Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/Y2Y1spu3lDRskwqxeTfJzs_Lpqo.roa
File: Y2Y1spu3lDRskwqxeTfJzs_Lpqo.roa (raw, json)
Hash identifier: vR60WvwtgFIonxIctERy6X0zrDuuXVttwfxOJ/RnrSw=
Subject key identifier: 63:66:35:B2:9B:B7:94:34:6C:93:0A:B1:79:37:C9:CE:CF:CB:A6:AA
Certificate issuer: /CN=44cf3fa7074e7304b1f32e1664ad5f7157d65d62
Certificate serial: 0D8357AB
Authority key identifier: 44:CF:3F:A7:07:4E:73:04:B1:F3:2E:16:64:AD:5F:71:57:D6:5D:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RM8_pwdOcwSx8y4WZK1fcVfWXWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/Y2Y1spu3lDRskwqxeTfJzs_Lpqo.roa
Signing time: Sat 01 Jan 2022 08:53:18 +0000
ROA not before: Sat 01 Jan 2022 08:53:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21283
IP address blocks: 185.28.8.0/22 maxlen: 22
213.157.224.0/19 maxlen: 19
85.10.32.0/20 maxlen: 20
90.157.128.0/17 maxlen: 17
188.64.24.0/21 maxlen: 21
46.164.0.0/18 maxlen: 18
146.212.0.0/16 maxlen: 18
62.84.224.0/20 maxlen: 20
80.95.224.0/20 maxlen: 20
85.10.0.0/19 maxlen: 19
94.127.24.0/21 maxlen: 21
46.122.0.0/15 maxlen: 15
92.37.0.0/17 maxlen: 17
212.18.32.0/19 maxlen: 19
109.239.176.0/20 maxlen: 20
185.173.52.0/22 maxlen: 22
2a00:1a20::/29 maxlen: 32
2001:15c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226711467 (0xd8357ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44cf3fa7074e7304b1f32e1664ad5f7157d65d62
Validity
Not Before: Jan 1 08:53:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=636635b29bb794346c930ab17937c9cecfcba6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:3e:3f:81:85:50:36:6d:60:fd:a5:00:05:d7:
05:02:1a:21:2b:1f:7f:11:4c:8f:2e:ce:ae:23:52:
36:3c:26:e7:28:8c:cc:f0:d6:b0:e0:a8:9e:6b:fe:
fe:b4:f0:99:e1:74:3f:3d:77:1f:1f:0c:02:34:64:
8b:b6:fb:4b:34:d2:dd:c7:f8:97:c5:e6:cb:2e:35:
0b:af:60:93:7c:9a:fe:88:e2:21:7e:f1:9b:5e:b2:
53:f5:af:db:1d:43:a0:ee:a4:3a:bb:54:fb:fd:6a:
df:f7:a1:61:9a:eb:ff:bf:a1:1a:32:95:79:68:f7:
24:0b:45:19:42:63:55:14:ad:da:f5:fa:2e:29:d3:
d4:97:08:db:ff:a1:a4:36:81:21:df:84:63:e2:33:
99:b6:97:bb:07:03:90:85:23:aa:1f:98:0e:6f:16:
5e:c2:b2:45:f6:94:2b:94:be:88:dd:b1:ea:e7:d6:
73:cd:1c:e9:65:c0:56:0c:7c:73:e1:a6:6a:22:01:
36:7c:ef:52:63:92:c4:07:f3:fc:a7:72:ef:e7:cc:
13:c3:29:6a:f6:43:38:ee:5e:90:e9:11:0a:8b:69:
6b:39:b1:99:c3:b9:c1:a7:e3:9f:af:24:51:50:30:
30:59:41:6d:10:cc:8f:c5:95:89:24:0e:05:a3:38:
54:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:66:35:B2:9B:B7:94:34:6C:93:0A:B1:79:37:C9:CE:CF:CB:A6:AA
X509v3 Authority Key Identifier:
keyid:44:CF:3F:A7:07:4E:73:04:B1:F3:2E:16:64:AD:5F:71:57:D6:5D:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM8_pwdOcwSx8y4WZK1fcVfWXWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/Y2Y1spu3lDRskwqxeTfJzs_Lpqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/RM8_pwdOcwSx8y4WZK1fcVfWXWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.122.0.0/15
46.164.0.0/18
62.84.224.0/20
80.95.224.0/20
