Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/Y3UU6mwTrB5P8EXKKVcdhPjXFuY.roa
File: Y3UU6mwTrB5P8EXKKVcdhPjXFuY.roa (raw, json)
Hash identifier: 1jpY9/WJQFdu1lJ0bCI3jPzvSsWNQjG9MwZEn+3K9yI=
Subject key identifier: 63:75:14:EA:6C:13:AC:1E:4F:F0:45:CA:29:57:1D:84:F8:D7:16:E6
Certificate issuer: /CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Certificate serial: 0184CD6553EC730B606B479DC4177B539964
Authority key identifier: 7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/Y3UU6mwTrB5P8EXKKVcdhPjXFuY.roa
Signing time: Thu 01 Dec 2022 11:14:40 +0000
ROA not before: Thu 01 Dec 2022 11:14:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 185.99.184.0/22 maxlen: 24
185.57.172.0/23 maxlen: 24
185.103.36.0/22 maxlen: 24
185.2.150.0/23 maxlen: 24
185.2.148.0/23 maxlen: 24
185.104.132.0/23 maxlen: 24
185.104.132.0/22 maxlen: 24
185.104.134.0/24 maxlen: 24
185.104.134.0/23 maxlen: 24
5.57.228.0/22 maxlen: 24
146.255.16.0/22 maxlen: 24
185.47.12.0/22 maxlen: 24
146.255.21.0/24 maxlen: 24
146.255.20.0/22 maxlen: 24
146.255.19.0/24 maxlen: 24
185.57.174.0/23 maxlen: 24
5.57.224.0/22 maxlen: 24
185.105.222.0/23 maxlen: 24
185.105.220.0/22 maxlen: 24
2a00:de40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:65:53:ec:73:0b:60:6b:47:9d:c4:17:7b:53:99:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Validity
Not Before: Dec 1 11:14:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=637514ea6c13ac1e4ff045ca29571d84f8d716e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f6:3d:c4:ba:79:f4:4e:0c:55:ee:dd:63:bf:
30:54:42:fb:d0:d1:c2:31:1a:98:5d:72:86:83:f9:
55:1e:53:f0:a8:78:ba:bc:89:ea:70:4b:e6:53:6b:
39:d8:1b:75:99:76:a1:6d:f1:88:12:49:0a:4e:54:
ef:0e:1f:f4:ff:fc:53:28:b4:ae:e5:14:29:be:2d:
25:e3:d6:b7:4e:1e:6d:f2:81:12:1d:7a:3e:8f:07:
b3:35:a0:c0:49:e6:d1:a0:11:79:0c:96:d9:5c:ff:
3a:df:d1:b2:e4:44:98:7b:99:f3:74:ad:9a:a1:5d:
84:34:a3:25:d3:54:49:c1:bd:17:2d:db:84:2c:92:
e3:57:c4:84:2a:19:fa:01:ac:19:11:a1:27:af:ec:
85:44:8f:44:ac:5a:b3:74:53:51:22:56:02:27:e6:
5e:4f:5c:44:36:3e:c3:5c:25:22:aa:42:fa:95:85:
ae:89:3c:79:66:ef:c0:23:1d:de:f8:ff:2e:3a:0a:
6b:13:8c:a2:e0:2e:f0:17:40:b1:57:81:6b:ce:87:
61:47:15:24:da:6f:a9:c3:99:2b:45:64:19:2c:b0:
e4:2b:95:c8:16:1d:6e:11:76:da:7e:a1:a5:67:ea:
07:4d:91:ab:f0:d1:4a:22:f0:fa:13:50:8e:cd:12:
8c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:75:14:EA:6C:13:AC:1E:4F:F0:45:CA:29:57:1D:84:F8:D7:16:E6
X509v3 Authority Key Identifier:
keyid:7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/Y3UU6mwTrB5P8EXKKVcdhPjXFuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.224.0/21
146.255.16.0/21
185.2.148.0/22
185.47.12.0/22
185.57.172.0/22
185.99.184.0/22
