Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Ye6TExc08KkvSM1L3X_NDK_3XT8.roa
File: Ye6TExc08KkvSM1L3X_NDK_3XT8.roa (raw, json)
Hash identifier: ICk2iIZABCSQAJeGsYZfHidbFefHNSwDSuUNhYpbgHU=
Subject key identifier: 61:EE:93:13:17:34:F0:A9:2F:48:CD:4B:DD:7F:CD:0C:AF:F7:5D:3F
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E2AF4BDB7EE291F4F6E3941DE91BDA11
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Ye6TExc08KkvSM1L3X_NDK_3XT8.roa
Signing time: Mon 05 Dec 2022 14:27:29 +0000
ROA not before: Mon 05 Dec 2022 14:27:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24866
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.227.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:af:4b:db:7e:e2:91:f4:f6:e3:94:1d:e9:1b:da:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 14:27:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61ee93131734f0a92f48cd4bdd7fcd0caff75d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c8:db:70:a9:2c:24:4e:5b:57:99:80:10:44:
20:0f:64:ba:73:f8:a2:91:bd:8f:67:b5:83:13:5e:
b9:db:cb:29:2a:95:6c:7a:f6:ec:67:86:3c:ca:d4:
b3:f7:ba:bb:32:96:48:ff:c1:31:14:ec:a6:43:b9:
3e:dd:78:e0:05:8a:fa:b9:8e:08:0f:d0:fa:f7:3c:
ed:ba:2e:59:58:a5:f1:8d:ee:43:45:6d:9b:27:9b:
16:cd:d9:3c:b0:77:ca:d3:75:7f:7a:14:41:93:b4:
bd:a5:0f:5b:c0:53:85:45:ec:02:4c:64:b8:e2:d8:
f0:30:1b:e9:81:e8:94:4d:1b:48:d4:4c:4c:a9:e6:
e4:ea:20:bb:59:27:74:fe:ff:8c:28:35:c3:e7:47:
76:23:fd:77:58:d6:fc:45:9d:2d:38:88:b7:d8:b0:
21:86:a3:ae:c3:f0:b7:4a:6f:9d:ff:d0:11:49:83:
cd:47:6f:f0:d5:40:fb:9e:48:25:64:1d:ef:20:99:
7e:35:3d:c2:27:4b:3f:67:42:7a:c4:d0:ab:9c:bb:
64:c3:ca:fb:d4:87:43:62:7e:77:8a:4e:59:cd:a3:
4e:d6:33:ac:d8:01:b2:d3:07:b8:be:a9:19:69:b2:
f3:52:d4:e1:a7:e7:db:c7:27:39:0f:d6:59:13:9a:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:EE:93:13:17:34:F0:A9:2F:48:CD:4B:DD:7F:CD:0C:AF:F7:5D:3F
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Ye6TExc08KkvSM1L3X_NDK_3XT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.227.0-178.176.229.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:0e:d9:28:9e:7f:dd:99:26:83:b3:41:25:c5:2b:98:59:0b:
83:5c:2a:e5:d7:71:66:d5:23:13:a5:93:76:90:6e:26:bf:c5:
97:2c:97:3c:63:46:8f:d4:df:f9:c3:14:5f:18:fa:0f:3c:80:
e7:5f:14:99:02:d8:52:8f:f7:2c:ce:71:e5:59:80:9e:1d:92:
13:6e:86:4f:77:c0:38:f2:55:8f:16:de:bd:1f:14:69:b4:57:
06:96:9f:fc:5e:e1:c1:71:56:4a:be:b0:58:07:1f:cf:60:7b:
46:ab:b4:32:c1:4c:78:3f:43:30:5d:a3:76:2e:3b:62:e9:a5:
fe:6c:99:4d:57:b9:1d:32:e8:23:61:eb:24:18:40:9f:ba:8e:
d8:41:54:e9:e1:bd:aa:e6:6b:1f:f1:d6:0f:72:6f:84:28:2d:
75:f6:5d:26:f0:83:60:52:23:43:cc:4a:21:16:f2:3d:2c:fd:
5f:0a:96:fa:2b:1e:79:d6:d4:1d:c5:31:82:ff:a6:ab:1d:03:
ae:18:83:39:db:da:da:fa:bf:ed:2e:6a:5f:f6:23:ab:cb:b0:
52:03:0a:55:e9:bd:31:1c:d2:1a:d2:ec:45:7e:f5:bd:da:94:
61:5a:90:c6:0f:f3:08:a2:c9:09:49:ab:61:95:97:8f:b0:5f:
3e:fa:33:ec
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYTir0vbfuKR9PbjlB3pG9oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTQyNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWVlOTMxMzE3MzRmMGE5MmY0OGNkNGJkZDdmY2QwY2FmZjc1ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcjbcKksJE5bV5mAEEQgD2S6c/ii
kb2PZ7WDE16528spKpVsevbsZ4Y8ytSz97q7MpZI/8ExFOymQ7k+3XjgBYr6uY4I
D9D69zztui5ZWKXxje5DRW2bJ5sWzdk8sHfK03V/ehRBk7S9pQ9bwFOFRewCTGS4
4tjwMBvpgeiUTRtI1ExMqebk6iC7WSd0/v+MKDXD50d2I/13WNb8RZ0tOIi32LAh
hqOuw/C3Sm+d/9ARSYPNR2/w1UD7nkglZB3vIJl+NT3CJ0s/Z0J6xNCrnLtkw8r7
1IdDYn53ik5ZzaNO1jOs2AGy0we4vqkZabLzUtThp+fbxyc5D9ZZE5oEewIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFGHukxMXNPCpL0jNS91/zQyv910/MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWWU2VEV4YzA4S2t2U00xTDNYX05ES18zWFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkDAMAwQAsrDjAwQBsrDkAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQAD
ggEBAG8O2Sief92ZJoOzQSXFK5hZC4NcKuXXcWbVIxOlk3aQbia/xZcslzxjRo/U
3/nDFF8Y+g88gOdfFJkC2FKP9yzOceVZgJ4dkhNuhk93wDjyVY8W3r0fFGm0VwaW
n/xe4cFxVkq+sFgHH89ge0artDLBTHg/QzBdo3YuO2Lppf5smU1XuR0y6CNh6yQY
QJ+6jthBVOnhvarmax/x1g9yb4QoLXX2XSbwg2BSI0PMSiEW8j0s/V8KlvorHnnW
1B3FMYL/pqsdA64Ygznb2tr6v+0ual/2I6vLsFIDClXpvTEc0hrS7EV+9b3alGFa
kMYP8wiiyQlJq2GVl4+wXz76M+w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:35 2024 by rpki-client on console-ams.rpki-client.org