Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/yeJ7x8niRFmmmav5jdgK7BCMbZA.roa
File: yeJ7x8niRFmmmav5jdgK7BCMbZA.roa (raw, json)
Hash identifier: q17Pkl08edHtn4npuBMweIs8Q1xkPLP7B5CfgNGZMlQ=
Subject key identifier: C9:E2:7B:C7:C9:E2:44:59:A6:99:AB:F9:8D:D8:0A:EC:10:8C:6D:90
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018C9225C5E19E359874051B67CC52778705
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/yeJ7x8niRFmmmav5jdgK7BCMbZA.roa
Signing time: Fri 22 Dec 2023 15:29:58 +0000
ROA not before: Fri 22 Dec 2023 15:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
212.51.160.0/19 maxlen: 24
91.103.232.0/21 maxlen: 24
45.142.172.0/22 maxlen: 24
128.127.128.0/20 maxlen: 24
149.255.136.0/21 maxlen: 24
149.255.136.0/22 maxlen: 24
37.58.128.0/17 maxlen: 24
81.22.216.0/21 maxlen: 24
193.108.197.0/24 maxlen: 24
185.67.88.0/22 maxlen: 24
103.77.32.0/22 maxlen: 24
146.247.88.0/21 maxlen: 24
103.232.172.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.42.132.0/22 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
103.229.36.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
37.18.160.0/20 maxlen: 24
213.151.175.0/24 maxlen: 24
91.217.94.0/23 maxlen: 24
62.102.224.0/19 maxlen: 24
185.208.248.0/22 maxlen: 24
185.65.224.0/22 maxlen: 24
92.61.72.0/21 maxlen: 24
109.69.192.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
185.204.140.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
213.108.64.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
188.66.56.0/22 maxlen: 24
2a03:4c00::/29 maxlen: 48
2a01:728::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:92:25:c5:e1:9e:35:98:74:05:1b:67:cc:52:77:87:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Dec 22 15:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9e27bc7c9e24459a699abf98dd80aec108c6d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d6:32:af:4f:95:1b:40:b3:88:2c:16:b6:c2:
fb:4a:c4:d0:21:9b:7b:e9:51:37:2f:2e:af:63:31:
a2:cd:4b:78:47:81:c0:0d:04:49:e6:33:e7:6e:59:
9b:f9:33:46:1c:79:a8:38:00:a6:f0:9b:e7:b9:2f:
32:7e:fe:b6:c5:f6:47:80:ce:73:c6:e1:ca:77:3c:
c5:1e:cb:ff:cb:ea:ef:d8:5e:47:b4:c7:de:0c:e1:
e3:9d:a1:f9:ba:5a:0c:f4:6d:c0:8e:a5:e4:b3:16:
b8:12:20:d6:19:8e:54:b3:c5:e5:c2:a9:b7:bb:c8:
90:d5:16:ba:c1:85:06:63:bd:a0:e1:c8:c8:15:49:
e1:f2:67:18:d2:46:51:21:56:e4:86:d7:af:7c:c4:
1b:f5:ee:d9:ca:dc:8d:7f:b2:5a:75:c7:9d:79:e9:
f2:55:14:e1:8d:dd:74:3d:1c:6d:bc:60:24:e2:43:
50:58:e3:a8:df:fe:20:f9:4f:49:18:10:76:ed:22:
7b:d8:dc:f6:60:3b:63:cd:7b:be:d6:eb:8c:0b:1b:
02:e6:65:ec:f2:f5:95:d3:02:5f:9a:c1:98:e1:b8:
a2:7f:6b:b2:c6:0e:3b:7b:e9:cd:26:fd:9d:56:6d:
0e:92:76:39:00:8d:df:2c:ab:ba:2a:c9:23:2f:56:
78:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E2:7B:C7:C9:E2:44:59:A6:99:AB:F9:8D:D8:0A:EC:10:8C:6D:90
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/yeJ7x8niRFmmmav5jdgK7BCMbZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