85.10.0.0-85.10.47.255
90.157.128.0/17
92.37.0.0/17
94.127.24.0/21
109.239.176.0/20
146.212.0.0/16
185.28.8.0/22
185.173.52.0/22
188.64.24.0/21
212.18.32.0/19
213.157.224.0/19
IPv6:
2001:15c0::/29
2a00:1a20::/29
Signature Algorithm: sha256WithRSAEncryption
24:ab:e2:94:72:5f:cc:f7:e0:42:42:de:f0:b1:2a:18:06:4d:
f2:08:46:fe:af:0a:09:2f:3c:52:2a:a6:36:cc:5f:9f:af:7b:
9f:a9:ab:bc:0f:db:5c:2a:af:64:b9:9e:3b:5c:19:5b:d7:ca:
1a:94:51:99:01:af:72:02:d0:d6:cd:2d:a8:43:56:33:2e:10:
b3:0a:0c:e1:a8:80:db:57:fc:79:03:12:e0:f1:8b:d0:ac:19:
5d:3b:91:a8:18:17:2e:34:35:45:4e:f1:66:0c:c2:73:16:cf:
ea:c9:9f:fd:13:6c:0f:ea:1e:6b:8f:60:af:70:00:5b:cd:17:
64:5b:a9:5b:d3:26:fe:8c:68:42:ae:87:0c:79:f4:86:c2:3d:
5a:ba:2a:4a:58:c6:e3:05:5e:b8:cd:f1:7a:dd:91:a4:f2:94:
8f:45:11:5a:ac:96:fa:75:c5:9f:68:6f:2c:95:77:6c:7d:b4:
f3:ce:d7:c7:9e:12:a1:65:57:29:aa:a3:af:ee:d5:5a:5c:79:
69:e4:45:1d:c5:0b:cf:31:e2:20:40:b4:76:e4:2e:08:69:b8:
fa:84:63:e3:4f:74:8d:a3:23:9f:bb:e5:03:12:a3:15:e8:24:
96:cb:c3:0f:a0:a7:c0:03:c6:31:41:72:11:3c:13:88:18:1e:
b1:e1:46:54
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIEDYNXqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NGNmM2ZhNzA3NGU3MzA0YjFmMzJlMTY2NGFkNWY3MTU3ZDY1ZDYyMB4XDTIyMDEw
MTA4NTMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM2NjM1YjI5YmI3
OTQzNDZjOTMwYWIxNzkzN2M5Y2VjZmNiYTZhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOk+P4GFUDZtYP2lAAXXBQIaISsffxFMjy7OriNSNjwm5yiM
zPDWsOConmv+/rTwmeF0Pz13Hx8MAjRki7b7SzTS3cf4l8Xmyy41C69gk3ya/oji
IX7xm16yU/Wv2x1DoO6kOrtU+/1q3/ehYZrr/7+hGjKVeWj3JAtFGUJjVRSt2vX6
LinT1JcI2/+hpDaBId+EY+IzmbaXuwcDkIUjqh+YDm8WXsKyRfaUK5S+iN2x6ufW
c80c6WXAVgx8c+GmaiIBNnzvUmOSxAfz/Kdy7+fME8MpavZDOO5ekOkRCotpazmx
mcO5wafjn68kUVAwMFlBbRDMj8WViSQOBaM4VOUCAwEAAaOCAnkwggJ1MB0GA1Ud
DgQWBBRjZjWym7eUNGyTCrF5N8nOz8umqjAfBgNVHSMEGDAWgBREzz+nB05zBLHz
LhZkrV9xV9ZdYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JNOF9wd2RPY3dTeDh5NFdaSzFmY1ZmV1hXSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvODkzMTQ5LWRkMjUtNDU5Ni1iYWQ4LTFkZTkzM2Q5Zjg0My8x
L1kyWTFzcHUzbERSc2t3cXhlVGZKenNfTHBxby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
ODkzMTQ5LWRkMjUtNDU5Ni1iYWQ4LTFkZTkzM2Q5Zjg0My8xL1JNOF9wd2RPY3dT
eDh5NFdaSzFmY1ZmV1hXSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jgYIKwYBBQUHAQcBAf8EfzB9MGUEAgABMF8DAwEuegMEBi6kAAMEBD5U4AMEBFBf
4DALAwMBVQoDBARVCiADBAdanYADBAdcJQADBANefxgDBARt77ADAwCS1AMEArkc
CAMEArmtNAMEA7xAGAMEBdQSIAMEBdWd4DAUBAIAAjAOAwUDIAEVwAMFAyoAGiAw
DQYJKoZIhvcNAQELBQADggEBACSr4pRyX8z34EJC3vCxKhgGTfIIRv6vCgkvPFIq
pjbMX5+ve5+pq7wP21wqr2S5njtcGVvXyhqUUZkBr3IC0NbNLahDVjMuELMKDOGo
gNtX/HkDEuDxi9CsGV07kagYFy40NUVO8WYMwnMWz+rJn/0TbA/qHmuPYK9wAFvN
F2RbqVvTJv6MaEKuhwx59IbCPVq6KkpYxuMFXrjN8XrdkaTylI9FEVqslvp1xZ9o
byyVd2x9tPPO18eeEqFlVymqo6/u1VpceWnkRR3FC88x4iBAtHbkLghpuPqEY+NP
dI2jI5+75QMSoxXoJJbLww+gp8ADxjFBchE8E4gYHrHhRlQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:03 2024 by rpki-client on console-ams.rpki-client.org