Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/AYyHqH_mYY1ffxY3uUZABNgQjmc.roa
File: AYyHqH_mYY1ffxY3uUZABNgQjmc.roa (raw, json)
Hash identifier: DwLFXDpB/lGBmcGtSJxBn1O3Lbs6Z4SXiC4pC57RC7k=
Subject key identifier: 01:8C:87:A8:7F:E6:61:8D:5F:7F:16:37:B9:46:40:04:D8:10:8E:67
Certificate issuer: /CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Certificate serial: 110FB7ED
Authority key identifier: 4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/AYyHqH_mYY1ffxY3uUZABNgQjmc.roa
Signing time: Sat 01 Jan 2022 07:53:10 +0000
ROA not before: Sat 01 Jan 2022 07:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28768
IP address blocks: 185.124.216.0/22 maxlen: 22
94.143.216.0/23 maxlen: 23
81.200.32.0/21 maxlen: 21
81.200.40.0/21 maxlen: 21
2a00:1bb0::/32 maxlen: 32
2a03:9060::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286242797 (0x110fb7ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Validity
Not Before: Jan 1 07:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=018c87a87fe6618d5f7f1637b9464004d8108e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dc:e5:c0:11:d0:00:77:4b:ac:b3:d7:0e:bf:
d7:43:12:3f:4b:6d:df:86:d9:36:87:4f:12:81:5e:
09:d1:0f:6b:86:54:80:65:15:87:48:b2:1a:02:23:
ea:53:eb:3e:c1:bf:9b:71:2d:6c:99:0e:e2:4c:e8:
8e:ab:e5:22:0a:f5:62:af:b7:ed:96:a7:e2:7d:e6:
12:60:be:9e:70:92:c9:62:98:ca:63:a0:77:97:9a:
5f:57:5f:49:24:1b:7a:30:30:74:3e:b9:da:44:5d:
7d:12:20:f4:fb:63:52:d9:07:9a:1e:73:ea:a8:1e:
4c:d9:5e:10:93:51:92:42:0c:9c:ca:da:bf:32:4e:
d3:51:d0:47:24:d3:ab:0c:d9:6c:14:1d:ad:47:7b:
8d:77:ba:f0:ac:cd:7b:4c:f0:ff:71:a8:96:09:34:
df:65:6d:f4:c4:ec:a1:09:9c:bb:4e:93:29:85:1a:
b2:88:03:63:05:25:f1:3a:4d:b2:1e:54:b0:f6:95:
12:da:ba:67:7a:bf:9c:53:0b:5b:4c:16:70:31:9d:
bf:83:dd:c7:1d:2f:54:38:08:b5:21:88:b0:17:ec:
04:b1:2f:45:d8:a1:3f:15:5b:05:cd:36:9a:14:ef:
40:b4:d7:39:07:54:e9:c9:ca:48:24:f2:12:3c:1a:
38:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8C:87:A8:7F:E6:61:8D:5F:7F:16:37:B9:46:40:04:D8:10:8E:67
X509v3 Authority Key Identifier:
keyid:4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/AYyHqH_mYY1ffxY3uUZABNgQjmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/TwMCBfo2Xp9J_06nUG35EtXtg2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.32.0/20
94.143.216.0/23
185.124.216.0/22
IPv6:
2a00:1bb0::/32
2a03:9060::/32
Signature Algorithm: sha256WithRSAEncryption
c0:35:51:f6:32:f8:2a:8d:d0:83:d7:54:f3:14:bb:1c:4b:9e:
