Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ybyOGfZlEHHj-1yEuOV0YqWlceI.roa
File: ybyOGfZlEHHj-1yEuOV0YqWlceI.roa (raw, json)
Hash identifier: dGfEpfvXLhtkFzKRPNjimkjlqMZrfK8X9IADeu2HJKQ=
Subject key identifier: C9:BC:8E:19:F6:65:10:71:E3:FB:5C:84:B8:E5:74:62:A5:A5:71:E2
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0181CEBB94DC0A2232B782D00AA087654277
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ybyOGfZlEHHj-1yEuOV0YqWlceI.roa
Signing time: Tue 05 Jul 2022 14:20:08 +0000
ROA not before: Tue 05 Jul 2022 14:20:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 45.87.92.0/24 maxlen: 24
45.87.93.0/24 maxlen: 24
80.66.196.0/24 maxlen: 24
45.139.192.0/24 maxlen: 24
45.139.195.0/24 maxlen: 24
45.139.193.0/24 maxlen: 24
45.141.45.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ce:bb:94:dc:0a:22:32:b7:82:d0:0a:a0:87:65:42:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 5 14:20:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9bc8e19f6651071e3fb5c84b8e57462a5a571e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b6:9c:02:20:07:b8:0d:c5:af:ab:f2:17:1d:
d4:85:49:d5:e7:5b:4c:02:f9:06:f4:17:d4:30:47:
5b:4d:00:86:dc:77:31:97:2b:ed:b3:18:e1:b7:ec:
bc:d7:ed:7e:ec:10:3f:d1:33:52:07:6a:2e:0e:37:
56:97:7c:95:a5:5c:d4:bc:f4:ab:ae:91:1f:8e:e2:
c8:da:af:e8:2e:b6:53:2b:9a:5b:14:54:c7:15:6c:
48:19:9d:08:40:38:2e:ed:43:c8:28:70:ef:e4:15:
44:27:bb:0a:ce:97:08:8c:04:e7:7e:25:84:d1:47:
a3:88:d5:e9:3a:83:3e:55:b0:77:18:25:7e:b8:2d:
55:85:81:37:9d:cf:66:68:84:92:f3:31:20:4c:ab:
df:a4:02:77:39:71:45:d9:72:07:2c:c1:30:94:38:
c9:93:09:75:58:81:81:d4:a8:6e:f5:04:fd:a2:04:
12:bf:08:15:8f:ed:94:7c:19:e0:45:3f:20:9c:15:
26:b6:c8:4b:40:44:96:38:61:8a:a4:71:aa:04:ff:
a6:f1:01:cc:7f:20:c1:fd:03:44:23:01:96:b2:f1:
f5:5c:98:3c:93:f3:cc:d5:23:06:f5:78:e9:0a:a6:
04:25:4f:a3:27:2b:c4:b9:ae:3a:5a:24:d9:60:34:
b6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BC:8E:19:F6:65:10:71:E3:FB:5C:84:B8:E5:74:62:A5:A5:71:E2
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ybyOGfZlEHHj-1yEuOV0YqWlceI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/23
45.139.192.0/23
45.139.195.0/24
45.141.45.0/24
80.66.196.0/24
194.104.144.0/24
Signature Algorithm: sha256WithRSAEncryption
60:33:67:f6:79:9d:d2:90:ea:9d:bb:95:72:cb:4c:b8:5e:51:
b3:31:09:e2:1b:71:79:f2:e7:3f:ab:80:23:47:d0:b6:22:09:
63:37:10:d5:12:fa:8f:d1:0d:22:c7:e9:92:60:1b:21:8e:c2:
03:c6:07:d8:ea:f2:45:a5:c3:39:f8:ea:40:4d:01:26:64:a2:
84:36:27:dc:c1:36:9f:04:b1:04:31:43:30:65:8c:07:b1:bf:
ef:a3:e6:40:c2:aa:c1:50:b1:da:6c:b0:18:50:e3:c5:b3:a6:
6d:5a:93:64:23:ae:ab:31:d8:19:ea:61:6a:55:a4:a3:4e:14:
e8:a8:c9:dd:4b:a0:68:0e:c1:6f:59:82:fa:da:da:8d:e2:fd:
86:eb:99:5c:53:e5:b2:4d:54:db:fb:f4:0a:c0:ff:f0:36:bb:
49:51:62:b0:28:cf:9c:8b:6e:e1:16:40:7e:8d:bb:db:8d:8f:
35:a1:61:b9:4c:6a:00:fd:e9:3b:d3:b3:9b:49:09:b1:00:40:
52:17:1b:44:24:1f:f7:e3:fb:fd:9e:74:7f:32:9c:93:47:40:
b9:04:08:91:9c:8b:69:20:22:98:f9:e9:55:5d:d8:89:bb:d7:
15:6d:c5:81:aa:d2:06:3d:ca:ff:0f:30:3f:f8:87:04:04:71:
d7:44:c1:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYHOu5TcCiIyt4LQCqCHZUJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwNzA1MTQyMDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJjOGUxOWY2NjUxMDcxZTNmYjVjODRiOGU1NzQ2MmE1YTU3MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7acAiAHuA3Fr6vyFx3UhUnV51tM
AvkG9BfUMEdbTQCG3Hcxlyvtsxjht+y81+1+7BA/0TNSB2ouDjdWl3yVpVzUvPSr
rpEfjuLI2q/oLrZTK5pbFFTHFWxIGZ0IQDgu7UPIKHDv5BVEJ7sKzpcIjATnfiWE
0UejiNXpOoM+VbB3GCV+uC1VhYE3nc9maISS8zEgTKvfpAJ3OXFF2XIHLMEwlDjJ
kwl1WIGB1Khu9QT9ogQSvwgVj+2UfBngRT8gnBUmtshLQESWOGGKpHGqBP+m8QHM
fyDB/QNEIwGWsvH1XJg8k/PM1SMG9XjpCqYEJU+jJyvEua46WiTZYDS2uwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMm8jhn2ZRBx4/tchLjldGKlpXHiMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEveWJ5T0dmWmxFSEhqLTF5RXVPVjBZcVdsY2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLVdcAwQB
LYvAAwQALYvDAwQALY0tAwQAUELEAwQAwmiQMA0GCSqGSIb3DQEBCwUAA4IBAQBg
M2f2eZ3SkOqdu5Vyy0y4XlGzMQniG3F58uc/q4AjR9C2IgljNxDVEvqP0Q0ix+mS
YBshjsIDxgfY6vJFpcM5+OpATQEmZKKENifcwTafBLEEMUMwZYwHsb/vo+ZAwqrB
ULHabLAYUOPFs6ZtWpNkI66rMdgZ6mFqVaSjThToqMndS6BoDsFvWYL62tqN4v2G
65lcU+WyTVTb+/QKwP/wNrtJUWKwKM+ci27hFkB+jbvbjY81oWG5TGoA/ek707Ob
SQmxAEBSFxtEJB/34/v9nnR/MpyTR0C5BAiRnItpICKY+elVXdiJu9cVbcWBqtIG
Pcr/DzA/+IcEBHHXRMGA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org