Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/YZg2HMWCWePSU7numLFropUwBtI.roa
File: YZg2HMWCWePSU7numLFropUwBtI.roa (raw, json)
Hash identifier: G9eB4Yl0FD1fV2/Sf9z6jyJTZTFemolu6jYLS4Cwavc=
Subject key identifier: 61:98:36:1C:C5:82:59:E3:D2:53:B9:EE:98:B1:6B:A2:95:30:06:D2
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 01845CAA1F0DE45144A2DCE251AA21F01351
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/YZg2HMWCWePSU7numLFropUwBtI.roa
Signing time: Wed 09 Nov 2022 13:52:43 +0000
ROA not before: Wed 09 Nov 2022 13:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 85.153.125.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.126.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.66.0/24 maxlen: 24
85.153.65.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.75.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.74.0/24 maxlen: 24
85.153.83.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.81.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.112.0/24 maxlen: 24
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.114.0/24 maxlen: 24
85.153.116.0/24 maxlen: 24
85.153.115.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
85.153.16.0/22 maxlen: 22
85.153.12.0/22 maxlen: 22
85.153.20.0/24 maxlen: 24
85.153.22.0/24 maxlen: 24
85.153.21.0/24 maxlen: 24
85.153.24.0/22 maxlen: 22
85.153.23.0/24 maxlen: 24
85.153.29.0/24 maxlen: 24
85.153.28.0/24 maxlen: 24
85.153.31.0/24 maxlen: 24
85.153.30.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.34.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.35.0/24 maxlen: 24
85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.44.0/24 maxlen: 24
85.153.40.0/24 maxlen: 24
85.153.47.0/24 maxlen: 24
85.153.45.0/24 maxlen: 24
85.153.46.0/24 maxlen: 24
85.153.56.0/24 maxlen: 24
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.115.204.0/24 maxlen: 24
85.115.206.0/24 maxlen: 24
85.115.205.0/24 maxlen: 24
85.115.207.0/24 maxlen: 24
85.153.4.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:aa:1f:0d:e4:51:44:a2:dc:e2:51:aa:21:f0:13:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Nov 9 13:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6198361cc58259e3d253b9ee98b16ba2953006d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9e:dc:d1:0a:c6:f6:10:d0:78:39:b5:28:79:
d6:63:56:4d:65:be:ad:de:c7:1b:40:00:eb:42:4c:
d8:1d:f0:dc:22:c8:43:73:8b:04:51:17:13:c2:92:
63:21:d9:ad:43:7a:46:b2:da:77:5f:75:5a:f1:2d:
33:df:e0:bb:12:8f:de:54:46:3f:d8:25:5c:c3:9a:
d6:1a:13:65:e1:65:8f:40:88:23:d7:32:69:30:4b:
63:eb:03:5e:3b:6a:93:62:cd:4c:cf:05:7c:53:b5:
8b:67:48:18:26:8c:3f:0a:02:5b:fb:13:77:d6:da:
8a:f6:93:9d:dc:41:fc:00:23:b6:91:89:55:01:c0:
f5:0d:5f:f4:7d:94:97:6d:d5:0e:2f:df:16:5d:6e:
f4:03:c3:94:22:14:c1:66:fd:59:2e:2b:8e:e2:51:
53:42:30:bf:f3:5c:12:41:b0:68:27:73:62:c9:62:
4a:13:6b:07:de:cf:4b:3e:72:78:a8:8f:66:3f:6d:
43:1f:45:b8:81:1b:96:8b:26:54:f4:6d:0c:6f:1f:
