Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/YtkpGKXKQ7D9EoaOs65kGgEuTmI.roa
File: YtkpGKXKQ7D9EoaOs65kGgEuTmI.roa (raw, json)
Hash identifier: BjHOxYAr1MVCsJxFZVhUOhTHECXUdcNWUzK9MSLq8GU=
Subject key identifier: 62:D9:29:18:A5:CA:43:B0:FD:12:86:8E:B3:AE:64:1A:01:2E:4E:62
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 0ACD224B
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/YtkpGKXKQ7D9EoaOs65kGgEuTmI.roa
Signing time: Sat 01 Jan 2022 16:06:25 +0000
ROA not before: Sat 01 Jan 2022 16:06:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181215819 (0xacd224b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Jan 1 16:06:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62d92918a5ca43b0fd12868eb3ae641a012e4e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:22:a1:9b:54:c9:6b:f6:2d:86:18:2b:20:3a:
54:8f:af:67:ac:9b:a4:12:a0:9e:de:46:70:6b:e0:
d6:f5:62:9b:9d:55:0c:0c:a6:10:1d:d4:49:2f:37:
ac:08:36:a4:db:b6:2b:a0:e7:c4:81:ae:ab:60:ce:
54:48:b7:f4:ad:0c:2d:c6:50:cc:56:60:90:3f:c1:
3f:ed:da:96:55:fd:b3:20:22:59:19:7a:20:7a:b2:
6a:13:f4:1d:36:80:74:5b:fb:8e:79:08:cb:a3:4e:
1b:4c:31:f1:36:ae:0c:80:92:e2:a5:b8:0a:5f:20:
ac:09:8b:ec:10:92:77:f0:aa:8f:87:e3:0d:75:e2:
b2:b2:41:75:17:9c:e2:97:f2:88:2f:2c:21:28:63:
9d:aa:98:a0:fc:45:58:2d:7b:7c:b5:32:bb:f5:bc:
f7:66:58:27:c0:9e:76:54:57:b9:63:c6:a5:55:43:
bb:4c:e3:f9:86:d6:05:90:dc:a1:e8:6b:bd:9a:0c:
6f:fa:22:29:1f:92:08:1b:15:c1:c3:51:c1:15:33:
84:0a:83:96:83:d3:39:f5:f7:3a:ca:e6:6c:42:7c:
24:1e:8f:f1:ea:36:69:24:03:4f:a1:6a:26:cb:38:
a9:74:8b:b8:93:e1:b2:e3:69:fe:85:dc:b3:0a:90:
54:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D9:29:18:A5:CA:43:B0:FD:12:86:8E:B3:AE:64:1A:01:2E:4E:62
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/YtkpGKXKQ7D9EoaOs65kGgEuTmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
45.137.148.0/22
45.153.184.0/22
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.129.0-89.38.131.255
89.38.135.0/24
89.43.33.0/24
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.18.0-93.115.23.255
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/32
Signature Algorithm: sha256WithRSAEncryption
bd:02:dc:4b:81:51:a2:5f:90:3c:f2:df:6b:8d:ff:d0:06:72:
e8:88:3c:39:ef:db:8e:0f:3a:8d:33:52:37:62:96:2f:d8:40:
03:f3:50:e8:74:9b:0c:58:4f:ab:7f:21:9f:41:82:81:1e:54:
66:ff:87:eb:44:fb:7a:74:50:64:45:90:15:85:53:39:da:f6:
17:40:ba:99:9b:3a:1b:6a:cf:6a:4f:9c:97:89:ca:b8:e2:b2:
63:35:f5:00:0b:1b:00:bf:63:67:49:60:cd:b9:a4:79:16:98:
