Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YG-5wtl0nvovYFydvkXSUB285to.roa
File: YG-5wtl0nvovYFydvkXSUB285to.roa (raw, json)
Hash identifier: odR4x6DMtieqbMjWpQr0zkGtqd6h5qvbCYr2yppEOhA=
Subject key identifier: 60:6F:B9:C2:D9:74:9E:FA:2F:60:5C:9D:BE:45:D2:50:1D:BC:E6:DA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D29A80FC2B9A193DAF44B0E025FCE062
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YG-5wtl0nvovYFydvkXSUB285to.roa
Signing time: Fri 02 Dec 2022 11:30:51 +0000
ROA not before: Fri 02 Dec 2022 11:30:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:9a:80:fc:2b:9a:19:3d:af:44:b0:e0:25:fc:e0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 11:30:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=606fb9c2d9749efa2f605c9dbe45d2501dbce6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:30:76:61:94:63:f5:0e:28:a7:1d:6d:ef:
b6:b2:fc:f2:bd:b7:5d:03:27:61:08:39:fb:84:bd:
23:39:6c:c5:53:19:d2:51:eb:5f:80:cf:0f:e1:cb:
68:2d:04:03:3c:1e:78:9e:8d:2c:7e:3a:f4:de:f7:
c3:ee:3b:db:ed:7b:3e:98:58:f4:21:d9:cc:08:15:
cc:77:6e:74:01:35:98:9d:1f:ea:f3:6d:e6:84:74:
f5:2c:dd:45:51:95:6c:82:b7:ae:30:36:9b:e4:57:
9e:0f:bb:46:16:d2:45:2a:c7:5c:06:bc:6f:fe:ca:
41:34:0e:d0:a6:59:16:3a:48:f2:eb:91:df:90:3f:
4a:b9:9f:dc:af:3b:dc:f5:a2:99:5b:fd:66:db:9d:
ec:ef:7c:d1:e5:4d:61:f2:ec:dc:85:ff:c4:05:2d:
75:a7:0d:e2:f0:45:6c:f9:cb:7b:2d:e9:d2:7e:f3:
f6:e6:bc:bc:cb:6e:59:5e:a9:d4:3e:52:f1:66:0d:
7c:33:3e:31:97:8e:17:71:26:0a:45:7e:8a:82:f9:
73:e2:4a:6f:c4:7c:e5:83:50:68:76:1b:de:12:13:
d7:05:2b:e7:12:85:8c:69:73:04:1e:a5:ab:8a:66:
23:82:e1:b4:09:e9:4e:6c:b9:ee:1d:f8:0f:1b:1a:
7e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6F:B9:C2:D9:74:9E:FA:2F:60:5C:9D:BE:45:D2:50:1D:BC:E6:DA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YG-5wtl0nvovYFydvkXSUB285to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
22:0d:fe:a9:3a:45:76:4f:b0:7e:10:c2:e4:2d:1b:58:51:39:
6a:98:64:17:a1:25:0d:a0:ef:43:24:c5:02:f0:5d:05:27:18:
00:dc:9d:95:ac:8d:e9:09:fc:d8:c2:80:2c:41:47:2f:d6:7f:
56:d5:bb:2b:8a:42:ef:9d:c5:a2:0f:e4:29:86:6d:a9:b8:90:
86:b2:cd:58:70:32:e8:a8:26:15:15:e4:57:44:57:5e:c2:e9:
1e:b5:e3:df:1b:be:b8:62:15:07:91:38:ad:23:66:91:ec:50:
d7:9c:a2:57:d2:f1:31:76:01:25:db:51:38:5f:a2:a1:ec:3d:
41:e3:2d:29:0c:4e:b6:a3:41:78:f7:bc:3d:39:e5:ff:e5:07:
7e:fa:a4:d3:0e:5e:6e:0d:d2:8c:50:22:0b:3c:b9:89:ed:bd:
d7:d6:9d:7c:f0:ee:73:c9:af:18:d0:06:a6:a4:a1:52:42:d6:
0a:fc:fc:43:75:e3:8e:f3:a3:b5:af:07:1e:ad:9e:fc:7e:6b:
3a:b7:1d:2f:39:b2:d0:0d:dc:94:1b:a0:6d:60:2e:44:0c:55:
5a:c8:05:48:db:d4:9b:9b:ab:dd:3e:92:6d:5c:1c:b1:ae:e2:
27:05:b1:44:2a:ac:5e:ab:4d:86:ee:2e:14:f6:63:67:45:63:
5e:f6:e2:26
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYTSmoD8K5oZPa9EsOAl/OBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTEzMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDZmYjljMmQ5NzQ5ZWZhMmY2MDVjOWRiZTQ1ZDI1MDFkYmNlNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1MwdmGUY/UOKKcdbe+2svzyvbdd
AydhCDn7hL0jOWzFUxnSUetfgM8P4ctoLQQDPB54no0sfjr03vfD7jvb7Xs+mFj0
IdnMCBXMd250ATWYnR/q823mhHT1LN1FUZVsgreuMDab5FeeD7tGFtJFKsdcBrxv
/spBNA7QplkWOkjy65HfkD9KuZ/crzvc9aKZW/1m253s73zR5U1h8uzchf/EBS11
pw3i8EVs+ct7LenSfvP25ry8y25ZXqnUPlLxZg18Mz4xl44XcSYKRX6Kgvlz4kpv
xHzlg1BodhveEhPXBSvnEoWMaXMEHqWrimYjguG0CelObLnuHfgPGxp+rQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFGBvucLZdJ76L2Bcnb5F0lAdvObaMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWUctNXd0bDBudm92WUZ5ZHZrWFNVQjI4NXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAJO
KWQDBANPqwgDBARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBg
AwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1Zqg
AwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQAiDf6pOkV2T7B+
EMLkLRtYUTlqmGQXoSUNoO9DJMUC8F0FJxgA3J2VrI3pCfzYwoAsQUcv1n9W1bsr
ikLvncWiD+Qphm2puJCGss1YcDLoqCYVFeRXRFdewuketePfG764YhUHkTitI2aR
7FDXnKJX0vExdgEl21E4X6Kh7D1B4y0pDE62o0F497w9OeX/5Qd++qTTDl5uDdKM
UCILPLmJ7b3X1p188O5zya8Y0AampKFSQtYK/PxDdeOO86O1rwcerZ78fms6tx0v
ObLQDdyUG6BtYC5EDFVayAVI29Sbm6vdPpJtXByxruInBbFEKqxeq02G7i4U9mNn
RWNe9uIm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org