Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/9-YNOXeoRu_MZKTj9lX6gWVpdgA.roa
File: 9-YNOXeoRu_MZKTj9lX6gWVpdgA.roa (raw, json)
Hash identifier: OxVhXniuDpGYcruVPdzXCAMoThBdP1z0PMuykFSHEkI=
Subject key identifier: F7:E6:0D:39:77:A8:46:EF:CC:64:A4:E3:F6:55:FA:81:65:69:76:00
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0B93A390
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/9-YNOXeoRu_MZKTj9lX6gWVpdgA.roa
Signing time: Sat 01 Jan 2022 05:06:05 +0000
ROA not before: Sat 01 Jan 2022 05:06:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20507
IP address blocks: 85.223.101.0/24 maxlen: 24
82.215.0.0/18 maxlen: 24
82.215.17.0/24 maxlen: 24
82.215.19.0/24 maxlen: 24
85.223.126.0/24 maxlen: 24
85.223.0.0/17 maxlen: 24
217.149.192.0/24 maxlen: 24
217.149.192.0/19 maxlen: 24
31.184.64.0/18 maxlen: 24
217.149.202.0/24 maxlen: 24
217.149.201.0/24 maxlen: 24
217.149.203.0/24 maxlen: 24
217.149.219.0/24 maxlen: 24
217.149.217.0/24 maxlen: 24
217.149.218.0/24 maxlen: 24
92.254.0.0/17 maxlen: 24
2a01:3a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194225040 (0xb93a390)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 1 05:06:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7e60d3977a846efcc64a4e3f655fa8165697600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:85:43:fe:fa:7d:cd:bd:f0:c3:78:3d:91:91:
aa:c0:98:bc:7f:f4:9b:e3:89:21:a1:89:84:df:16:
14:44:30:91:bc:1f:7d:f2:74:c4:42:ee:5c:43:1d:
74:d5:8f:2e:a5:99:59:c7:38:71:79:22:9b:ae:30:
a8:4b:f6:0c:ba:14:f2:64:83:4d:8a:01:0e:6c:c2:
53:2d:9f:0c:51:fe:fe:e0:bb:67:3a:c4:c1:1b:fb:
82:6e:4a:d6:c4:ab:a4:f9:b3:73:b1:b7:64:1d:e6:
43:69:8a:a4:3c:df:75:68:d8:25:6b:c9:7d:2a:dd:
df:60:9b:3e:ec:a4:98:63:b8:ec:a0:3a:32:63:89:
4f:09:7d:79:90:44:8e:57:49:f4:8e:e8:95:9a:bf:
dc:7d:ea:32:4e:b3:e6:fb:8d:1a:79:fc:80:86:c2:
62:35:6a:78:0e:a6:56:51:fa:26:92:11:29:c0:cf:
9c:a8:34:5e:9e:41:e8:1f:10:db:dc:0a:58:21:b5:
cd:94:f4:fd:2f:8c:81:af:fb:18:d3:6c:4b:20:84:
1a:c4:31:f2:d8:6c:4d:f3:25:1c:62:e5:6d:46:96:
98:c9:e3:6c:39:3e:48:81:bd:cd:6b:57:9c:e5:d7:
0f:b7:e7:73:6a:a5:bc:4c:d6:ad:4e:08:92:fd:3f:
c7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E6:0D:39:77:A8:46:EF:CC:64:A4:E3:F6:55:FA:81:65:69:76:00
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/9-YNOXeoRu_MZKTj9lX6gWVpdgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.184.64.0/18
82.215.0.0/18
85.223.0.0/17
92.254.0.0/17
217.149.192.0/19
IPv6:
2a01:3a8::/32
Signature Algorithm: sha256WithRSAEncryption
af:44:0c:49:5c:38:36:84:e3:ed:f9:2b:cf:cf:96:e2:ea:b1:
