Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/yT_afQDbHdYIEeCrKPEQ3eG2dUU.roa
File: yT_afQDbHdYIEeCrKPEQ3eG2dUU.roa (raw, json)
Hash identifier: s7h4hr2jHOZ7rMcgRW1G0xJCHQnQ2b1oZt0QERKu/WQ=
Subject key identifier: C9:3F:DA:7D:00:DB:1D:D6:08:11:E0:AB:28:F1:10:DD:E1:B6:75:45
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 018385F94193ED02F6AE035A2D1695389B4C
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/yT_afQDbHdYIEeCrKPEQ3eG2dUU.roa
Signing time: Wed 28 Sep 2022 21:20:48 +0000
ROA not before: Wed 28 Sep 2022 21:20:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16246
IP address blocks: 77.87.232.0/21 maxlen: 21
95.143.128.0/20 maxlen: 20
91.197.116.0/22 maxlen: 22
92.240.160.0/19 maxlen: 19
94.74.192.0/18 maxlen: 18
188.175.0.0/16 maxlen: 16
82.150.160.0/19 maxlen: 19
78.108.144.0/21 maxlen: 21
213.180.32.0/19 maxlen: 19
78.108.152.0/21 maxlen: 21
185.15.252.0/22 maxlen: 22
178.17.96.0/20 maxlen: 20
86.63.192.0/19 maxlen: 19
2a03:b4c0::/32 maxlen: 32
2a02:350::/29 maxlen: 29
2a00:d480::/32 maxlen: 32
2a00:1e60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:85:f9:41:93:ed:02:f6:ae:03:5a:2d:16:95:38:9b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Sep 28 21:20:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c93fda7d00db1dd60811e0ab28f110dde1b67545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ec:d0:20:c4:99:eb:71:71:b9:b5:6f:e7:37:
0b:8a:ad:8d:56:0f:aa:9d:db:35:7e:0f:9c:c5:c0:
64:e3:7b:6c:e7:1b:e4:71:f1:f3:9d:58:f0:0d:87:
e6:f8:b1:bf:f9:e5:a8:d1:86:b5:c4:8e:66:68:10:
55:f5:43:73:5e:fa:8d:e9:fd:77:cb:96:2b:0f:c8:
05:57:96:c0:8a:a1:52:05:33:be:cb:d0:7b:b4:78:
d7:4b:41:a7:92:68:30:74:ae:76:ee:63:8c:2f:83:
b4:8f:77:7c:31:2b:da:6b:49:c8:cc:85:25:db:4d:
ef:91:60:e1:dd:0f:7f:4e:1e:e9:d8:15:4c:b4:49:
9a:4e:f2:41:27:b3:31:61:1b:c4:8f:f0:cf:73:c5:
99:f3:60:70:90:4a:20:3a:e4:45:7f:cd:11:0c:af:
a0:45:e8:0d:12:91:dd:c2:b8:14:51:d5:7b:29:2d:
6f:72:16:22:ef:41:74:94:15:4e:61:1c:7b:05:4c:
c5:0d:fd:f0:c2:2d:7a:08:fa:fe:f7:9b:56:8b:16:
44:7d:69:12:b2:cd:60:99:c7:f8:10:5d:00:9e:bd:
34:96:5d:7a:4f:55:3e:10:6c:a0:34:e2:c1:cc:d3:
8d:0d:2f:ea:57:5c:c2:d8:b2:dc:84:1d:07:9c:2c:
37:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3F:DA:7D:00:DB:1D:D6:08:11:E0:AB:28:F1:10:DD:E1:B6:75:45
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/yT_afQDbHdYIEeCrKPEQ3eG2dUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.232.0/21
78.108.144.0/20
82.150.160.0/19
86.63.192.0/19
91.197.116.0/22
92.240.160.0/19
94.74.192.0/18