45.142.172.0/22
46.20.160.0/20
62.102.224.0/19
81.22.216.0/21
91.103.232.0/21
91.217.94.0/23
92.61.72.0/21
94.127.8.0/21
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.204.140.0/22
185.208.248.0/22
188.66.56.0/22
193.108.197.0/24
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:728::/29
2a03:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
2f:17:79:5b:f2:af:e5:55:8c:f1:a3:16:11:3b:bc:9c:ad:c9:
94:32:a6:bb:60:fd:eb:ca:3d:36:3d:fb:69:79:54:78:c3:cf:
63:6f:f8:7f:d7:7b:9c:ad:9e:7b:fc:dd:3d:4e:77:80:16:dc:
78:0e:08:1d:44:81:03:1c:32:0c:82:f6:12:cc:46:55:51:9b:
e9:d9:b0:70:10:7f:6f:db:ca:2e:73:2e:52:0e:0c:28:9c:da:
ef:08:8a:4b:3a:d3:d3:86:db:26:d8:32:18:aa:95:66:37:52:
dd:90:e3:c4:4a:e9:17:4b:ae:69:86:79:c1:7d:d6:87:99:a7:
e1:aa:c2:b9:dd:76:5b:16:ab:96:1a:ba:6f:80:e0:46:16:4d:
a4:b0:62:49:02:e8:d7:9e:74:6b:3b:c6:76:0b:fa:fc:b3:08:
49:74:7d:e0:8a:28:ce:45:ae:9c:13:23:ac:8c:ba:15:b5:3c:
40:4b:ce:80:be:96:46:b9:a6:e8:7f:8a:43:d6:3a:94:59:24:
b7:5c:09:ce:1d:3b:29:10:6c:63:21:8d:4a:e3:4f:78:14:28:
36:33:19:34:62:35:47:7f:90:e4:a0:58:1f:57:b5:83:95:46:
95:ea:85:de:c4:ee:f9:61:3b:55:52:7e:cd:4f:78:b8:76:a9:
d1:53:15:11
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYySJcXhnjWYdAUbZ8xSd4cFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjMxMjIyMTUyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWUyN2JjN2M5ZTI0NDU5YTY5OWFiZjk4ZGQ4MGFlYzEwOGM2ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltYyr0+VG0CziCwWtsL7SsTQIZt7
6VE3Ly6vYzGizUt4R4HADQRJ5jPnblmb+TNGHHmoOACm8JvnuS8yfv62xfZHgM5z
xuHKdzzFHsv/y+rv2F5HtMfeDOHjnaH5uloM9G3AjqXksxa4EiDWGY5Us8Xlwqm3
u8iQ1Ra6wYUGY72g4cjIFUnh8mcY0kZRIVbkhtevfMQb9e7ZytyNf7Jadcedeeny
VRThjd10PRxtvGAk4kNQWOOo3/4g+U9JGBB27SJ72Nz2YDtjzXu+1uuMCxsC5mXs
8vWV0wJfmsGY4biif2uyxg47e+nNJv2dVm0OknY5AI3fLKu6KskjL1Z4/wIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFMnie8fJ4kRZppmr+Y3YCuwQjG2QMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEveWVKN3g4bmlSRm1tbWF2NWpkZ0s3QkNNYlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgdUEAgABMIHOAwQC
Bbb8AwQEJRKgAwQHJTqAAwQCLY6sAwQELhSgAwQFPmbgAwQDURbYAwQDW2foAwQB
W9leAwQDXD1IAwQDXn8IAwQCZ00gAwQBZ+UkAwQCZ+isAwQDbUXAAwQEbe3wAwQE
gH+AAwQDkvdYAwQDlf+IAwQDsvmgAwQCuSqEAwQCuUHgAwQCuUNYAwQCuU+UAwQC
ucyMAwQCudD4AwQCvEI4AwQAwWzFAwQF1DOgAwQD1WxAAwQA1ZemAwQB1ZeoMAwD
BADVl6sDBATVl6AwFAQCAAIwDgMFAyoBBygDBQMqA0wAMA0GCSqGSIb3DQEBCwUA
A4IBAQAvF3lb8q/lVYzxoxYRO7ycrcmUMqa7YP3ryj02PftpeVR4w89jb/h/13uc
rZ57/N09TneAFtx4DggdRIEDHDIMgvYSzEZVUZvp2bBwEH9v28oucy5SDgwonNrv
CIpLOtPThtsm2DIYqpVmN1LdkOPESukXS65phnnBfdaHmafhqsK53XZbFquWGrpv
gOBGFk2ksGJJAujXnnRrO8Z2C/r8swhJdH3giijORa6cEyOsjLoVtTxAS86AvpZG
uabof4pD1jqUWSS3XAnOHTspEGxjIY1K4094FCg2Mxk0YjVHf5DkoFgfV7WDlUaV
6oXexO75YTtVUn7NT3i4dqnRUxUR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:17 2025 by rpki-client