Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/ykOboeWjsuxIdDyiXkFuPknCfA0.roa
File: ykOboeWjsuxIdDyiXkFuPknCfA0.roa (raw, json)
Hash identifier: T4ZrN9ZXRUtUpb+2nxw/5sUj1PAP+zOpN+y5BsvfmBQ=
Subject key identifier: CA:43:9B:A1:E5:A3:B2:EC:48:74:3C:A2:5E:41:6E:3E:49:C2:7C:0D
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 0185730C9733590F2C48E02F1A873516C9D5
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/ykOboeWjsuxIdDyiXkFuPknCfA0.roa
Signing time: Mon 02 Jan 2023 15:14:43 +0000
ROA not before: Mon 02 Jan 2023 15:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8758
IP address blocks: 37.46.144.0/22 maxlen: 24
217.71.240.0/20 maxlen: 24
178.250.130.0/23 maxlen: 24
185.160.244.0/22 maxlen: 24
217.150.224.0/20 maxlen: 24
157.143.0.0/17 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.116.0/22 maxlen: 24
109.70.115.0/24 maxlen: 24
212.25.0.0/19 maxlen: 24
77.74.96.0/21 maxlen: 24
145.40.192.0/19 maxlen: 24
84.254.80.0/20 maxlen: 24
95.143.48.0/20 maxlen: 24
84.254.96.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
87.239.200.0/21 maxlen: 24
31.24.8.0/21 maxlen: 24
178.22.104.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
194.246.118.0/23 maxlen: 24
217.22.128.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a01:bd00::/32 maxlen: 32
2a00:10c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:97:33:59:0f:2c:48:e0:2f:1a:87:35:16:c9:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: Jan 2 15:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca439ba1e5a3b2ec48743ca25e416e3e49c27c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:54:c8:bf:10:0a:d9:74:84:85:e2:c9:61:40:
95:49:51:52:e5:e4:75:84:c1:81:b3:ec:30:0a:9c:
4b:e8:5c:94:96:ad:a8:36:73:e3:19:02:ba:3f:82:
cc:61:98:c8:93:d7:40:95:a7:45:37:0c:3d:38:ca:
8d:42:04:33:62:29:65:0c:ec:83:4b:1b:08:61:de:
93:aa:c6:21:8d:6b:26:2c:d7:fd:42:47:a9:a0:98:
3e:f5:11:3f:30:c8:77:ca:5b:68:59:67:a4:cd:44:
ef:de:70:cd:d9:f5:96:19:16:a2:be:1f:d7:e2:4a:
a8:bb:bc:13:8d:97:08:0e:65:b8:b8:4c:a0:a2:fc:
63:da:6b:f9:bb:bf:d9:c9:f1:77:fd:49:ca:cf:22:
77:be:a4:93:23:68:3c:83:73:c1:e4:95:16:39:ff:
27:c8:16:c2:bf:a1:48:20:ee:48:0b:c5:8d:dc:59:
60:b7:63:cf:16:03:5a:e6:31:73:90:90:13:64:91:
04:27:51:71:80:b0:91:23:71:b3:b0:2d:a1:c9:86:
22:88:cf:a9:7b:60:02:7b:63:66:a8:13:a7:99:7a:
0f:7b:9d:7d:9a:01:93:50:2f:48:34:3e:ae:74:1e:
5a:ee:14:27:73:d9:04:b3:a0:22:a4:d9:5a:14:09:
6f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:43:9B:A1:E5:A3:B2:EC:48:74:3C:A2:5E:41:6E:3E:49:C2:7C:0D