95.143.128.0/20
178.17.96.0/20
185.15.252.0/22
188.175.0.0/16
213.180.32.0/19
IPv6:
2a00:1e60::/32
2a00:d480::/32
2a02:350::/29
2a03:b4c0::/32
Signature Algorithm: sha256WithRSAEncryption
90:ec:9c:9b:f9:5c:8f:d3:6d:86:9e:45:94:34:48:9c:26:9a:
0a:3b:46:d8:6b:95:d8:d2:c1:8a:a6:74:8d:3b:66:34:33:bf:
11:d4:08:eb:dc:1a:f2:f8:32:6e:ce:ba:6a:e3:29:33:78:de:
b1:d5:18:8f:8d:e3:2e:ad:a5:f7:29:e7:42:c6:4a:9a:af:3d:
e7:53:b8:04:37:ba:ab:77:aa:12:64:be:29:65:6f:4a:1e:9f:
ab:49:d7:f2:50:00:25:d8:5b:76:7b:c1:9f:9b:ee:cb:18:4a:
e2:be:33:4c:df:ef:e1:55:77:58:d4:57:c2:55:7a:51:66:3a:
c8:69:ef:26:33:1f:b7:ce:13:d8:7f:ec:8a:08:76:09:38:c1:
71:5b:bb:4f:95:e9:c6:f6:b9:f7:33:1d:bb:02:7a:64:2f:d9:
1c:04:9d:47:ff:77:2c:57:14:ae:92:2e:90:63:21:7c:6c:5a:
68:0c:be:81:23:00:a0:12:4c:89:65:5e:8e:9d:73:5e:39:9a:
17:d5:6d:e0:11:48:61:9f:e4:5a:d1:ae:a9:4b:95:80:b9:07:
3d:26:90:dc:60:e2:44:2b:8c:e5:3a:a2:32:b6:28:6b:1e:a6:
c6:10:44:54:3e:5b:c4:02:2e:81:6b:0c:6f:94:a6:2b:df:66:
aa:0c:f2:06
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYOF+UGT7QL2rgNaLRaVOJtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjIwOTI4MjEyMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNmZGE3ZDAwZGIxZGQ2MDgxMWUwYWIyOGYxMTBkZGUxYjY3NTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuzQIMSZ63FxubVv5zcLiq2NVg+q
nds1fg+cxcBk43ts5xvkcfHznVjwDYfm+LG/+eWo0Ya1xI5maBBV9UNzXvqN6f13
y5YrD8gFV5bAiqFSBTO+y9B7tHjXS0GnkmgwdK527mOML4O0j3d8MSvaa0nIzIUl
203vkWDh3Q9/Th7p2BVMtEmaTvJBJ7MxYRvEj/DPc8WZ82BwkEogOuRFf80RDK+g
RegNEpHdwrgUUdV7KS1vchYi70F0lBVOYRx7BUzFDf3wwi16CPr+95tWixZEfWkS
ss1gmcf4EF0Anr00ll16T1U+EGygNOLBzNONDS/qV1zC2LLchB0HnCw3lQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFMk/2n0A2x3WCBHgqyjxEN3htnVFMB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEveVRfYWZRRGJIZFlJRWVDcktQRVEzZUcyZFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwTQQCAAEwRwMEA01X6AME
BE5skAMEBVKWoAMEBVY/wAMEAlvFdAMEBVzwoAMEBl5KwAMEBF+PgAMEBLIRYAME
ArkP/AMDALyvAwQF1bQgMCIEAgACMBwDBQAqAB5gAwUAKgDUgAMFAyoCA1ADBQAq
A7TAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ7Jyb+VyP022GnkWUNEicJpoKO0bYa5XY
0sGKpnSNO2Y0M78R1Ajr3Bry+DJuzrpq4ykzeN6x1RiPjeMuraX3KedCxkqarz3n
U7gEN7qrd6oSZL4pZW9KHp+rSdfyUAAl2Ft2e8Gfm+7LGErivjNM3+/hVXdY1FfC
VXpRZjrIae8mMx+3zhPYf+yKCHYJOMFxW7tPlenG9rn3Mx27AnpkL9kcBJ1H/3cs
VxSuki6QYyF8bFpoDL6BIwCgEkyJZV6OnXNeOZoX1W3gEUhhn+Ra0a6pS5WAuQc9
JpDcYOJEK4zlOqIytihrHqbGEERUPlvEAi6BawxvlKYr32aqDPIG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:08 2023 by rpki-client on console-ams.rpki-client.org