Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/yBCZUv2LgEqnE_u2ZPSjrgNywOw.roa
File: yBCZUv2LgEqnE_u2ZPSjrgNywOw.roa (raw, json)
Hash identifier: InCTYhGvp6Avvtw2iGsXhv+6B1BZLYzSLtlEeuX94Dc=
Subject key identifier: C8:10:99:52:FD:8B:80:4A:A7:13:FB:B6:64:F4:A3:AE:03:72:C0:EC
Certificate issuer: /CN=b795aaf033004c92d7a26c236c14d32552d78d94
Certificate serial: 0183D0AC9CC4DC6A1926AEEF9C44525DC287
Authority key identifier: B7:95:AA:F0:33:00:4C:92:D7:A2:6C:23:6C:14:D3:25:52:D7:8D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5Wq8DMATJLXomwjbBTTJVLXjZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/yBCZUv2LgEqnE_u2ZPSjrgNywOw.roa
Signing time: Thu 13 Oct 2022 09:28:36 +0000
ROA not before: Thu 13 Oct 2022 09:28:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199758
IP address blocks: 91.132.252.0/23 maxlen: 23
91.132.252.0/22 maxlen: 22
91.132.254.0/23 maxlen: 23
195.13.51.0/24 maxlen: 24
195.14.7.0/24 maxlen: 24
195.13.47.0/24 maxlen: 24
185.46.230.0/23 maxlen: 23
185.46.228.0/22 maxlen: 22
185.46.228.0/23 maxlen: 23
185.153.10.0/23 maxlen: 23
185.153.8.0/22 maxlen: 22
185.153.8.0/23 maxlen: 23
2a01:8760::/32 maxlen: 32
2a03:ac60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:ac:9c:c4:dc:6a:19:26:ae:ef:9c:44:52:5d:c2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b795aaf033004c92d7a26c236c14d32552d78d94
Validity
Not Before: Oct 13 09:28:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8109952fd8b804aa713fbb664f4a3ae0372c0ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:dc:76:53:17:4b:26:ff:23:18:ad:56:78:c2:
2d:1a:74:63:67:c3:9a:c0:fc:45:ad:e9:88:0f:40:
41:3b:2f:93:3f:97:e6:ac:5b:c9:2c:79:d5:6a:d4:
c6:3a:b9:9a:9f:40:39:0e:e3:61:65:ad:c4:6c:3e:
a0:04:fe:88:9f:20:e7:8a:bf:72:71:24:c4:e8:ee:
68:c9:81:16:08:7e:2c:61:7f:0c:52:b7:ff:c9:18:
29:4d:31:2a:ca:ef:17:0b:d6:cf:46:90:4d:b5:44:
51:35:bb:df:bc:a7:32:0d:7d:4c:40:80:15:5c:de:
95:29:a1:8b:71:e7:22:69:52:3f:de:a5:ab:ee:8c:
79:bd:40:20:49:79:0c:c4:f9:5e:39:73:43:60:ca:
25:fe:0d:e4:19:9e:82:c8:ea:fd:25:07:fa:a5:9a:
8b:eb:7a:c1:d3:22:e6:70:ec:7a:ea:a4:88:f9:2a:
2c:40:de:cb:40:29:33:d5:98:72:1a:66:9e:47:3e:
f2:09:83:1b:4c:e8:4f:24:7f:83:c9:95:8f:ef:b4:
22:27:a2:a2:b9:4b:58:eb:57:85:ca:0b:da:43:d5:
6a:6f:39:49:b0:17:d6:4a:e8:4c:e0:0a:14:ee:6c:
20:1b:d7:86:0e:4a:0c:93:f2:ca:0e:8f:45:92:b6:
25:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:10:99:52:FD:8B:80:4A:A7:13:FB:B6:64:F4:A3:AE:03:72:C0:EC
X509v3 Authority Key Identifier:
keyid:B7:95:AA:F0:33:00:4C:92:D7:A2:6C:23:6C:14:D3:25:52:D7:8D:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5Wq8DMATJLXomwjbBTTJVLXjZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/yBCZUv2LgEqnE_u2ZPSjrgNywOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/t5Wq8DMATJLXomwjbBTTJVLXjZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.252.0/22
