
71:66:2f:6f:0f:bb:e2:1e:f8:eb:13:86:d8:dc:db:
d4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:ED:AE:65:CB:E8:F1:53:27:2F:24:FF:2C:7E:F4:94:6D:80:F8:DE
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/Y-2uZcvo8VMnLyT_LH70lG2A-N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
54.36.0.0-54.38.255.255
57.128.0.0-57.128.191.255
91.121.0.0/16
91.134.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
145.239.0.0/16
147.135.128.0/17
149.202.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:24:ba:a6:e0:a5:44:d7:e8:6c:0f:fc:05:fd:cd:d6:07:97:
00:d2:96:00:a7:51:44:5a:b1:e0:90:6c:71:37:95:a7:26:9d:
f0:39:02:6f:2a:1f:71:93:bc:8b:68:76:29:bb:30:b2:ab:1b:
4a:b6:18:24:8b:5f:0a:08:9d:54:33:36:e9:23:57:c4:e1:4a:
3d:0f:c5:74:8f:db:b1:ba:00:98:17:fb:75:c8:15:60:42:69:
46:70:63:df:20:66:9f:46:af:07:cf:54:cc:fb:c5:23:52:ea:
3c:49:12:b6:b4:2d:95:a6:cf:96:ec:2e:a6:be:83:64:2f:5e:
e9:c1:f1:f5:5d:18:8c:e4:9a:72:02:cf:d4:0b:f6:4d:0f:a2:
82:f1:50:83:dc:c1:f1:c1:2d:94:49:69:de:1f:30:75:07:9c:
0c:ad:75:f2:f7:01:cd:d1:1e:37:06:ac:4d:43:41:10:78:ee:
56:93:c7:e0:52:aa:12:96:9a:cc:b2:a5:63:5b:75:9f:6a:fd:
a3:4b:45:03:d3:05:28:3c:85:87:43:c5:7e:d8:f9:5d:79:f8:
04:66:74:b9:2a:a6:85:46:ca:59:cf:7c:2c:73:b4:26:d7:a0:
24:75:86:da:dc:d1:20:7c:68:b5:04:1f:8c:d4:c2:b5:01:fb:
a5:25:a0:b8
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYLvT4YrSIdE5SzJnATPFg7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjIwODMwMTUxMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2VkYWU2NWNiZThmMTUzMjcyZjI0ZmYyYzdlZjQ5NDZkODBmOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+KY6Mr3pmQUCctWKnfIFOfVYfl3
p1wr09K3tn2risL6Igf3GyViDRMdPhK7HQJOa5hY86t2HmEzx7rD0d22A6BE9Kst
fZUwDa/RgwWJmaZ6cJ+429SMj9cKxa9Stt7Sy1saL/XI7ZokyLyDCrr4fg8Z4bV6
3YnGe24CNcx9fHMghy9hlwEzNV5VyMmJgT8azIpaOa7b4rm2W92BCJbOPeLcJNsS
NDup+cUHzh/lgRzvydzMtgcIO87qVDp++21BXAbFNlQSJlKcEQ7R8lTCA27DwmtA
l9eMnO/VAnWyu1nLR8eiA1xDhvgrRgO7MPtxZi9vD7viHvjrE4bY3NvUgQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFGPtrmXL6PFTJy8k/yx+9JRtgPjeMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvWS0ydVpjdm84Vk1uTHlUX0xINzBsRzJBLU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBAcF
JwADAwAFhwMDAAXEAwMAJTsDAwAluwMDADMmAwMAM0QDAwAzSwMDADNNAwMAM1MD
AwAzWQMDADNbAwMAM7IDAwAzwwMDADPSMAoDAwI2JAMDADYmMAsDAwc5gAMEBjmA
gAMDAFt5AwMAW4YDAwCHfQMDAIlKAwMBjV4DAwCR7wMEB5OHgAMDAJXKAwQHmOSA
AwMAohMDAwCkhAMDALylAwQHwUYAAwQHxvSAAwQH1SAAAwQF1bogAwQG1fuAAwMA
2bYwDQYJKoZIhvcNAQELBQADggEBAHIkuqbgpUTX6GwP/AX9zdYHlwDSlgCnUURa
seCQbHE3lacmnfA5Am8qH3GTvItodim7MLKrG0q2GCSLXwoInVQzNukjV8ThSj0P
xXSP27G6AJgX+3XIFWBCaUZwY98gZp9GrwfPVMz7xSNS6jxJEra0LZWmz5bsLqa+
g2QvXunB8fVdGIzkmnICz9QL9k0PooLxUIPcwfHBLZRJad4fMHUHnAytdfL3Ac3R
HjcGrE1DQRB47laTx+BSqhKWmsyypWNbdZ9q/aNLRQPTBSg8hYdDxX7Y+V15+ARm
dLkqpoVGylnPfCxztCbXoCR1htrc0SB8aLUEH4zUwrUB+6UloLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org