185.103.36.0/22
185.104.132.0/22
185.105.220.0/22
IPv6:
2a00:de40::/32
Signature Algorithm: sha256WithRSAEncryption
d5:f3:7d:cc:b7:bd:33:ea:69:15:fc:c2:10:34:aa:78:00:c0:
ce:e8:81:9e:37:30:df:77:8e:56:1d:af:54:5d:7b:2c:d8:ce:
1b:e1:7c:f3:2f:d9:e7:bf:3c:66:24:4e:cb:de:c6:72:bc:71:
14:12:57:55:a2:5f:39:c7:3c:94:7e:ea:ff:7c:53:17:d8:65:
0d:a7:7d:8a:ab:42:2f:c5:97:55:a6:07:0c:d3:07:1e:84:8f:
1e:5e:94:4a:22:09:ad:91:d2:42:6b:92:c8:10:3d:c9:f1:4b:
5f:6a:5a:67:bf:30:83:c6:52:98:b1:78:31:47:c1:60:89:f3:
15:1e:c1:4a:cd:6c:1a:f0:89:15:15:75:49:7e:a2:de:42:f2:
db:f6:d6:2a:7a:41:2d:20:9f:f8:13:a3:82:d6:e6:ec:c3:8d:
36:95:63:dc:56:39:dd:a8:fb:a2:1d:7a:0c:42:d1:71:ac:0b:
43:63:3f:99:c4:ca:56:19:fe:c8:d4:75:4e:e5:62:ae:19:d3:
ef:5e:31:b9:ad:d3:db:68:c6:ab:48:0b:f2:e5:15:c6:4f:97:
2c:61:03:3a:29:e2:24:39:aa:89:2a:ca:d9:b3:2f:ab:02:1e:
c6:0b:8c:dd:2a:50:f6:4f:db:41:fe:36:90:d1:9a:6c:4d:8a:
1f:0e:69:c1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYTNZVPscwtga0edxBd7U5lkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMTY4MDI4ZWMwZGFiNjY4YTY3ZDViZjZmNTM1OGNhYWJl
MzM3YTgwHhcNMjIxMjAxMTExNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzc1MTRlYTZjMTNhYzFlNGZmMDQ1Y2EyOTU3MWQ4NGY4ZDcxNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfY9xLp59E4MVe7dY78wVEL70NHC
MRqYXXKGg/lVHlPwqHi6vInqcEvmU2s52Bt1mXahbfGIEkkKTlTvDh/0//xTKLSu
5RQpvi0l49a3Th5t8oESHXo+jwezNaDASebRoBF5DJbZXP8639Gy5ESYe5nzdK2a
oV2ENKMl01RJwb0XLduELJLjV8SEKhn6AawZEaEnr+yFRI9ErFqzdFNRIlYCJ+Ze
T1xENj7DXCUiqkL6lYWuiTx5Zu/AIx3e+P8uOgprE4yi4C7wF0CxV4FrzodhRxUk
2m+pw5krRWQZLLDkK5XIFh1uEXbafqGlZ+oHTZGr8NFKIvD6E1COzRKMBwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGN1FOpsE6weT/BFyilXHYT41xbmMB8GA1UdIwQY
MBaAFH8WgCjsDatmimfVv29TWMqr4zeoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnhhQUtPd05xMmFLWjlXX2IxTll5cXZqTjZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTUyODYtZmQ0ZC00OWZlLWE2OWUt
N2ZhZGY1MGEyZTM3LzEvWTNVVTZtd1RyQjVQOEVYS0tWY2RoUGpYRnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTUyODYtZmQ0ZC00OWZlLWE2OWUtN2ZhZGY1MGEyZTM3
LzEvZnhhQUtPd05xMmFLWjlXX2IxTll5cXZqTjZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDBTngAwQD
kv8QAwQCuQKUAwQCuS8MAwQCuTmsAwQCuWO4AwQCuWckAwQCuWiEAwQCuWncMA0E
AgACMAcDBQAqAN5AMA0GCSqGSIb3DQEBCwUAA4IBAQDV833Mt70z6mkV/MIQNKp4
AMDO6IGeNzDfd45WHa9UXXss2M4b4XzzL9nnvzxmJE7L3sZyvHEUEldVol85xzyU
fur/fFMX2GUNp32Kq0IvxZdVpgcM0wcehI8eXpRKIgmtkdJCa5LIED3J8Utfalpn
vzCDxlKYsXgxR8FgifMVHsFKzWwa8IkVFXVJfqLeQvLb9tYqekEtIJ/4E6OC1ubs
w402lWPcVjndqPuiHXoMQtFxrAtDYz+ZxMpWGf7I1HVO5WKuGdPvXjG5rdPbaMar
SAvy5RXGT5csYQM6KeIkOaqJKsrZsy+rAh7GC4zdKlD2T9tB/jaQ0ZpsTYofDmnB
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:17:43 2025 by rpki-client