6a:c4:4e:be:4c:eb:e6:99:25:4b:5a:d2:c1:3c:d2:4b:81:de:
a5:85:9b:04:a3:de:98:74:93:e7:ca:35:5a:fc:84:b8:47:f4:
c8:d9:4e:2e:b0:2b:42:40:c2:b1:95:1b:94:01:26:12:4c:66:
9a:8a:73:81:69:98:0d:fd:10:d7:ec:61:6a:96:a2:e6:6e:97:
3d:4f:d0:8a:66:cd:6c:8e:c3:3a:aa:0f:35:4c:67:8c:48:27:
8a:b7:c1:e7:6b:50:37:ac:cd:7b:17:56:00:9a:3d:03:e0:22:
37:f1:d1:4f:e5:27:0d:b7:e1:8e:d2:09:dc:07:cd:0c:1d:7d:
b9:75:ce:3d:7f:0d:47:13:60:55:0c:31:1e:42:ef:79:82:97:
06:b3:07:f9
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIECs0iSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDNiZjkwODA4YWU3ZWNhMDYzZjc0NmE4ZjFkODg4NjU3MzRjOGEzMB4XDTIyMDEw
MTE2MDYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJkOTI5MThhNWNh
NDNiMGZkMTI4NjhlYjNhZTY0MWEwMTJlNGU2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYioZtUyWv2LYYYKyA6VI+vZ6ybpBKgnt5GcGvg1vVim51V
DAymEB3USS83rAg2pNu2K6DnxIGuq2DOVEi39K0MLcZQzFZgkD/BP+3allX9syAi
WRl6IHqyahP0HTaAdFv7jnkIy6NOG0wx8TauDICS4qW4Cl8grAmL7BCSd/Cqj4fj
DXXisrJBdRec4pfyiC8sIShjnaqYoPxFWC17fLUyu/W892ZYJ8CedlRXuWPGpVVD
u0zj+YbWBZDcoehrvZoMb/oiKR+SCBsVwcNRwRUzhAqDloPTOfX3OsrmbEJ8JB6P
8eo2aSQDT6FqJss4qXSLuJPhsuNp/oXcswqQVGMCAwEAAaOCAs8wggLLMB0GA1Ud
DgQWBBRi2SkYpcpDsP0Sho6zrmQaAS5OYjAfBgNVHSMEGDAWgBT0O/kICK5+ygY/
dGqPHYiGVzTIozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlEdjVDQWl1ZnNvR1AzUnFqeDJJaGxjMHlLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYThkOTQzLWYwODItNGIxOC1iODQwLTM4OTE5NWM0ZjA3Yi8x
L1l0a3BHS1hLUTdEOUVvYU9zNjVrR2dFdVRtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YThkOTQzLWYwODItNGIxOC1iODQwLTM4OTE5NWM0ZjA3Yi8xLzlEdjVDQWl1ZnNv
R1AzUnFqeDJJaGxjMHlLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
5AYIKwYBBQUHAQcBAf8EgdQwgdEwgaEEAgABMIGaAwQCAjjUAwQAHw7uAwQCLYmU
AwQCLZm4AwQAVmn8AwQAVmq1AwQAVmvFMAwDBABZJoEDBAJZJoADBABZJocDBABZ
KyEDBAFb+vgDBABdcoADBABdcoUwDAMEAV1zEgMEA11zEAMEAF6wtgMEALKdUgME
AbKdWgMEALlgowMEArmq1AMEALnqNAMEAbnz1gMEAsIgTAMEAsJjFDArBAIAAjAl
AwUAKgWCgAMFAioJzUAwDgMFACoJzUUDBQAqCc1GAwUAKgy5wDANBgkqhkiG9w0B
AQsFAAOCAQEAvQLcS4FRol+QPPLfa43/0AZy6Ig8Oe/bjg86jTNSN2KWL9hAA/NQ
6HSbDFhPq38hn0GCgR5UZv+H60T7enRQZEWQFYVTOdr2F0C6mZs6G2rPak+cl4nK
uOKyYzX1AAsbAL9jZ0lgzbmkeRaYasROvkzr5pklS1rSwTzSS4HepYWbBKPemHST
58o1WvyEuEf0yNlOLrArQkDCsZUblAEmEkxmmopzgWmYDf0Q1+xhapai5m6XPU/Q
imbNbI7DOqoPNUxnjEgnirfB52tQN6zNexdWAJo9A+AiN/HRT+UnDbfhjtIJ3AfN
DB19uXXOPX8NRxNgVQwxHkLveYKXBrMH+Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:22 2023 by rpki-client on console-ams.rpki-client.org