Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/y2aOh5veK7y7qOUnEU742IKUZuQ.roa
File: y2aOh5veK7y7qOUnEU742IKUZuQ.roa (raw, json)
Hash identifier: SLYxBGvCgUI5PB9W2YGDFaibx8h1vA5fib5u6WI9vtw=
Subject key identifier: CB:66:8E:87:9B:DE:2B:BC:BB:A8:E5:27:11:4E:F8:D8:82:94:66:E4
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 02D433D8
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/y2aOh5veK7y7qOUnEU742IKUZuQ.roa
Signing time: Sat 01 Jan 2022 16:06:24 +0000
ROA not before: Sat 01 Jan 2022 16:06:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200185
IP address blocks: 89.36.216.0/22 maxlen: 24
94.177.244.0/22 maxlen: 24
86.105.48.0/21 maxlen: 24
217.61.0.0/21 maxlen: 24
89.40.116.0/22 maxlen: 24
89.40.124.0/22 maxlen: 24
194.182.104.0/22 maxlen: 24
94.177.224.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47461336 (0x2d433d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 16:06:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb668e879bde2bbcbba8e527114ef8d8829466e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:66:50:0f:e7:4f:03:04:db:f3:de:c5:95:46:
b7:7e:6a:a5:bf:a2:76:16:84:25:34:7a:7b:70:80:
b4:dd:b2:b9:45:69:4e:b2:5e:b9:d7:03:1b:d0:14:
11:3c:66:4b:3e:15:ac:42:88:96:93:95:f6:3f:84:
92:26:3c:ab:74:5b:fd:44:e2:f2:14:1f:b4:6b:7d:
78:bf:66:82:a3:77:32:32:ab:92:49:d4:14:90:48:
20:bf:fe:c7:08:af:ce:54:01:ef:0f:c1:1f:30:16:
fc:d9:00:1d:2f:6f:f6:e4:72:96:f9:06:8c:af:8b:
5d:4c:ed:14:07:45:e3:bf:6e:35:99:03:01:c5:54:
6b:d4:61:ae:a9:93:30:43:83:5a:b8:4f:ef:62:a0:
81:bf:aa:d3:c5:34:6a:85:b7:9e:19:58:ec:d3:d2:
7f:78:ab:aa:9a:07:91:2c:42:73:94:8d:f2:23:92:
8d:f7:42:92:0e:87:fc:bd:d8:cc:c7:6a:15:64:85:
89:03:f2:d4:d9:88:ad:67:11:27:22:fc:ca:cc:a4:
e4:01:f0:79:22:f5:7e:2c:45:3e:4a:49:8f:ab:37:
56:1a:83:3f:51:db:36:8b:84:60:14:08:3d:85:22:
16:39:6b:72:0f:3f:65:e1:a1:89:e7:6a:a6:5a:92:
9c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:66:8E:87:9B:DE:2B:BC:BB:A8:E5:27:11:4E:F8:D8:82:94:66:E4
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/y2aOh5veK7y7qOUnEU742IKUZuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.48.0/21
89.36.216.0/22
89.40.116.0/22
89.40.124.0/22
94.177.224.0/21
94.177.244.0/22
194.182.104.0/22
217.61.0.0/21
Signature Algorithm: sha256WithRSAEncryption
83:0a:99:d7:9c:72:82:27:cf:8c:33:01:90:22:f2:06:fb:e6:
52:4a:d0:74:c1:d5:fd:28:db:32:85:dd:8d:ca:39:8d:0e:97:
