Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YYuZsQPIyPGAFlwjDN2hk9tNRQs.roa
File: YYuZsQPIyPGAFlwjDN2hk9tNRQs.roa (raw, json)
Hash identifier: Yk/NYJQXRr4kyml2tDJQEO6aQeeMbrEujtC9AZ9Hd0s=
Subject key identifier: 61:8B:99:B1:03:C8:C8:F1:80:16:5C:23:0C:DD:A1:93:DB:4D:45:0B
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0990DA22
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YYuZsQPIyPGAFlwjDN2hk9tNRQs.roa
Signing time: Sat 01 Jan 2022 05:04:04 +0000
ROA not before: Sat 01 Jan 2022 05:04:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50563
IP address blocks: 89.46.140.0/24 maxlen: 24
88.148.115.0/24 maxlen: 24
89.46.140.0/23 maxlen: 23
89.46.141.0/24 maxlen: 24
88.148.53.0/24 maxlen: 24
88.148.52.0/23 maxlen: 23
88.148.52.0/24 maxlen: 24
176.56.116.0/24 maxlen: 24
5.154.44.0/24 maxlen: 24
176.227.145.0/24 maxlen: 24
178.156.121.0/24 maxlen: 24
5.154.0.0/24 maxlen: 24
84.236.143.0/24 maxlen: 24
94.76.141.0/24 maxlen: 24
185.27.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160487970 (0x990da22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=618b99b103c8c8f180165c230cdda193db4d450b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9e:4c:a1:79:f9:98:78:14:a1:e2:4a:90:f4:
81:1d:a1:b8:4c:d1:47:da:e6:7a:b5:11:d3:52:be:
20:b5:2f:ab:cd:f3:e7:58:db:02:db:c0:ed:37:5d:
7b:7a:87:68:b4:12:c8:c8:20:61:5c:9f:2b:cb:96:
56:e3:94:6d:46:82:6d:30:72:7d:6c:b6:da:9d:0b:
e6:22:da:49:7c:e0:1b:bc:cc:97:92:2d:e7:ae:37:
07:a3:40:21:39:26:17:35:48:8d:21:05:5f:0e:fc:
04:4a:fb:cc:c3:1b:b2:08:20:e1:fd:b4:c3:4c:9f:
1f:58:cb:9c:99:4a:bd:1f:20:c5:2a:c2:2d:f5:5c:
a6:31:0c:9e:d0:1c:30:8f:52:9d:75:da:59:8f:1b:
c1:2d:3e:30:ed:54:2a:79:7e:1b:7e:89:f2:7f:7b:
52:1e:09:fb:7d:90:be:13:82:1f:6c:58:6d:07:47:
fd:7f:24:98:c7:73:52:c4:8e:25:0f:3c:0c:3a:06:
b4:93:f7:c1:4a:e0:25:54:29:59:24:ab:d9:fe:08:
06:3e:b6:11:64:c0:d2:d5:61:32:0c:87:39:b3:b8:
2f:1d:b2:b5:bd:60:c7:da:11:a9:55:59:c2:e8:6d:
d2:5f:2c:be:09:f1:aa:95:c1:a7:3d:f1:c3:b3:ac:
10:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8B:99:B1:03:C8:C8:F1:80:16:5C:23:0C:DD:A1:93:DB:4D:45:0B
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YYuZsQPIyPGAFlwjDN2hk9tNRQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.0.0/24
5.154.44.0/24
84.236.143.0/24
88.148.52.0/23
88.148.115.0/24
89.46.140.0/23
94.76.141.0/24
176.56.116.0/24
176.227.145.0/24
178.156.121.0/24
185.27.125.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:d9:ed:a5:33:d6:1e:80:2c:87:ba:5d:a2:ef:36:46:24:87:
12:bf:58:6b:8d:05:10:7d:36:7f:f9:f2:c5:d9:51:ab:8d:50:
75:1e:ae:2f:b3:bd:c9:9f:4b:1d:6c:16:98:d3:d6:e4:20:2d:
02:e4:d3:63:0e:2e:2f:f3:f9:0f:5b:62:9e:54:0a:9a:85:19:
c1:32:3b:a5:ee:0a:ef:68:88:6b:9c:db:4c:37:44:6a:5d:58:
0d:9c:68:c6:2b:66:e5:f3:26:00:21:b0:49:39:98:23:03:ec:
cf:83:bd:92:38:ca:42:c0:0a:89:97:1a:4f:c6:65:11:89:83:
df:a4:c9:1c:df:6b:74:db:38:09:82:49:a0:e4:52:e9:71:47:
6f:c7:94:18:d1:c5:97:fc:e0:5f:3d:94:18:60:0c:0b:54:bf:
32:89:5b:48:47:f7:af:41:10:b8:a4:35:8c:3f:14:0d:0d:77:
df:6c:31:6c:19:cc:35:93:bc:90:43:7d:22:de:15:72:ec:54:
0d:7c:37:0c:b2:d2:ad:fc:43:17:78:29:0a:cd:53:cc:ed:8b:
6f:92:93:7f:2c:e7:31:37:bb:c0:37:6f:e3:a2:a4:69:1b:3a:
8c:1c:f3:4c:66:c2:08:64:fd:ff:5d:31:7a:da:db:ab:02:0e:
b5:c5:ee:3f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIECZDaIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE4Yjk5YjEwM2M4
YzhmMTgwMTY1YzIzMGNkZGExOTNkYjRkNDUwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCeTKF5+Zh4FKHiSpD0gR2huEzRR9rmerUR01K+ILUvq83z
51jbAtvA7Tdde3qHaLQSyMggYVyfK8uWVuOUbUaCbTByfWy22p0L5iLaSXzgG7zM
l5It5643B6NAITkmFzVIjSEFXw78BEr7zMMbsggg4f20w0yfH1jLnJlKvR8gxSrC
LfVcpjEMntAcMI9SnXXaWY8bwS0+MO1UKnl+G36J8n97Uh4J+32QvhOCH2xYbQdH
/X8kmMdzUsSOJQ88DDoGtJP3wUrgJVQpWSSr2f4IBj62EWTA0tVhMgyHObO4Lx2y
tb1gx9oRqVVZwuht0l8svgnxqpXBpz3xw7OsEAsCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRhi5mxA8jI8YAWXCMM3aGT201FCzAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L1lZdVpzUVBJeVBHQUZsd2pETjJoazl0TlJRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAAWaAAMEAAWaLAMEAFTsjwMEAViU
NAMEAFiUcwMEAVkujAMEAF5MjQMEALA4dAMEALDjkQMEALKceQMEALkbfTANBgkq
hkiG9w0BAQsFAAOCAQEAz9ntpTPWHoAsh7pdou82RiSHEr9Ya40FEH02f/nyxdlR
q41QdR6uL7O9yZ9LHWwWmNPW5CAtAuTTYw4uL/P5D1tinlQKmoUZwTI7pe4K72iI
a5zbTDdEal1YDZxoxitm5fMmACGwSTmYIwPsz4O9kjjKQsAKiZcaT8ZlEYmD36TJ
HN9rdNs4CYJJoORS6XFHb8eUGNHFl/zgXz2UGGAMC1S/MolbSEf3r0EQuKQ1jD8U
DQ1332wxbBnMNZO8kEN9It4VcuxUDXw3DLLSrfxDF3gpCs1TzO2Lb5KTfyznMTe7
wDdv46KkaRs6jBzzTGbCCGT9/10xetrbqwIOtcXuPw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org