Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/YNLrxRJYGLy8bF0cOJaIT2E3hyA.roa
File: YNLrxRJYGLy8bF0cOJaIT2E3hyA.roa (raw, json)
Hash identifier: uB9+lg96dxvMPJiTGx3aZqRmkMLaOzcXNflJ2JalKII=
Subject key identifier: 60:D2:EB:C5:12:58:18:BC:BC:6C:5D:1C:38:96:88:4F:61:37:87:20
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 095D5E93
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/YNLrxRJYGLy8bF0cOJaIT2E3hyA.roa
Signing time: Sat 01 Jan 2022 01:56:49 +0000
ROA not before: Sat 01 Jan 2022 01:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 217.23.0.0/20 maxlen: 20
185.132.132.0/22 maxlen: 22
185.184.192.0/22 maxlen: 22
185.183.32.0/22 maxlen: 22
185.182.192.0/22 maxlen: 22
62.112.8.0/22 maxlen: 22
185.165.240.0/22 maxlen: 22
185.21.60.0/22 maxlen: 22
45.14.132.0/22 maxlen: 22
178.218.196.0/22 maxlen: 22
185.185.48.0/22 maxlen: 22
91.232.105.0/24 maxlen: 24
185.132.176.0/22 maxlen: 22
89.38.96.0/22 maxlen: 22
45.82.64.0/22 maxlen: 22
193.200.164.0/24 maxlen: 24
93.190.136.0/22 maxlen: 22
93.190.140.0/22 maxlen: 22
91.229.23.0/24 maxlen: 24
185.173.160.0/22 maxlen: 22
185.2.80.0/22 maxlen: 22
185.177.124.0/22 maxlen: 22
178.132.0.0/21 maxlen: 21
185.180.220.0/22 maxlen: 22
89.39.104.0/22 maxlen: 22
185.191.0.0/22 maxlen: 22
2.59.168.0/22 maxlen: 22
194.88.104.0/22 maxlen: 22
212.8.240.0/24 maxlen: 24
212.8.242.0/23 maxlen: 23
109.236.80.0/20 maxlen: 20
212.8.252.0/23 maxlen: 23
212.8.248.0/23 maxlen: 23
212.8.250.0/24 maxlen: 24
185.172.88.0/22 maxlen: 22
2a00:7c82::/32 maxlen: 32
2a00:7c81::/32 maxlen: 32
2a00:7c83::/32 maxlen: 32
2a00:7c80::/32 maxlen: 32
2a00:7c80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157114003 (0x95d5e93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Jan 1 01:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60d2ebc5125818bcbc6c5d1c3896884f61378720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1b:c8:8c:a1:88:93:50:d6:09:d0:ae:2a:00:
29:70:ea:5f:73:36:1f:2b:37:7a:aa:25:44:27:6b:
70:43:53:e9:2b:dc:fa:90:bf:c3:21:86:92:93:d5:
0a:ad:6d:4c:b4:b4:6b:27:eb:bc:cd:58:80:d6:e1:
4e:cf:98:c7:f2:aa:a0:85:03:45:61:8c:2c:a7:ea:
18:56:58:45:58:c4:16:eb:75:0b:c2:25:48:35:40:
2d:34:ac:ec:2d:92:74:d5:c0:27:ab:10:ae:a2:2b:
d4:ba:c1:f4:be:54:4f:e1:54:79:23:21:7d:84:dd:
44:e1:fb:23:10:5e:c1:57:c5:85:e1:f8:d2:00:14:
06:4f:3f:05:24:79:54:08:2a:53:74:87:80:a0:62:
a6:26:d3:2d:c1:a3:10:91:53:6c:1a:e0:1a:57:75:
51:69:5e:3c:72:d7:b2:12:51:12:aa:49:93:be:f7:
3b:eb:1b:76:b3:c8:df:02:0e:ac:e9:c5:c6:fb:de:
52:98:20:a7:cd:fd:89:b7:79:05:1e:46:47:8b:e8:
90:26:e2:5c:97:83:c2:be:0c:c4:2f:8b:bb:6a:76:
3f:1c:a6:48:f4:15:ed:3b:39:bb:76:7d:43:a8:ee:
9d:f2:4c:91:a0:33:df:0f:b7:00:56:e2:1e:45:c0:
ce:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D2:EB:C5:12:58:18:BC:BC:6C:5D:1C:38:96:88:4F:61:37:87:20
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/YNLrxRJYGLy8bF0cOJaIT2E3hyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.168.0/22
45.14.132.0/22
45.82.64.0/22
62.112.8.0/22
89.38.96.0/22
89.39.104.0/22
91.229.23.0/24
91.232.105.0/24
93.190.136.0/21
109.236.80.0/20
178.132.0.0/21
178.218.196.0/22
185.2.80.0/22
185.21.60.0/22
185.132.132.0/22
185.132.176.0/22
