Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/ykRgC-1IXZUg-N6gw6-AvL24VZI.roa
File: ykRgC-1IXZUg-N6gw6-AvL24VZI.roa (raw, json)
Hash identifier: NRlNeXK7V3QTR4sH1oiOJWppVRDE1xeNuB7Gd6rRa+Y=
Subject key identifier: CA:44:60:0B:ED:48:5D:95:20:F8:DE:A0:C3:AF:80:BC:BD:B8:55:92
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 0189FEC3141389A7B961EF77D371CB815C30
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/ykRgC-1IXZUg-N6gw6-AvL24VZI.roa
Signing time: Wed 16 Aug 2023 14:32:24 +0000
ROA not before: Wed 16 Aug 2023 14:32:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204957
IP address blocks: 195.211.98.0/23 maxlen: 23
195.211.96.0/23 maxlen: 23
82.117.252.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
82.117.254.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
82.117.255.0/24 maxlen: 24
195.123.236.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
85.90.196.0/24 maxlen: 24
62.233.57.0/24 maxlen: 24
2a05:9400::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:c3:14:13:89:a7:b9:61:ef:77:d3:71:cb:81:5c:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Aug 16 14:32:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca44600bed485d9520f8dea0c3af80bcbdb85592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f7:5a:b3:13:1b:ef:50:a6:22:58:d8:33:51:
89:0e:3b:54:fa:36:24:37:25:72:77:0e:f0:e4:7f:
3e:10:03:9f:5e:92:11:8f:f7:63:42:0c:48:2f:6d:
1e:7c:3e:b9:6a:43:5b:59:9b:e8:6e:f5:f8:06:73:
9a:8b:7b:0e:fc:24:28:35:fc:ca:c5:21:4e:92:02:
40:33:55:29:0a:6a:88:59:8a:4f:b3:b6:66:57:a3:
0b:55:73:61:ab:f7:74:bd:aa:36:0a:b8:0a:9d:52:
c4:be:52:11:48:e6:a0:39:01:fc:65:7b:93:39:52:
ca:6b:69:64:74:97:fb:a3:b2:8a:21:b9:2d:79:7f:
5a:00:9c:d2:e8:67:e3:9e:a6:ef:95:82:13:08:f7:
60:78:1d:92:38:bb:64:7e:74:ce:4d:00:ee:55:66:
f9:99:2d:1f:c0:6d:26:6a:67:45:7d:b6:2e:fa:20:
14:28:64:e4:47:0c:ae:d9:ed:99:66:80:3c:fa:12:
93:a6:be:ae:5e:ce:13:b6:4a:15:7c:e2:7a:e3:5c:
25:90:24:9c:10:1d:a4:55:2a:d6:a0:bf:4c:25:4d:
22:af:b9:8a:a4:04:d0:ab:26:3a:6e:85:a1:82:f7:
fa:b8:08:ea:64:16:a8:71:d0:74:04:ee:78:2b:87:
43:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:44:60:0B:ED:48:5D:95:20:F8:DE:A0:C3:AF:80:BC:BD:B8:55:92
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/ykRgC-1IXZUg-N6gw6-AvL24VZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.56.0/22
62.233.57.0/24
82.117.252.0/22
85.90.196.0/24
195.123.232.0-195.123.247.255
195.211.96.0/22
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:a9:6c:4a:c2:a3:54:8e:73:8c:66:d7:6d:e6:f6:df:9e:64:
e7:82:4c:aa:cb:69:3d:eb:7e:d4:cf:3a:68:82:a4:a5:b5:ba:
06:e2:a7:c8:cf:04:94:71:93:e6:cb:6a:e1:34:4d:f8:70:a7:
a2:da:cd:a2:cc:1b:f6:fe:3f:f4:92:49:c8:e3:36:25:99:14:
f4:5c:47:89:87:07:22:c4:a5:b7:a1:d7:82:30:db:47:38:4c:
d9:d3:19:dc:6c:77:33:19:03:af:f8:f8:a8:de:6b:51:c2:8e:
4b:37:1e:71:6b:ed:3a:0a:f6:62:f2:8a:36:86:f9:3d:52:a4:
76:3b:bf:8b:6c:24:b2:f6:a0:3e:9d:80:22:fd:0c:01:20:06:
62:cc:be:66:dd:2f:fb:ea:2c:d2:1a:ac:e0:4d:d4:13:f9:03:
34:de:84:ab:6d:11:f5:7d:5f:68:45:a7:0c:23:9b:c0:f8:77:
df:ec:26:67:de:f6:dc:8f:8c:ee:05:ab:d6:00:d5:be:da:ab:
8e:e5:fb:f2:2c:d1:68:52:13:d6:db:bb:60:a7:bc:67:5f:8b:
e6:82:37:6a:7e:4a:72:26:fa:05:1d:b8:1c:2d:01:14:90:b4:
6a:4f:1b:ad:00:86:dc:8a:8a:83:8a:41:fe:b4:19:6b:0d:2f:
3b:72:7c:a9
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYn+wxQTiae5Ye9303HLgVwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjMwODE2MTQzMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ0NjAwYmVkNDg1ZDk1MjBmOGRlYTBjM2FmODBiY2JkYjg1NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvdasxMb71CmIljYM1GJDjtU+jYk
NyVydw7w5H8+EAOfXpIRj/djQgxIL20efD65akNbWZvobvX4BnOai3sO/CQoNfzK
xSFOkgJAM1UpCmqIWYpPs7ZmV6MLVXNhq/d0vao2CrgKnVLEvlIRSOagOQH8ZXuT
OVLKa2lkdJf7o7KKIbkteX9aAJzS6GfjnqbvlYITCPdgeB2SOLtkfnTOTQDuVWb5
mS0fwG0mamdFfbYu+iAUKGTkRwyu2e2ZZoA8+hKTpr6uXs4TtkoVfOJ641wlkCSc
EB2kVSrWoL9MJU0ir7mKpATQqyY6boWhgvf6uAjqZBaocdB0BO54K4dDHQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFMpEYAvtSF2VIPjeoMOvgLy9uFWSMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEveWtSZ0MtMUlYWlVnLU42Z3c2LUF2TDI0VlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAyBAIAATAsAwQCLVo4AwQA
Puk5AwQCUnX8AwQAVVrEMAwDBAPDe+gDBAPDe/ADBALD02AwJQQCAAIwHzANAwQC
KgWUAwUAKgWUBjAOAwUGKhJvwAMFACoSb8IwDQYJKoZIhvcNAQELBQADggEBAHCp
bErCo1SOc4xm123m9t+eZOeCTKrLaT3rftTPOmiCpKW1ugbip8jPBJRxk+bLauE0
Tfhwp6LazaLMG/b+P/SSScjjNiWZFPRcR4mHByLEpbeh14Iw20c4TNnTGdxsdzMZ
A6/4+Kjea1HCjks3HnFr7ToK9mLyijaG+T1SpHY7v4tsJLL2oD6dgCL9DAEgBmLM
vmbdL/vqLNIarOBN1BP5AzTehKttEfV9X2hFpwwjm8D4d9/sJmfe9tyPjO4Fq9YA
1b7aq47l+/Is0WhSE9bbu2CnvGdfi+aCN2p+SnIm+gUduBwtARSQtGpPG60AhtyK
ioOKQf60GWsNLztyfKk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:25 2025 by rpki-client