Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/Y6aW0hDcZmG5Xz0UxVPSQl-80Xs.roa
File: Y6aW0hDcZmG5Xz0UxVPSQl-80Xs.roa (raw, json)
Hash identifier: RCbqYl9KqvT9pBguE0i31/X9zSNHoIf7YvbZzT5IKts=
Subject key identifier: 63:A6:96:D2:10:DC:66:61:B9:5F:3D:14:C5:53:D2:42:5F:BC:D1:7B
Certificate issuer: /CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Certificate serial: 0185297A7775AE58E4FD92EC9AAEA118C8FF
Authority key identifier: 9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/Y6aW0hDcZmG5Xz0UxVPSQl-80Xs.roa
Signing time: Mon 19 Dec 2022 08:22:49 +0000
ROA not before: Mon 19 Dec 2022 08:22:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206123
IP address blocks: 45.131.168.0/22 maxlen: 24
109.106.16.0/23 maxlen: 24
185.195.196.0/22 maxlen: 24
109.106.18.0/23 maxlen: 24
185.211.92.0/22 maxlen: 24
93.115.211.0/24 maxlen: 24
185.254.118.0/23 maxlen: 24
171.22.12.0/22 maxlen: 24
93.115.253.0/24 maxlen: 24
2a0a:5ec0::/29 maxlen: 29
2a0d:c340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:7a:77:75:ae:58:e4:fd:92:ec:9a:ae:a1:18:c8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Validity
Not Before: Dec 19 08:22:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63a696d210dc6661b95f3d14c553d2425fbcd17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:26:d3:45:5d:ce:cc:dc:bd:78:2f:22:4f:c0:
5b:8c:64:dd:ce:92:c6:4d:1d:63:8b:aa:9c:2d:c5:
68:e6:26:d2:a5:1d:61:a5:6e:bc:38:57:d6:4a:41:
f6:18:da:7b:ce:bb:3d:c4:67:73:6c:47:2d:e2:1d:
91:de:07:67:67:f9:5f:1f:ae:14:39:e3:19:24:03:
c9:18:e8:c6:02:b5:60:ff:1b:23:0b:c3:a9:8a:26:
1d:57:01:b5:92:95:15:1b:9e:3c:b2:16:62:75:0a:
33:44:45:50:d9:96:11:05:bd:67:15:ed:17:18:02:
aa:b0:0b:4e:4a:bc:29:b1:c0:ed:53:e3:36:f0:fd:
1a:91:3f:7c:8f:01:e2:e9:7f:29:9e:33:ee:a9:31:
41:58:c2:f5:a8:00:3e:d0:b7:17:cf:ce:a4:bc:65:
8d:a8:24:73:d2:89:e4:3c:e4:7d:65:10:55:9b:d6:
32:16:01:15:90:07:3e:73:01:40:5b:d4:46:98:c0:
2f:24:ab:ca:c8:11:10:c4:cd:a2:f6:6b:38:45:60:
78:14:5f:16:ef:10:82:d4:81:43:59:2a:62:89:b3:
02:09:da:a1:34:86:d2:41:ac:d9:0e:12:67:6b:4c:
a0:55:86:7d:2c:a0:af:2a:41:9a:67:88:c7:8c:9b:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A6:96:D2:10:DC:66:61:B9:5F:3D:14:C5:53:D2:42:5F:BC:D1:7B
X509v3 Authority Key Identifier:
keyid:9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/Y6aW0hDcZmG5Xz0UxVPSQl-80Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.168.0/22
93.115.211.0/24
93.115.253.0/24
109.106.16.0/22
171.22.12.0/22
185.195.196.0/22
185.211.92.0/22
185.254.118.0/23
IPv6:
2a0a:5ec0::/29
2a0d:c340::/29
Signature Algorithm: sha256WithRSAEncryption