8c:3a:dc:9a:c6:c5:bd:24:8b:90:dc:74:65:d0:80:78:01:e0:
b0:52:63:b7:84:9a:11:20:9c:44:c8:ed:53:bb:ce:dd:63:88:
ed:d0:4c:12:84:75:b6:e5:76:67:31:bc:af:ad:b1:f2:ee:b1:
ee:6b:54:69:48:d4:72:1e:0c:ef:98:98:62:65:ff:4d:16:6c:
16:74:97:41:70:ff:e6:f3:3a:76:a6:c1:ff:b9:2d:70:2d:ab:
b5:d7:c6:cb:aa:16:8b:6e:e9:50:41:2d:8f:ce:7c:d7:5f:55:
22:0f:15:c2:c5:77:17:59:e1:7a:e4:3b:3b:d7:e9:b0:7b:c5:
b8:50:29:76:ea:bf:60:f1:86:a8:2a:89:d7:b6:ff:81:44:44:
8e:96:a9:22:2d:00:28:13:a2:08:bb:f6:1a:2a:81:8d:10:cf:
41:0d:9d:bc:f8:30:8b:f2:8b:9f:0d:39:e1:13:31:a4:98:4b:
19:cf:37:ec:93:53:74:85:71:fc:ea:87:db:6b:96:de:b1:45:
15:6b:d2:6e:d2:a3:e5:70:5d:44:bd:24:75:f9:3f:67:17:4d:
5c:fe:d1:e5:bd:df:d6:b3:15:5a:a3:26:54:19:88:80:f6:dc:
aa:8d:48:82
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEEQ+37TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjAzMDIwNWZhMzY1ZTlmNDlmZjRlYTc1MDZkZjkxMmQ1ZWQ4MzYwMB4XDTIyMDEw
MTA3NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE4Yzg3YTg3ZmU2
NjE4ZDVmN2YxNjM3Yjk0NjQwMDRkODEwOGU2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLc5cAR0AB3S6yz1w6/10MSP0tt34bZNodPEoFeCdEPa4ZU
gGUVh0iyGgIj6lPrPsG/m3EtbJkO4kzojqvlIgr1Yq+37Zan4n3mEmC+nnCSyWKY
ymOgd5eaX1dfSSQbejAwdD652kRdfRIg9PtjUtkHmh5z6qgeTNleEJNRkkIMnMra
vzJO01HQRyTTqwzZbBQdrUd7jXe68KzNe0zw/3Golgk032Vt9MTsoQmcu06TKYUa
sogDYwUl8TpNsh5UsPaVEtq6Z3q/nFMLW0wWcDGdv4Pdxx0vVDgItSGIsBfsBLEv
RdihPxVbBc02mhTvQLTXOQdU6cnKSCTyEjwaOAkCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQBjIeof+ZhjV9/Fje5RkAE2BCOZzAfBgNVHSMEGDAWgBRPAwIF+jZen0n/
TqdQbfkS1e2DYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R3TUNCZm8yWHA5Sl8wNm5VRzM1RXRYdGcyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvM2M4ZGE1LWE4ZTktNGE0Zi04MTY4LTNjZTYxMWNiNjc5OS8x
L0FZeUhxSF9tWVkxZmZ4WTN1VVpBQk5nUWptYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
M2M4ZGE1LWE4ZTktNGE0Zi04MTY4LTNjZTYxMWNiNjc5OS8xL1R3TUNCZm8yWHA5
Sl8wNm5VRzM1RXRYdGcyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEBFHIIAMEAV6P2AMEArl82DAUBAIA
AjAOAwUAKgAbsAMFACoDkGAwDQYJKoZIhvcNAQELBQADggEBAMA1UfYy+CqN0IPX
VPMUuxxLnow63JrGxb0ki5DcdGXQgHgB4LBSY7eEmhEgnETI7VO7zt1jiO3QTBKE
dbbldmcxvK+tsfLuse5rVGlI1HIeDO+YmGJl/00WbBZ0l0Fw/+bzOnamwf+5LXAt
q7XXxsuqFotu6VBBLY/OfNdfVSIPFcLFdxdZ4XrkOzvX6bB7xbhQKXbqv2Dxhqgq
ide2/4FERI6WqSItACgTogi79hoqgY0Qz0ENnbz4MIvyi58NOeETMaSYSxnPN+yT
U3SFcfzqh9trlt6xRRVr0m7So+VwXUS9JHX5P2cXTVz+0eW939azFVqjJlQZiID2
3KqNSII=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:42 2025 by rpki-client