185.46.228.0/22
185.153.8.0/22
195.13.47.0/24
195.13.51.0/24
195.14.7.0/24
IPv6:
2a01:8760::/32
2a03:ac60::/32
Signature Algorithm: sha256WithRSAEncryption
1f:cc:f1:45:e2:8c:61:03:83:d8:a9:e8:65:85:88:c0:45:89:
1e:4f:1e:22:e4:7b:f0:be:73:a4:d2:08:bb:ae:08:58:38:95:
89:11:01:ed:71:1e:5c:44:c5:7c:52:60:fa:01:5a:9c:4b:23:
55:4f:8e:8a:f0:da:e3:1e:64:73:d5:32:61:77:5a:fd:dd:0e:
07:df:a0:b0:5b:bb:54:b3:64:c0:1b:17:dd:00:1e:74:eb:c0:
11:e9:bf:a1:2c:33:2e:7b:e1:07:8b:df:8f:b8:ee:09:34:66:
7e:d7:e9:17:d8:4c:a7:e0:0c:82:99:f5:9d:16:e9:c3:1f:b6:
31:6c:87:a7:bc:2c:a6:63:3e:57:3d:d4:9d:08:73:38:ab:58:
fb:fe:46:3b:e8:65:ab:41:4a:fa:e9:df:37:36:65:c4:31:8a:
76:1b:1a:0e:36:89:d8:eb:be:d7:c6:5e:28:37:bf:16:ec:0a:
a0:d6:15:05:31:17:ce:ed:35:c6:cb:32:9c:48:19:ec:82:4f:
f7:74:d8:4b:69:e4:8d:95:8b:73:64:b2:fa:5c:51:60:29:57:
90:0f:84:60:1d:bb:55:dd:e1:cd:fc:84:25:26:61:52:5a:d5:
98:27:c3:8b:e6:53:08:44:11:a6:be:cf:a3:cf:65:a0:50:0e:
90:6e:ab:96
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYPQrJzE3GoZJq7vnERSXcKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OTVhYWYwMzMwMDRjOTJkN2EyNmMyMzZjMTRkMzI1NTJk
NzhkOTQwHhcNMjIxMDEzMDkyODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODEwOTk1MmZkOGI4MDRhYTcxM2ZiYjY2NGY0YTNhZTAzNzJjMGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tx2UxdLJv8jGK1WeMItGnRjZ8Oa
wPxFremID0BBOy+TP5fmrFvJLHnVatTGOrman0A5DuNhZa3EbD6gBP6InyDnir9y
cSTE6O5oyYEWCH4sYX8MUrf/yRgpTTEqyu8XC9bPRpBNtURRNbvfvKcyDX1MQIAV
XN6VKaGLceciaVI/3qWr7ox5vUAgSXkMxPleOXNDYMol/g3kGZ6CyOr9JQf6pZqL
63rB0yLmcOx66qSI+SosQN7LQCkz1ZhyGmaeRz7yCYMbTOhPJH+DyZWP77QiJ6Ki
uUtY61eFygvaQ9VqbzlJsBfWSuhM4AoU7mwgG9eGDkoMk/LKDo9FkrYlkQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMgQmVL9i4BKpxP7tmT0o64DcsDsMB8GA1UdIwQY
MBaAFLeVqvAzAEyS16JsI2wU0yVS142UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVXcThETUFUSkxYb213amJCVFRKVkxYalpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jNzUyYjItMThmOS00MTkxLTg4Zjgt
YzA2NWYyNDJmMDIwLzEveUJDWlV2MkxnRXFuRV91MlpQU2pyZ055d093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jNzUyYjItMThmOS00MTkxLTg4ZjgtYzA2NWYyNDJmMDIw
LzEvdDVXcThETUFUSkxYb213amJCVFRKVkxYalpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCW4T8AwQC
uS7kAwQCuZkIAwQAww0vAwQAww0zAwQAww4HMBQEAgACMA4DBQAqAYdgAwUAKgOs
YDANBgkqhkiG9w0BAQsFAAOCAQEAH8zxReKMYQOD2KnoZYWIwEWJHk8eIuR78L5z
pNIIu64IWDiViREB7XEeXETFfFJg+gFanEsjVU+OivDa4x5kc9UyYXda/d0OB9+g
sFu7VLNkwBsX3QAedOvAEem/oSwzLnvhB4vfj7juCTRmftfpF9hMp+AMgpn1nRbp
wx+2MWyHp7wspmM+Vz3UnQhzOKtY+/5GO+hlq0FK+unfNzZlxDGKdhsaDjaJ2Ou+
18ZeKDe/FuwKoNYVBTEXzu01xssynEgZ7IJP93TYS2nkjZWLc2Sy+lxRYClXkA+E
YB27Vd3hzfyEJSZhUlrVmCfDi+ZTCEQRpr7Po89loFAOkG6rlg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:35 2025 by rpki-client