7b:aa:2b:fa:8a:88:3a:a9:4c:44:60:57:cb:9d:b9:57:2a:e0:
da:2f:2e:f5:84:0b:f4:46:49:ac:84:c3:0f:cf:75:82:c9:0d:
ea:3c:5f:9e:c3:91:9f:10:93:2b:c8:b2:98:f4:d9:6f:42:7a:
6c:0b:9f:8c:b1:cf:da:c3:6d:2c:af:f9:17:6f:cd:cb:b9:45:
a1:77:ee:e4:ae:7e:ad:cc:d3:2f:fd:9a:3d:2a:5d:94:af:96:
69:9e:0e:d7:e8:e8:b7:d8:98:ab:4e:65:86:26:dd:63:bb:37:
18:6e:4a:f8:cf:74:f9:43:79:3d:b1:1b:20:b0:b4:60:d4:a2:
9b:9d:55:94:73:cd:38:da:30:de:e2:bd:f1:e7:7d:7f:e5:be:
a3:94:02:98:1e:7e:43:24:f8:07:eb:1c:f1:f5:be:d0:ae:71:
8e:48:55:8d:07:ca:e1:24:ce:97:2c:9c:65:11:c0:74:17:4c:
55:3d:4f:be:90:71:83:63:19:41:0d:4b:18:4e:c6:e0:fe:ab:
81:94:73:38:a6:c3:f7:ee:29:44:7d:34:46:a1:2b:dc:cc:2c:
1d:83:47:7c:e0:18:3c:c4:2f:f2:6e:55:b1:3f:8e:0f:5b:f6:
75:44:5e:83:52:43:24:1a:4e:94:be:3e:fe:87:37:74:b6:5a:
cd:79:70:f9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYUpend1rljk/ZLsmq6hGMj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzAyOTRiN2U0NjQ1YWFlZGI1NDY3MmQ0ODA2NWIxYjFj
ZWJjNjIwHhcNMjIxMjE5MDgyMjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E2OTZkMjEwZGM2NjYxYjk1ZjNkMTRjNTUzZDI0MjVmYmNkMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ybTRV3OzNy9eC8iT8BbjGTdzpLG
TR1ji6qcLcVo5ibSpR1hpW68OFfWSkH2GNp7zrs9xGdzbEct4h2R3gdnZ/lfH64U
OeMZJAPJGOjGArVg/xsjC8OpiiYdVwG1kpUVG548shZidQozREVQ2ZYRBb1nFe0X
GAKqsAtOSrwpscDtU+M28P0akT98jwHi6X8pnjPuqTFBWML1qAA+0LcXz86kvGWN
qCRz0onkPOR9ZRBVm9YyFgEVkAc+cwFAW9RGmMAvJKvKyBEQxM2i9ms4RWB4FF8W
7xCC1IFDWSpiibMCCdqhNIbSQazZDhJna0ygVYZ9LKCvKkGaZ4jHjJt+FwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGOmltIQ3GZhuV89FMVT0kJfvNF7MB8GA1UdIwQY
MBaAFJ4wKUt+RkWq7bVGctSAZbGxzrxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpBcFMzNUdSYXJ0dFVaeTFJQmxzYkhPdkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC80NGU4OTMtOTI0Ny00NTJlLTlmNjct
NjkxMzM4N2I4MDgzLzEvWTZhVzBoRGNabUc1WHowVXhWUFNRbC04MFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC80NGU4OTMtOTI0Ny00NTJlLTlmNjctNjkxMzM4N2I4MDgz
LzEvbmpBcFMzNUdSYXJ0dFVaeTFJQmxzYkhPdkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQCLYOoAwQA
XXPTAwQAXXP9AwQCbWoQAwQCqxYMAwQCucPEAwQCudNcAwQBuf52MBQEAgACMA4D
BQMqCl7AAwUDKg3DQDANBgkqhkiG9w0BAQsFAAOCAQEAe6or+oqIOqlMRGBXy525
Vyrg2i8u9YQL9EZJrITDD891gskN6jxfnsORnxCTK8iymPTZb0J6bAufjLHP2sNt
LK/5F2/Ny7lFoXfu5K5+rczTL/2aPSpdlK+WaZ4O1+jot9iYq05lhibdY7s3GG5K
+M90+UN5PbEbILC0YNSim51VlHPNONow3uK98ed9f+W+o5QCmB5+QyT4B+sc8fW+
0K5xjkhVjQfK4STOlyycZRHAdBdMVT1PvpBxg2MZQQ1LGE7G4P6rgZRzOKbD9+4p
RH00RqEr3MwsHYNHfOAYPMQv8m5VsT+OD1v2dUReg1JDJBpOlL4+/oc3dLZazXlw
+Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:58 2025 by rpki-client