96:14:c8:04:04:11:a6:21:0d:51:c5:46:d3:d1:1c:34:16:b2:
f8:40:fc:9f:e5:4c:f4:6e:9c:fd:22:43:05:9f:3e:48:7a:33:
9b:ed:65:6f:1c:9b:45:49:19:fb:a7:33:5d:4a:d4:03:53:e5:
27:4e:03:75:52:05:86:9a:e2:92:f8:3c:d4:25:06:91:45:d5:
c2:5e:80:91:61:c2:ae:94:ae:08:e7:48:7f:c4:8a:9a:a2:ec:
6f:ff:70:62:06:97:ec:ea:28:5f:3c:92:c0:f7:76:58:78:a9:
a0:7a:cc:92:62:09:70:0f:0c:7f:c2:d7:c3:4c:9a:bd:8c:c8:
aa:1c:98:3d:98:da:f5:93:5b:96:5c:33:1c:7c:b1:db:68:4c:
cb:00:f6:4d:26:fa:d1:a6:37:bc:31:32:80:ab:bd:7c:04:a6:
ba:45:11:9a:f5:da:af:d2:d4:70:75:a0:fc:ac:01:07:32:91:
66:1c:7b:89:b5:3b:25:5c:ad:e2:dd:1d:9b:b5:11:6a:c6:a5:
57:2c:6f:ea:54:d2:1b:46:1b:64:98:c9:40:a5:93:60:c7:34:
0e:4b:93:39:f8:2c:91:4f:e7:54:e6:2f:01:4f:d4:83:e2:c9:
8d:75:d7:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEC5OjkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MWI1MzQ0Mzc1MDM2Njg4MTVhZGQ5M2NkMTdkMGFkM2UxYjFhODc3MB4XDTIyMDEw
MTA1MDYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdlNjBkMzk3N2E4
NDZlZmNjNjRhNGUzZjY1NWZhODE2NTY5NzYwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuFQ/76fc298MN4PZGRqsCYvH/0m+OJIaGJhN8WFEQwkbwf
ffJ0xELuXEMddNWPLqWZWcc4cXkim64wqEv2DLoU8mSDTYoBDmzCUy2fDFH+/uC7
ZzrEwRv7gm5K1sSrpPmzc7G3ZB3mQ2mKpDzfdWjYJWvJfSrd32CbPuykmGO47KA6
MmOJTwl9eZBEjldJ9I7olZq/3H3qMk6z5vuNGnn8gIbCYjVqeA6mVlH6JpIRKcDP
nKg0Xp5B6B8Q29wKWCG1zZT0/S+Mga/7GNNsSyCEGsQx8thsTfMlHGLlbUaWmMnj
bDk+SIG9zWtXnOXXD7fnc2qlvEzWrU4Ikv0/x/cCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBT35g05d6hG78xkpOP2VfqBZWl2ADAfBgNVHSMEGDAWgBRhtTRDdQNmiBWt
2TzRfQrT4bGodzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1liVTBRM1VEWm9nVnJkazgwWDBLMC1HeHFIYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvYzFhY2Q2LTIzMGEtNGUzNi1hNThmLWY1NTVlMmU2OGExMC8x
LzktWU5PWGVvUnVfTVpLVGo5bFg2Z1dWcGRnQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
YzFhY2Q2LTIzMGEtNGUzNi1hNThmLWY1NTVlMmU2OGExMC8xL1liVTBRM1VEWm9n
VnJkazgwWDBLMC1HeHFIYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBh+4QAMEBlLXAAMEB1XfAAMEB1z+
AAMEBdmVwDANBAIAAjAHAwUAKgEDqDANBgkqhkiG9w0BAQsFAAOCAQEAr0QMSVw4
NoTj7fkrz8+W4uqxlhTIBAQRpiENUcVG09EcNBay+ED8n+VM9G6c/SJDBZ8+SHoz
m+1lbxybRUkZ+6czXUrUA1PlJ04DdVIFhprikvg81CUGkUXVwl6AkWHCrpSuCOdI
f8SKmqLsb/9wYgaX7OooXzySwPd2WHipoHrMkmIJcA8Mf8LXw0yavYzIqhyYPZja
9ZNbllwzHHyx22hMywD2TSb60aY3vDEygKu9fASmukURmvXar9LUcHWg/KwBBzKR
Zhx7ibU7JVyt4t0dm7URasalVyxv6lTSG0YbZJjJQKWTYMc0DkuTOfgskU/nVOYv
AU/Ug+LJjXXXwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:07 2024 by rpki-client on console-fra.rpki-client.org