Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/PR_YsFYJQcg5iaXH04qTWMuxvpA.roa
File: PR_YsFYJQcg5iaXH04qTWMuxvpA.roa (raw, json)
Hash identifier: AdPWcLlGMgUVvvRDOzZUXWXXRa4jReFlwteXK9U3oLc=
Subject key identifier: 3D:1F:D8:B0:56:09:41:C8:39:89:A5:C7:D3:8A:93:58:CB:B1:BE:90
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 0A3366AE
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/PR_YsFYJQcg5iaXH04qTWMuxvpA.roa
Signing time: Sat 01 Jan 2022 10:59:23 +0000
ROA not before: Sat 01 Jan 2022 10:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39013
IP address blocks: 151.237.66.0/24 maxlen: 24
151.237.82.0/23 maxlen: 23
151.237.80.0/22 maxlen: 22
151.237.80.0/23 maxlen: 23
151.237.90.0/24 maxlen: 24
151.237.88.0/23 maxlen: 23
194.69.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171140782 (0xa3366ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 1 10:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d1fd8b0560941c83989a5c7d38a9358cbb1be90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1a:de:d8:49:a9:cc:23:e5:82:68:86:45:cd:
86:db:e1:d9:70:f6:88:68:8d:26:0d:0b:b3:83:ae:
73:eb:e1:ab:f6:14:ad:7c:22:31:ae:35:99:79:5b:
a8:a5:66:55:11:7e:44:4e:36:0c:41:8c:1e:1d:8a:
55:2f:a5:47:5b:ed:d5:97:e7:a2:e2:cf:77:46:28:
4b:7e:91:e2:6b:51:88:21:27:6d:9d:4f:fa:c8:9c:
52:e7:a4:d7:22:48:70:8b:6c:18:6a:ad:a6:39:e1:
18:33:97:2c:f9:69:4a:93:d5:99:1e:e9:49:15:55:
a0:d7:13:74:98:18:4c:ad:e0:a6:22:ce:f7:be:79:
f3:5b:ba:2c:81:f6:cd:2e:a9:e2:b6:f3:e0:ef:2d:
09:94:ed:43:c6:38:dc:09:69:54:49:6c:f5:14:69:
41:39:1f:5b:49:1e:a4:0d:44:36:7a:90:fa:6e:3f:
7b:f9:26:26:6b:d6:8d:16:a1:5f:58:82:08:79:38:
89:25:f0:dc:8c:d3:50:6b:dc:40:89:d6:d9:3b:2f:
78:96:b0:e8:ea:9a:51:3f:fd:80:aa:eb:fc:aa:ee:
14:ba:1d:26:44:77:95:5c:ee:92:44:a3:ba:ea:54:
6e:93:de:73:67:5e:66:75:1e:d0:8d:54:31:5a:6f:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1F:D8:B0:56:09:41:C8:39:89:A5:C7:D3:8A:93:58:CB:B1:BE:90
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/PR_YsFYJQcg5iaXH04qTWMuxvpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.66.0/24
151.237.80.0/22
151.237.88.0-151.237.90.255
194.69.203.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:db:2c:22:e9:81:00:e2:9d:69:d7:7d:04:a9:bd:9b:f1:f8:
dd:7d:1b:94:9d:35:1a:7c:10:9e:12:7d:a3:76:c8:e0:67:0b:
a5:d2:fd:48:33:9b:64:77:b9:f7:0f:42:ba:42:39:43:46:fd:
4c:22:4c:68:90:3a:a7:25:1c:27:dd:ae:1b:8f:a7:c6:6f:93:
69:f0:02:b1:64:90:f3:82:7f:6c:3e:ad:68:dd:88:d4:41:6b:
35:c1:37:71:28:67:4d:05:83:7e:ff:76:14:70:9a:f0:09:6c:
ae:97:7d:b1:28:cb:ad:2c:49:f4:0f:ba:d1:a5:f1:f9:83:7e:
a4:77:ac:b6:fe:fa:d3:5b:d2:ee:4b:39:a4:8d:4e:e8:f6:e8:
eb:29:67:66:d1:22:c5:27:4a:b8:8c:02:aa:3b:a8:ed:bb:c2:
6a:da:01:a5:71:0e:97:b9:e7:d1:73:9d:5a:f2:3a:f2:70:f3:
f5:4c:de:85:8d:4f:af:d9:c8:4f:46:2f:03:a1:b5:a1:6f:f5:
2d:eb:7b:a3:42:df:79:86:84:10:a2:fa:77:3a:75:c9:d7:28:
0c:0a:4d:4d:fa:28:6f:3f:c0:5b:59:71:f2:f1:80:d0:7c:1f:
9e:b1:f4:9f:c2:fc:20:f1:76:4d:cc:06:9c:7b:0f:58:6f:48:
07:b9:1c:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECjNmrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjYyMmZkZWM4ZmFkZmNhNThlNzU3NWMyOWYxMGU3M2FlNzc1NzE1MB4XDTIyMDEw
MTEwNTkyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QxZmQ4YjA1NjA5
NDFjODM5ODlhNWM3ZDM4YTkzNThjYmIxYmU5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAa3thJqcwj5YJohkXNhtvh2XD2iGiNJg0Ls4Ouc+vhq/YU
rXwiMa41mXlbqKVmVRF+RE42DEGMHh2KVS+lR1vt1ZfnouLPd0YoS36R4mtRiCEn
bZ1P+sicUuek1yJIcItsGGqtpjnhGDOXLPlpSpPVmR7pSRVVoNcTdJgYTK3gpiLO
975581u6LIH2zS6p4rbz4O8tCZTtQ8Y43AlpVEls9RRpQTkfW0kepA1ENnqQ+m4/
e/kmJmvWjRahX1iCCHk4iSXw3IzTUGvcQInW2TsveJaw6OqaUT/9gKrr/KruFLod
JkR3lVzukkSjuupUbpPec2deZnUe0I1UMVpvnh0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQ9H9iwVglByDmJpcfTipNYy7G+kDAfBgNVHSMEGDAWgBTSYi/eyPrfyljn
V1wp8Q5zrndXFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBtSXYzc2o2MzhwWTUxZGNLZkVPYzY1M1Z4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvODVmMDJlLWYxYWMtNDRmYi05MmViLWYwNWFhMjI5ZDYzOC8x
L1BSX1lzRllKUWNnNWlhWEgwNHFUV011eHZwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ODVmMDJlLWYxYWMtNDRmYi05MmViLWYwNWFhMjI5ZDYzOC8xLzBtSXYzc2o2Mzhw
WTUxZGNLZkVPYzY1M1Z4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAJftQgMEApftUDAMAwQDl+1YAwQA
l+1aAwQAwkXLMA0GCSqGSIb3DQEBCwUAA4IBAQBt2ywi6YEA4p1p130Eqb2b8fjd
fRuUnTUafBCeEn2jdsjgZwul0v1IM5tkd7n3D0K6QjlDRv1MIkxokDqnJRwn3a4b
j6fGb5Np8AKxZJDzgn9sPq1o3YjUQWs1wTdxKGdNBYN+/3YUcJrwCWyul32xKMut
LEn0D7rRpfH5g36kd6y2/vrTW9LuSzmkjU7o9ujrKWdm0SLFJ0q4jAKqO6jtu8Jq
2gGlcQ6XuefRc51a8jrycPP1TN6FjU+v2chPRi8DobWhb/Ut63ujQt95hoQQovp3
OnXJ1ygMCk1N+ihvP8BbWXHy8YDQfB+esfSfwvwg8XZNzAacew9Yb0gHuRw6
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:49 2025 by rpki-client