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/ykOboeWjsuxIdDyiXkFuPknCfA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
95.143.48.0/20
109.70.112.0/21
145.40.192.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.160.244.0/22
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
57:06:f3:bd:97:ab:0b:f0:8f:0d:4b:15:aa:a0:d3:2e:1e:0e:
0d:93:c8:7b:17:95:07:fc:b2:ce:ce:9e:ce:89:57:08:71:8a:
61:6e:84:a1:7a:aa:50:ff:5d:40:07:15:79:e4:91:dc:5a:b8:
57:09:01:5a:13:c1:20:d4:46:c2:c1:3f:b1:77:32:e4:f8:1c:
ad:0d:0c:63:01:1f:03:82:3a:a2:f1:52:25:46:d5:e6:98:58:
93:68:2a:9b:03:b2:6f:90:70:28:03:22:b7:32:02:78:de:b5:
7e:e4:28:7f:fe:8b:49:9d:f8:eb:05:79:51:1a:7d:6e:85:69:
dd:68:13:28:97:3f:d5:a4:dd:b5:43:ef:af:e4:4e:e4:ec:e9:
77:c9:ca:b1:b3:65:f1:9a:bf:48:c5:4c:4f:d3:9a:fa:df:e6:
b6:c3:e1:3a:b3:dd:7f:ee:7a:75:73:f2:00:7c:95:99:4e:c4:
ee:00:5c:bd:ff:0a:0a:87:e7:ab:ca:0b:43:11:aa:c3:ea:59:
be:d2:1a:98:9c:7e:86:64:a3:cc:9f:b1:df:0b:6a:c0:4d:29:
82:be:e3:d3:a3:35:c2:1e:62:2f:76:db:78:98:54:58:67:ca:
23:55:dc:28:8a:71:e2:42:aa:ea:80:a2:dc:7e:7e:6a:6b:7c:
6e:96:69:b1
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYVzDJczWQ8sSOAvGoc1FsnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjMwMTAyMTUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQzOWJhMWU1YTNiMmVjNDg3NDNjYTI1ZTQxNmUzZTQ5YzI3YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslTIvxAK2XSEheLJYUCVSVFS5eR1
hMGBs+wwCpxL6FyUlq2oNnPjGQK6P4LMYZjIk9dAladFNww9OMqNQgQzYillDOyD
SxsIYd6TqsYhjWsmLNf9QkepoJg+9RE/MMh3yltoWWekzUTv3nDN2fWWGRaivh/X
4kqou7wTjZcIDmW4uEygovxj2mv5u7/ZyfF3/UnKzyJ3vqSTI2g8g3PB5JUWOf8n
yBbCv6FIIO5IC8WN3Flgt2PPFgNa5jFzkJATZJEEJ1FxgLCRI3GzsC2hyYYiiM+p
e2ACe2NmqBOnmXoPe519mgGTUC9IND6udB5a7hQnc9kEs6AipNlaFAlvDQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFMpDm6Hlo7LsSHQ8ol5Bbj5JwnwNMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEveWtPYm9lV2pzdXhJZER5aVhrRnVQa25DZkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBgAQCAAEwegMEAx8Y
CAMEAiUukAMEA01KYAMEBFBZ0AMEBlOWADAMAwQEVP5QAwQEVP5gAwQDV+/IAwQE
X48wAwQDbUZwAwQFkSjAAwQHnY8AAwQDshZoAwQBsvqCAwQCuaD0AwQBwvZ2AwQF
1BkAAwQE2RaAAwQE2UfwAwQE2ZbgMBsEAgACMBUDBQMgAQjgAwUAKgAQwAMFACoB
vQAwDQYJKoZIhvcNAQELBQADggEBAFcG872Xqwvwjw1LFaqg0y4eDg2TyHsXlQf8
ss7Ons6JVwhximFuhKF6qlD/XUAHFXnkkdxauFcJAVoTwSDURsLBP7F3MuT4HK0N
DGMBHwOCOqLxUiVG1eaYWJNoKpsDsm+QcCgDIrcyAnjetX7kKH/+i0md+OsFeVEa
fW6Fad1oEyiXP9Wk3bVD76/kTuTs6XfJyrGzZfGav0jFTE/Tmvrf5rbD4Tqz3X/u
enVz8gB8lZlOxO4AXL3/CgqH56vKC0MRqsPqWb7SGpicfoZko8yfsd8LasBNKYK+
49OjNcIeYi9223iYVFhnyiNV3CiKceJCquqAotx+fmprfG6WabE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:52 2025 by rpki-client