185.165.240.0/22
185.172.88.0/22
185.173.160.0/22
185.177.124.0/22
185.180.220.0/22
185.182.192.0/22
185.183.32.0/22
185.184.192.0/22
185.185.48.0/22
185.191.0.0/22
193.200.164.0/24
194.88.104.0/22
212.8.240.0/24
212.8.242.0/23
212.8.248.0-212.8.250.255
212.8.252.0/23
217.23.0.0/20
IPv6:
2a00:7c80::/29
Signature Algorithm: sha256WithRSAEncryption
4f:19:19:97:a9:e4:11:60:2a:c3:4c:49:e8:a9:1b:1d:c6:5f:
c7:77:48:59:28:f8:54:53:64:c4:3e:8c:be:df:ca:c5:69:57:
0e:ee:d1:50:af:c7:80:53:b8:9d:ef:21:46:87:ec:42:fa:b7:
be:d6:66:56:b7:ca:4d:1e:ae:a2:5b:cd:25:a3:53:a7:7c:6b:
3a:ce:b8:08:1c:b1:7d:a0:92:07:78:5f:2e:9e:a4:fa:b6:c4:
aa:3e:60:34:9d:c6:b2:4a:fb:bd:f2:0d:e8:44:89:04:54:b8:
a1:f5:42:38:e5:9d:43:96:9f:6a:d5:72:ee:f0:33:2c:1d:dd:
43:af:03:d2:cb:0d:0f:6b:0f:72:72:58:49:12:ce:2d:4a:fb:
bd:e1:36:b7:8c:de:ea:32:fc:62:5d:c5:7e:18:b0:e3:cc:ad:
ca:f1:f1:28:da:15:aa:8b:25:5c:5b:9c:7e:5d:22:2a:2f:96:
6b:eb:42:50:53:a0:9b:50:14:1f:d3:bd:11:74:09:57:11:68:
cf:c2:e9:58:25:a6:f5:7a:3a:33:b2:de:f5:05:84:1a:78:c9:
e8:61:fd:17:95:5e:ff:73:46:b1:52:9d:e4:18:b7:cb:ae:c6:
d8:dc:c2:5e:95:a3:6a:e5:6f:9e:cb:c0:84:b3:48:6e:e8:ab:
08:81:da:6c
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIECV1ekzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzAxNTY1NDA4MjU3OGM0OTQ2Y2QyN2JlMWU4OWEzZGQ3NTYyZmE0MB4XDTIyMDEw
MTAxNTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBkMmViYzUxMjU4
MThiY2JjNmM1ZDFjMzg5Njg4NGY2MTM3ODcyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0byIyhiJNQ1gnQrioAKXDqX3M2Hys3eqolRCdrcENT6Svc
+pC/wyGGkpPVCq1tTLS0ayfrvM1YgNbhTs+Yx/KqoIUDRWGMLKfqGFZYRVjEFut1
C8IlSDVALTSs7C2SdNXAJ6sQrqIr1LrB9L5UT+FUeSMhfYTdROH7IxBewVfFheH4
0gAUBk8/BSR5VAgqU3SHgKBipibTLcGjEJFTbBrgGld1UWlePHLXshJREqpJk773
O+sbdrPI3wIOrOnFxvveUpggp839ibd5BR5GR4vokCbiXJeDwr4MxC+Lu2p2Pxym
SPQV7Ts5u3Z9Q6junfJMkaAz3w+3AFbiHkXAzvkCAwEAAaOCAuUwggLhMB0GA1Ud
DgQWBBRg0uvFElgYvLxsXRw4lohPYTeHIDAfBgNVHSMEGDAWgBRDAVZUCCV4xJRs
0nvh6Jo911YvpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1F3RldWQWdsZU1TVWJOSjc0ZWlhUGRkV0w2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvYzI3ZmE2LWIyYjAtNGRjYi1hODk5LTEwMzBjZGJlNmJkNC8x
L1lOTHJ4UkpZR0x5OGJGMGNPSmFJVDJFM2h5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
YzI3ZmE2LWIyYjAtNGRjYi1hODk5LTEwMzBjZGJlNmJkNC8xL1F3RldWQWdsZU1T
VWJOSjc0ZWlhUGRkV0w2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
+gYIKwYBBQUHAQcBAf8EgeowgecwgdUEAgABMIHOAwQCAjuoAwQCLQ6EAwQCLVJA
AwQCPnAIAwQCWSZgAwQCWSdoAwQAW+UXAwQAW+hpAwQDXb6IAwQEbexQAwQDsoQA
AwQCstrEAwQCuQJQAwQCuRU8AwQCuYSEAwQCuYSwAwQCuaXwAwQCuaxYAwQCua2g
AwQCubF8AwQCubTcAwQCubbAAwQCubcgAwQCubjAAwQCubkwAwQCub8AAwQAwcik
AwQCwlhoAwQA1AjwAwQB1AjyMAwDBAPUCPgDBADUCPoDBAHUCPwDBATZFwAwDQQC
AAIwBwMFAyoAfIAwDQYJKoZIhvcNAQELBQADggEBAE8ZGZep5BFgKsNMSeipGx3G
X8d3SFko+FRTZMQ+jL7fysVpVw7u0VCvx4BTuJ3vIUaH7EL6t77WZla3yk0erqJb
zSWjU6d8azrOuAgcsX2gkgd4Xy6epPq2xKo+YDSdxrJK+73yDehEiQRUuKH1Qjjl
nUOWn2rVcu7wMywd3UOvA9LLDQ9rD3JyWEkSzi1K+73hNreM3uoy/GJdxX4YsOPM
rcrx8SjaFaqLJVxbnH5dIiovlmvrQlBToJtQFB/TvRF0CVcRaM/C6VglpvV6OjOy
3vUFhBp4yehh/ReVXv9zRrFSneQYt8uuxtjcwl6Vo2rlb57LwISzSG7oqwiB2mw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:18 2023 by rpki-client on console-fra.rpki-client.org