97:45:7b:e5:ef:37:d1:ce:a2:f1:ca:3e:6c:41:a4:
10:75:a1:3b:88:0b:60:38:d0:d3:e8:f4:e8:af:3a:
09:3c:97:c7:f9:c2:43:7b:f0:a8:3c:a2:e0:e3:08:
9c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:98:36:1C:C5:82:59:E3:D2:53:B9:EE:98:B1:6B:A2:95:30:06:D2
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/YZg2HMWCWePSU7numLFropUwBtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/22
85.153.4.0/24
85.153.6.0-85.153.8.255
85.153.12.0-85.153.32.255
85.153.34.0-85.153.42.255
85.153.44.0/22
85.153.52.0-85.153.56.255
85.153.59.0-85.153.63.255
85.153.65.0-85.153.75.255
85.153.80.0/20
85.153.108.0-85.153.126.255
Signature Algorithm: sha256WithRSAEncryption
2a:f1:4e:ed:9f:88:28:43:7e:5c:b2:91:ec:03:66:f8:3d:87:
1e:3d:d7:a8:c1:9b:57:87:93:18:52:48:00:c6:3a:05:b3:e4:
0b:76:83:7a:8a:fb:07:05:8a:99:e4:92:d4:4a:f6:2f:64:00:
fa:7e:65:e6:45:0a:c0:e2:d9:4b:8f:bd:61:34:24:61:8a:a9:
16:34:93:97:79:5f:89:a7:27:f2:27:91:b5:ce:67:12:d6:3a:
02:d0:b0:db:95:bb:33:17:0a:a0:5f:26:2e:6c:2d:eb:a9:bb:
13:ad:0e:19:b6:50:38:3b:bd:91:19:99:40:9a:79:8a:bf:33:
d2:ff:ca:1b:54:40:22:1d:f0:29:91:a0:67:dd:81:a0:a1:44:
71:cf:91:ed:56:c1:2b:1d:74:39:62:1f:67:6a:54:32:10:ba:
45:e7:4f:d4:3e:69:fd:79:6e:25:6c:ab:aa:bb:8c:e2:22:9d:
b6:ea:3c:1d:33:e4:77:7f:22:a6:bf:17:48:de:bc:fb:d1:03:
40:e5:50:79:72:f3:08:50:b8:75:76:41:10:4d:a1:4d:62:60:
ab:9d:67:84:49:cf:2b:1d:7c:39:13:7b:16:c9:f0:24:59:10:
a0:0b:2f:2c:0e:85:8a:9f:73:c6:1c:75:9b:ac:76:9d:ea:ff:
42:00:b3:65
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYRcqh8N5FFEotziUaoh8BNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjIxMTA5MTM1MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk4MzYxY2M1ODI1OWUzZDI1M2I5ZWU5OGIxNmJhMjk1MzAwNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ7c0QrG9hDQeDm1KHnWY1ZNZb6t
3scbQADrQkzYHfDcIshDc4sEURcTwpJjIdmtQ3pGstp3X3Va8S0z3+C7Eo/eVEY/
2CVcw5rWGhNl4WWPQIgj1zJpMEtj6wNeO2qTYs1MzwV8U7WLZ0gYJow/CgJb+xN3
1tqK9pOd3EH8ACO2kYlVAcD1DV/0fZSXbdUOL98WXW70A8OUIhTBZv1ZLiuO4lFT
QjC/81wSQbBoJ3NiyWJKE2sH3s9LPnJ4qI9mP21DH0W4gRuWiyZU9G0Mbx+XRXvl
7zfRzqLxyj5sQaQQdaE7iAtgONDT6PTorzoJPJfH+cJDe/CoPKLg4wic+wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFGGYNhzFglnj0lO57pixa6KVMAbSMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvWVpnMkhNV0NXZVBTVTdudW1MRnJvcFV3QnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAlVz
zAMEAFWZBDAMAwQBVZkGAwQAVZkIMAwDBAJVmQwDBABVmSAwDAMEAVWZIgMEAFWZ
KgMEAlWZLDAMAwQCVZk0AwQAVZk4MAwDBABVmTsDBAZVmQAwDAMEAFWZQQMEAlWZ
SAMEBFWZUDAMAwQCVZlsAwQAVZl+MA0GCSqGSIb3DQEBCwUAA4IBAQAq8U7tn4go
Q35cspHsA2b4PYcePdeowZtXh5MYUkgAxjoFs+QLdoN6ivsHBYqZ5JLUSvYvZAD6
fmXmRQrA4tlLj71hNCRhiqkWNJOXeV+JpyfyJ5G1zmcS1joC0LDblbszFwqgXyYu
bC3rqbsTrQ4ZtlA4O72RGZlAmnmKvzPS/8obVEAiHfApkaBn3YGgoURxz5HtVsEr
HXQ5Yh9nalQyELpF50/UPmn9eW4lbKuqu4ziIp226jwdM+R3fyKmvxdI3rz70QNA
5VB5cvMIULh1dkEQTaFNYmCrnWeESc8rHXw5E3sWyfAkWRCgCy8sDoWKn3PGHHWb
rHad6v9CALNl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org