Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/ByyTzWgm5huGJ6mA1Fm65Xjysrw.roa
File: ByyTzWgm5huGJ6mA1Fm65Xjysrw.roa (raw, json)
Hash identifier: ARO+Z+f/ReW68zjzoTjOcTNLtc27LmSKVOZoyctTHkk=
Subject key identifier: 07:2C:93:CD:68:26:E6:1B:86:27:A9:80:D4:59:BA:E5:78:F2:B2:BC
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 018582793D1020F2DD0ECB8B46417EB756C1
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/ByyTzWgm5huGJ6mA1Fm65Xjysrw.roa
Signing time: Thu 05 Jan 2023 15:07:41 +0000
ROA not before: Thu 05 Jan 2023 15:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49544
IP address blocks: 185.41.140.0/22 maxlen: 22
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
91.216.207.0/24 maxlen: 24
188.122.64.0/19 maxlen: 24
91.198.152.0/24 maxlen: 24
185.52.12.0/22 maxlen: 24
185.50.104.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
162.245.204.0/22 maxlen: 22
5.200.0.0/19 maxlen: 24
185.179.202.0/23 maxlen: 24
213.179.204.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.209.0/24 maxlen: 24
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
212.19.224.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
185.197.24.0/22 maxlen: 23
104.153.84.0/22 maxlen: 22
193.43.218.0/23 maxlen: 23
31.204.132.0/22 maxlen: 22
31.204.128.0/19 maxlen: 24
31.204.156.0/23 maxlen: 23
138.128.136.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
138.128.140.0/22 maxlen: 22
2a01:9580::/32 maxlen: 34
2a04:c600::/29 maxlen: 34
2a00:1630::/29 maxlen: 32
2a00:1631::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a00:1630::/32 maxlen: 48
2a00:1632::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:82:79:3d:10:20:f2:dd:0e:cb:8b:46:41:7e:b7:56:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Jan 5 15:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=072c93cd6826e61b8627a980d459bae578f2b2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:f2:70:fd:13:4a:d5:71:23:fc:62:b5:96:
82:25:d0:1f:d0:bc:10:fd:c8:57:03:a9:e8:15:9b:
38:33:f8:6d:19:0d:5d:fa:17:7e:89:1c:fc:26:d9:
d2:bb:ad:56:24:f8:11:81:44:ab:d3:91:d9:bb:8f:
41:9a:30:12:25:97:a9:4f:98:f0:17:d9:d2:46:67:
ac:ca:fa:3e:d4:f0:13:50:3c:af:eb:fe:c9:f2:a6:
24:31:3e:f4:87:83:9d:6d:b4:4c:f6:10:aa:51:81:
86:0d:a9:05:81:d6:cf:98:0f:20:e0:31:6b:44:dc:
ad:ed:0e:d5:94:66:8c:b6:1e:4f:dd:4b:24:61:16:
b8:a1:76:cb:c3:f1:1c:00:44:43:85:5e:c0:9e:3e:
05:96:a2:4b:4b:1c:2f:a8:9d:ad:fd:ac:54:b6:79:
72:f9:fc:b5:26:84:f4:c5:3c:75:54:9b:1a:d9:64:
d1:20:13:9b:02:41:71:42:68:82:48:83:07:aa:92:
75:49:a5:cf:9f:61:a5:13:ea:82:c5:05:14:39:bb:
c6:dd:cd:43:4d:60:da:d2:c0:f9:3b:6c:d2:44:07:
2a:8b:0b:e5:1d:4e:9b:d7:b2:bb:c1:3d:b3:cc:f4:
aa:9e:ec:ee:d6:94:5b:dc:0d:3b:ee:08:85:34:a4:
af:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:2C:93:CD:68:26:E6:1B:86:27:A9:80:D4:59:BA:E5:78:F2:B2:BC
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/ByyTzWgm5huGJ6mA1Fm65Xjysrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.200.0.0/19
31.204.128.0/19
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
42:12:d2:52:c0:d5:e3:0c:e1:24:89:9e:6d:25:33:1c:7a:4e:
c5:70:39:63:f0:40:bb:41:39:33:3a:f1:8f:48:7a:e6:dc:00:
7f:2c:00:fe:cf:6f:d7:29:02:87:f1:2f:ef:3e:17:4d:57:4a:
4a:9c:6e:b0:ed:61:50:8f:76:08:44:40:6f:af:3a:7c:de:d6:
80:f8:27:b5:56:23:a4:9f:ef:e1:17:f8:34:da:fd:8e:60:5d:
0d:64:33:be:83:c7:2d:90:8a:fa:a0:38:29:c7:4a:b5:fd:e6:
d3:a8:8f:bb:d2:ed:4b:09:60:98:09:79:7a:18:f9:ec:c6:0d:
e7:70:f0:8f:85:10:00:e3:55:f3:24:15:9d:d0:ae:8f:da:c4:
16:11:1d:85:ff:5d:45:15:e6:59:ac:4b:79:ad:7d:ce:b7:07:
08:3f:8d:cc:01:95:24:ff:1c:82:87:6e:b4:a0:4b:fe:8c:89:
dd:3e:43:35:6a:ca:50:60:0f:9b:47:c7:2f:66:84:a1:42:b4:
ae:31:fd:53:98:14:42:92:f6:4c:b6:ee:ca:58:27:4e:0a:d4:
29:71:2b:cd:35:ca:1e:90:7c:08:91:14:7a:f0:78:8f:16:92:
52:06:a9:63:0b:0e:f5:88:71:3f:ac:02:1b:a6:72:6b:bc:16:
9d:e2:13:6e
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYWCeT0QIPLdDsuLRkF+t1bBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjMwMTA1MTUwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzJjOTNjZDY4MjZlNjFiODYyN2E5ODBkNDU5YmFlNTc4ZjJiMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQLycP0TStVxI/xitZaCJdAf0LwQ
/chXA6noFZs4M/htGQ1d+hd+iRz8JtnSu61WJPgRgUSr05HZu49BmjASJZepT5jw
F9nSRmesyvo+1PATUDyv6/7J8qYkMT70h4OdbbRM9hCqUYGGDakFgdbPmA8g4DFr
RNyt7Q7VlGaMth5P3UskYRa4oXbLw/EcAERDhV7Anj4FlqJLSxwvqJ2t/axUtnly
+fy1JoT0xTx1VJsa2WTRIBObAkFxQmiCSIMHqpJ1SaXPn2GlE+qCxQUUObvG3c1D
TWDa0sD5O2zSRAcqiwvlHU6b17K7wT2zzPSqnuzu1pRb3A077giFNKSvEwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFAcsk81oJuYbhiepgNRZuuV48rK8MB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvQnl5VHpXZ201aHVHSjZtQTFGbTY1WGp5c3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBhAQCAAEwfgMEBQXI
AAMEBR/MgAMEAVvD6gMEAFvGmAMEAFvYzwMEAmiZVAMEBW3IwAMEA4qAiAMEApL3
TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAMEArk0DAMEArmzyAMEArnFGAMEBbx6
QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAiBAIAAjAcAwUDKgAWMAMFAyoAHSAD
BQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsFAAOCAQEAQhLSUsDV4wzhJImebSUz
HHpOxXA5Y/BAu0E5Mzrxj0h65twAfywA/s9v1ykCh/Ev7z4XTVdKSpxusO1hUI92
CERAb686fN7WgPgntVYjpJ/v4Rf4NNr9jmBdDWQzvoPHLZCK+qA4KcdKtf3m06iP
u9LtSwlgmAl5ehj57MYN53Dwj4UQAONV8yQVndCuj9rEFhEdhf9dRRXmWaxLea19
zrcHCD+NzAGVJP8cgodutKBL/oyJ3T5DNWrKUGAPm0fHL2aEoUK0rjH9U5gUQpL2
TLbuylgnTgrUKXErzTXKHpB8CJEUevB4jxaSUgapYwsO9YhxP6wCG6Zya7wWneIT
bg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:47:08 2025 by rpki-client