Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/yh0bXVNG3F1BBway7Jz1h2NpjYk.roa
File: yh0bXVNG3F1BBway7Jz1h2NpjYk.roa (raw, json)
Hash identifier: eEfPpgGZz+2VR8KwJPbR3txXsLFfeGOJCQ4EF4G3h+8=
Subject key identifier: CA:1D:1B:5D:53:46:DC:5D:41:07:06:B2:EC:9C:F5:87:63:69:8D:89
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01841DB28F367791074F9DA9A6E3813F3DA9
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/yh0bXVNG3F1BBway7Jz1h2NpjYk.roa
Signing time: Fri 28 Oct 2022 08:25:51 +0000
ROA not before: Fri 28 Oct 2022 08:25:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31261
IP address blocks: 81.23.0.0/21 maxlen: 21
81.23.9.0/24 maxlen: 24
81.23.8.0/23 maxlen: 23
81.23.14.0/24 maxlen: 24
37.16.80.0/22 maxlen: 22
185.68.145.0/24 maxlen: 24
83.220.32.0/19 maxlen: 19
185.68.146.0/23 maxlen: 23
77.242.15.0/24 maxlen: 24
188.164.214.0/23 maxlen: 23
185.196.246.0/23 maxlen: 23
185.6.172.0/22 maxlen: 22
185.6.174.0/24 maxlen: 24
188.68.189.0/24 maxlen: 24
188.164.212.0/24 maxlen: 24
89.107.141.0/24 maxlen: 24
89.107.142.0/23 maxlen: 23
188.164.209.0/24 maxlen: 24
77.74.79.0/24 maxlen: 24
5.8.177.0/24 maxlen: 24
91.198.212.0/24 maxlen: 24
94.124.192.0/21 maxlen: 21
77.74.72.0/22 maxlen: 22
77.220.211.0/24 maxlen: 24
77.74.78.0/24 maxlen: 24
77.220.209.0/24 maxlen: 24
185.22.24.0/24 maxlen: 24
77.74.77.0/24 maxlen: 24
109.73.12.0/23 maxlen: 23
93.191.16.0/21 maxlen: 21
93.191.23.0/24 maxlen: 24
109.73.0.0/22 maxlen: 22
109.73.4.0/22 maxlen: 22
109.73.8.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:b2:8f:36:77:91:07:4f:9d:a9:a6:e3:81:3f:3d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 28 08:25:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca1d1b5d5346dc5d410706b2ec9cf58763698d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ff:14:3a:2e:3b:b4:d8:f2:ba:ae:f3:02:d5:
81:52:84:70:e3:13:ae:06:e8:f9:e8:e7:13:03:45:
a9:6f:6a:99:24:5a:0e:80:55:15:8e:34:23:44:8b:
23:b2:bb:59:39:59:29:75:35:b4:df:f1:34:19:7e:
f5:ef:c9:5c:8b:29:7b:5b:48:8c:1a:ca:a0:12:0e:
d8:a1:af:40:69:86:a4:ee:3f:85:ac:68:1e:74:d8:
e1:5a:dd:44:a5:5a:7a:d6:fb:5e:0a:b7:88:98:6c:
de:23:14:cd:69:0b:31:4d:9b:9e:84:c3:a5:50:68:
7b:7f:85:6d:41:cd:10:44:05:20:31:30:ef:32:3a:
9a:75:fe:43:03:43:51:46:75:7b:ee:35:d4:24:79:
61:df:54:20:b0:97:07:58:fc:c7:ab:10:5c:0f:8c:
b8:3e:88:cd:f9:18:73:10:fc:9f:7d:6d:aa:9e:89:
28:ba:69:75:4c:1f:81:ca:fa:dd:af:62:6e:e6:9d:
1a:6d:6c:9b:60:b2:c3:f7:6c:80:43:a7:dc:f1:7d:
d0:8c:1c:82:88:d6:63:8c:58:30:f0:37:60:4d:1b:
35:67:6c:29:cb:68:e0:dd:d6:6a:7a:96:37:09:40:
17:9f:6e:06:74:80:a0:5d:1d:2f:44:5e:8c:87:ff:
6a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1D:1B:5D:53:46:DC:5D:41:07:06:B2:EC:9C:F5:87:63:69:8D:89
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/yh0bXVNG3F1BBway7Jz1h2NpjYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.177.0/24
