Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/YmI2geAxBFLdkB1kq3IW2e2FrZc.roa
File: YmI2geAxBFLdkB1kq3IW2e2FrZc.roa (raw, json)
Hash identifier: efEiBiH97WU+esHw2yaF1nDO0wRNZ8XpmRNuyOevNqQ=
Subject key identifier: 62:62:36:81:E0:31:04:52:DD:90:1D:64:AB:72:16:D9:ED:85:AD:97
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 042B0900
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/YmI2geAxBFLdkB1kq3IW2e2FrZc.roa
Signing time: Thu 17 Mar 2022 17:57:51 +0000
ROA not before: Thu 17 Mar 2022 17:57:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207569
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
185.94.164.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69929216 (0x42b0900)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 17 17:57:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62623681e0310452dd901d64ab7216d9ed85ad97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:99:ec:23:b8:ae:28:02:39:08:76:1e:b6:e3:
ae:77:84:7c:09:e7:0a:24:eb:6b:3c:42:9e:89:81:
01:be:0c:7a:d3:1e:28:b5:b9:9a:b6:a1:c9:bc:43:
32:4d:0a:c7:60:50:54:e1:1e:0a:28:96:22:93:48:
f2:85:93:e6:65:5c:6a:d8:84:a8:f6:a9:97:f2:10:
5c:fe:fb:f3:39:b0:05:42:92:db:96:84:29:89:9f:
39:93:4c:30:99:d8:ee:44:43:52:85:11:24:e8:3a:
e2:56:20:b8:ef:1d:86:22:5b:30:b1:c3:24:66:be:
fa:ac:0e:7e:4f:34:49:37:31:db:c5:70:6f:56:a6:
3f:8e:a1:30:97:ac:de:1e:20:59:50:14:74:68:12:
fe:1e:7c:b1:76:e4:b2:bd:3b:98:d5:4a:3f:47:f1:
9e:bd:20:6c:57:71:82:47:fd:14:99:c1:f0:aa:e4:
4b:95:cf:13:63:f7:fe:af:7f:52:6a:83:7d:44:6f:
59:d7:2f:50:3d:e2:03:d4:f6:9f:c9:f7:ce:6a:55:
1d:5c:3c:fb:2c:03:eb:73:95:79:35:af:81:57:63:
bc:24:81:d0:1c:eb:b4:5e:83:ab:25:0d:9d:6d:af:
9a:24:65:f5:38:0c:e6:de:c6:e4:b3:36:6f:97:f7:
b2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:62:36:81:E0:31:04:52:DD:90:1D:64:AB:72:16:D9:ED:85:AD:97
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/YmI2geAxBFLdkB1kq3IW2e2FrZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
185.17.2.0/24
185.94.164.0/24
185.188.181.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
b3:1f:88:03:fc:49:61:a3:be:83:6b:89:03:c7:ff:5b:5d:a8:
e5:2e:3b:2e:2a:c1:61:3f:98:56:ab:ed:4e:91:ad:ce:3f:62:
93:d5:29:d7:7c:58:18:f1:9e:5c:54:3b:99:c4:7c:a8:0b:70:
06:37:69:11:df:e6:ae:49:eb:42:c0:7f:e5:95:f8:8f:92:95:
e3:37:82:ee:51:96:cd:12:31:d9:d2:39:5a:92:61:7f:b2:a8:
a3:3c:bd:27:65:c2:1f:2d:b8:f2:b5:9b:53:aa:ff:cd:13:a5:
4a:9e:49:2c:a5:0f:68:2d:ef:e6:96:66:81:b5:f7:fc:35:0b:
6e:89:a5:53:5f:69:17:88:58:bc:ba:7b:d9:6f:f8:c1:98:6a:
b0:53:af:12:4a:b3:20:ef:28:e4:3b:9e:96:2e:5a:51:69:74:
9f:01:40:fc:92:be:29:63:cf:13:a3:b9:80:96:82:5d:42:8d:
05:83:d7:c8:ea:4f:da:02:f2:2f:99:00:ea:a0:44:7f:2f:18:
11:78:c2:f2:07:8c:6a:61:b5:28:f7:7b:42:fe:73:e5:09:d7:
3b:30:3a:3c:4d:64:42:b0:9c:4f:c8:bf:e1:a3:8a:7e:48:15:
03:71:1c:d3:fb:5a:0a:b9:47:49:03:93:0d:be:44:32:e1:9f:
de:de:70:8e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEBCsJADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
NzE3NTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI2MjM2ODFlMDMx
MDQ1MmRkOTAxZDY0YWI3MjE2ZDllZDg1YWQ5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeZ7CO4rigCOQh2HrbjrneEfAnnCiTrazxCnomBAb4MetMe
KLW5mrahybxDMk0Kx2BQVOEeCiiWIpNI8oWT5mVcatiEqPapl/IQXP778zmwBUKS
25aEKYmfOZNMMJnY7kRDUoURJOg64lYguO8dhiJbMLHDJGa++qwOfk80STcx28Vw
b1amP46hMJes3h4gWVAUdGgS/h58sXbksr07mNVKP0fxnr0gbFdxgkf9FJnB8Krk
S5XPE2P3/q9/UmqDfURvWdcvUD3iA9T2n8n3zmpVHVw8+ywD63OVeTWvgVdjvCSB
0BzrtF6DqyUNnW2vmiRl9TgM5t7G5LM2b5f3spUCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBRiYjaB4DEEUt2QHWSrchbZ7YWtlzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1ltSTJnZUF4QkZMZGtCMWtxM0lXMmUyRnJaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAgW0iAMEAAX8dAMEAC1ZQAMEAC2F
9QMEAC4RagMEAFXRAAMEAF/WCAMEALkRAgMEALlepAMEALm8tTANBAIAAjAHAwUA
KgqTADANBgkqhkiG9w0BAQsFAAOCAQEAsx+IA/xJYaO+g2uJA8f/W12o5S47LirB
YT+YVqvtTpGtzj9ik9Up13xYGPGeXFQ7mcR8qAtwBjdpEd/mrknrQsB/5ZX4j5KV
4zeC7lGWzRIx2dI5WpJhf7Koozy9J2XCHy248rWbU6r/zROlSp5JLKUPaC3v5pZm
gbX3/DULbomlU19pF4hYvLp72W/4wZhqsFOvEkqzIO8o5Dueli5aUWl0nwFA/JK+
KWPPE6O5gJaCXUKNBYPXyOpP2gLyL5kA6qBEfy8YEXjC8geMamG1KPd7Qv5z5QnX
OzA6PE1kQrCcT8i/4aOKfkgVA3Ec0/taCrlHSQOTDb5EMuGf3t5wjg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:29 2023 by rpki-client on console-ams.rpki-client.org