Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa
File: ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa (raw, json)
Hash identifier: CJ3dQd6i5iUocoBYQyDRA3EA+5jhwALXAkyR7k1N/vU=
Subject key identifier: CA:53:19:D9:70:BB:C6:6F:AE:FB:A9:6E:3F:31:B0:97:C5:E3:E3:09
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 363A07FF
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa
Signing time: Mon 11 Apr 2022 10:56:43 +0000
ROA not before: Mon 11 Apr 2022 10:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35699
IP address blocks: 45.145.244.0/22 maxlen: 24
62.56.192.0/20 maxlen: 24
216.147.96.0/20 maxlen: 24
87.236.180.0/22 maxlen: 24
45.230.12.0/22 maxlen: 24
45.137.240.0/22 maxlen: 24
91.126.32.0/19 maxlen: 24
91.126.64.0/19 maxlen: 24
185.239.36.0/22 maxlen: 24
147.161.64.0/18 maxlen: 24
91.126.16.0/20 maxlen: 24
45.151.224.0/22 maxlen: 24
91.126.160.0/19 maxlen: 24
74.126.176.0/20 maxlen: 24
143.131.192.0/18 maxlen: 24
110.93.8.0/22 maxlen: 24
185.203.208.0/22 maxlen: 24
91.126.96.0/19 maxlen: 24
86.111.60.0/22 maxlen: 24
64.190.114.0/23 maxlen: 24
91.126.128.0/19 maxlen: 24
135.129.224.0/20 maxlen: 24
98.96.184.0/21 maxlen: 24
103.202.232.0/22 maxlen: 24
45.130.132.0/22 maxlen: 24
91.126.192.0/19 maxlen: 24
45.133.138.0/23 maxlen: 24
147.136.252.0/23 maxlen: 24
91.126.224.0/19 maxlen: 24
91.126.232.0/21 maxlen: 24
173.243.32.0/20 maxlen: 24
2a00:1af4::/32 maxlen: 32
2a00:1af4:1000::/48 maxlen: 48
2a00:1af0::/29 maxlen: 29
2a00:1af4:1003::/48 maxlen: 48
2a00:1af1::/32 maxlen: 32
2a00:1af1::/36 maxlen: 36
2a00:1af2::/32 maxlen: 32
2a00:1af3::/32 maxlen: 32
2a00:1af0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 909772799 (0x363a07ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Apr 11 10:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca5319d970bbc66faefba96e3f31b097c5e3e309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:84:5b:b1:a2:2d:8c:e8:8e:65:f0:f3:ae:bd:
c7:27:2e:5e:07:1e:1f:22:5b:76:57:00:6d:1a:8e:
39:dc:de:68:9a:99:96:eb:e9:c5:30:77:6a:5c:e8:
dd:bc:8f:4b:bb:fb:fd:93:2c:6c:4f:25:85:bc:e0:
1e:3f:ab:7c:dd:34:13:f8:e8:ef:7b:9a:a0:2f:88:
eb:e0:22:e4:26:bd:81:99:ca:fb:d0:25:49:a5:ed:
8f:27:58:42:e2:bf:3c:33:44:18:f7:e5:72:25:7b:
a5:cd:69:65:aa:d3:0e:c8:52:88:d9:d8:fd:9c:41:
e7:7e:b7:80:f1:5c:d6:45:35:a3:77:c3:a9:94:91:
91:4b:68:9a:5d:d1:32:bb:95:6d:63:a8:21:fe:71:
86:f9:d1:fd:08:0f:67:31:7f:f6:20:d2:e1:d2:95:
f5:ae:e7:84:f3:8f:b4:e5:5d:13:2b:55:6f:6e:1d:
fb:10:f6:10:06:be:4e:9c:6e:77:d9:dc:75:a1:6b:
6f:c6:da:14:9d:71:5f:97:af:16:c8:0f:77:53:58:
ac:8f:b7:96:72:d4:96:bf:70:80:6e:1a:05:fd:41:
4f:ce:34:05:0e:46:88:11:e4:be:68:5b:