37.16.80.0/22
77.74.72.0/22
77.74.77.0-77.74.79.255
77.220.209.0/24
77.220.211.0/24
77.242.15.0/24
81.23.0.0-81.23.9.255
81.23.14.0/24
83.220.32.0/19
89.107.141.0-89.107.143.255
91.198.212.0/24
93.191.16.0/21
94.124.192.0/21
109.73.0.0-109.73.13.255
185.6.172.0/22
185.22.24.0/24
185.68.145.0-185.68.147.255
185.196.246.0/23
188.68.189.0/24
188.164.209.0/24
188.164.212.0/24
188.164.214.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:af:10:0a:7b:36:74:82:8c:22:a3:b7:68:4f:49:03:b0:62:
a5:ca:21:2e:12:2e:ab:62:4b:85:a7:d4:28:77:67:66:50:21:
6a:ec:17:d2:17:80:af:8d:bc:59:06:7f:bc:15:47:88:c9:97:
3b:07:27:09:ee:74:21:0f:eb:bc:63:f0:98:66:2e:dc:6f:eb:
6b:e8:08:95:39:9e:26:7c:21:a1:4f:84:84:71:bb:21:be:07:
87:70:17:5a:65:7d:3f:4a:70:cb:06:8f:35:70:ac:9c:7c:90:
78:f9:f2:4f:ea:60:ce:3a:e3:2e:06:76:c9:04:11:25:95:0c:
5a:1c:e6:5e:e6:21:5d:11:38:95:4b:f6:90:1f:14:e4:6e:3e:
0a:70:fc:b4:3f:0d:ec:9e:be:b2:e4:bb:37:2e:06:8b:7a:77:
94:82:f2:83:b1:16:2e:9b:c1:47:fa:b1:94:4f:dd:3f:34:28:
eb:e7:ba:1b:ec:d2:2a:ef:d6:77:e5:1e:26:96:c1:14:43:2f:
fe:47:40:a2:d4:3f:2a:17:29:62:6c:7f:d9:86:68:97:d0:2c:
ef:32:5a:24:a7:68:57:32:20:f0:d3:2d:45:49:b2:2d:03:61:
31:9a:47:b3:3d:7c:65:f6:18:db:35:5e:64:d3:b1:a1:6f:ba:
f8:8d:10:a1
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYQdso82d5EHT52ppuOBPz2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI4MDgyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFkMWI1ZDUzNDZkYzVkNDEwNzA2YjJlYzljZjU4NzYzNjk4ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof8UOi47tNjyuq7zAtWBUoRw4xOu
Buj56OcTA0Wpb2qZJFoOgFUVjjQjRIsjsrtZOVkpdTW03/E0GX7178lciyl7W0iM
GsqgEg7Yoa9AaYak7j+FrGgedNjhWt1EpVp61vteCreImGzeIxTNaQsxTZuehMOl
UGh7f4VtQc0QRAUgMTDvMjqadf5DA0NRRnV77jXUJHlh31QgsJcHWPzHqxBcD4y4
PojN+RhzEPyffW2qnokouml1TB+Byvrdr2Ju5p0abWybYLLD92yAQ6fc8X3QjByC
iNZjjFgw8DdgTRs1Z2wpy2jg3dZqepY3CUAXn24GdICgXR0vRF6Mh/9qRQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFModG11TRtxdQQcGsuyc9YdjaY2JMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveWgwYlhWTkczRjFCQndheTdKejFoMk5wallrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAF
CLEDBAIlEFADBAJNSkgwDAMEAE1KTQMEBE1KQAMEAE3c0QMEAE3c0wMEAE3yDzAL
AwMAURcDBAFRFwgDBABRFw4DBAVT3CAwDAMEAFlrjQMEBFlrgAMEAFvG1AMEA12/
EAMEA158wDALAwMAbUkDBAFtSQwDBAK5BqwDBAC5FhgwDAMEALlEkQMEArlEkAME
AbnE9gMEALxEvQMEALyk0QMEALyk1AMEAbyk1jANBgkqhkiG9w0BAQsFAAOCAQEA
pq8QCns2dIKMIqO3aE9JA7BipcohLhIuq2JLhafUKHdnZlAhauwX0heAr428WQZ/
vBVHiMmXOwcnCe50IQ/rvGPwmGYu3G/ra+gIlTmeJnwhoU+EhHG7Ib4Hh3AXWmV9
P0pwywaPNXCsnHyQePnyT+pgzjrjLgZ2yQQRJZUMWhzmXuYhXRE4lUv2kB8U5G4+
CnD8tD8N7J6+suS7Ny4Gi3p3lILyg7EWLpvBR/qxlE/dPzQo6+e6G+zSKu/Wd+Ue
JpbBFEMv/kdAotQ/KhcpYmx/2YZol9As7zJaJKdoVzIg8NMtRUmyLQNhMZpHsz18
ZfYY2zVeZNOxoW+6+I0QoQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:41 2025 by rpki-client