7a:01:17:df:6d:30:d5:23:9c:4c:0d:41:97:34:74:2a:fc:74:
05:3c:01:d3:21:f2:d6:1e:b7:36:0d:8f:da:d9:94:0e:d7:9c:
31:0e:49:eb:bf:34:1f:f6:90:c6:ce:c1:80:79:88:2e:fd:54:
85:40:b2:38:6b:3a:af:69:e9:ad:4d:89:eb:3e:9a:50:7b:e7:
e5:5e:55:b0:9d:e8:e5:7b:c0:4c:cb:4b:63:de:d3:c9:e0:b7:
9b:d8:3b:5f:1f:4d:e6:2a:67:98:fb:d5:aa:a6:42:cd:c6:34:
2f:f9:09:09:7e:a9:d9:3c:92:71:89:18:85:06:6e:46:db:b9:
11:f9:67:9d:b0:65:1a:36:57:8f:38:13:62:80:d3:ff:d1:71:
ba:ec:59:92:86:80:4d:4b:b8:de:07:65:45:b0:21:b8:b1:90:
45:79:ba:a6:61:80:e0:64:34:16:05:fb:9b:4a:64:47:0a:52:
1e:1f:5d:21:04:b9:4f:65:13:b5:a3:c0:ec:dc:fb:41:72:98:
00:e9:41:43:65:da:57:83:c8:76:1f:fa:4e:97:6a:09:9e:48:
ff:9f:6d:aa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEAtQz2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NiNWNlY2MyMTNiOWY4NmRiYmE1MTg1MjFlODU0NmVjOTM4NjFjMB4XDTIyMDEw
MTE2MDYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I2NjhlODc5YmRl
MmJiY2JiYThlNTI3MTE0ZWY4ZDg4Mjk0NjZlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlmUA/nTwME2/PexZVGt35qpb+idhaEJTR6e3CAtN2yuUVp
TrJeudcDG9AUETxmSz4VrEKIlpOV9j+EkiY8q3Rb/UTi8hQftGt9eL9mgqN3MjKr
kknUFJBIIL/+xwivzlQB7w/BHzAW/NkAHS9v9uRylvkGjK+LXUztFAdF479uNZkD
AcVUa9RhrqmTMEODWrhP72Kggb+q08U0aoW3nhlY7NPSf3irqpoHkSxCc5SN8iOS
jfdCkg6H/L3YzMdqFWSFiQPy1NmIrWcRJyL8ysyk5AHweSL1fixFPkpJj6s3VhqD
P1HbNouEYBQIPYUiFjlrcg8/ZeGhiedqplqSnJ8CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTLZo6Hm94rvLuo5ScRTvjYgpRm5DAfBgNVHSMEGDAWgBTTy1zswhO5+G27
pRhSHoVG7JOGHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4dGM3TUlUdWZodHU2VVlVaDZGUnV5VGhody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZTExN2ZlLWM5ZTctNGQ0MS05NGRmLTg0MjY5NDEyZDU2MS8x
L3kyYU9oNXZlSzd5N3FPVW5FVTc0MklLVVp1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZTExN2ZlLWM5ZTctNGQ0MS05NGRmLTg0MjY5NDEyZDU2MS8xLzA4dGM3TUlUdWZo
dHU2VVlVaDZGUnV5VGhody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEA1ZpMAMEAlkk2AMEAlkodAMEAlko
fAMEA16x4AMEAl6x9AMEAsK2aAMEA9k9ADANBgkqhkiG9w0BAQsFAAOCAQEAgwqZ
15xygifPjDMBkCLyBvvmUkrQdMHV/SjbMoXdjco5jQ6XegEX320w1SOcTA1BlzR0
Kvx0BTwB0yHy1h63Ng2P2tmUDtecMQ5J6780H/aQxs7BgHmILv1UhUCyOGs6r2np
rU2J6z6aUHvn5V5VsJ3o5XvATMtLY97TyeC3m9g7Xx9N5ipnmPvVqqZCzcY0L/kJ
CX6p2TyScYkYhQZuRtu5EflnnbBlGjZXjzgTYoDT/9FxuuxZkoaATUu43gdlRbAh
uLGQRXm6pmGA4GQ0FgX7m0pkRwpSHh9dIQS5T2UTtaPA7Nz7QXKYAOlBQ2XaV4PI
dh/6TpdqCZ5I/59tqg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org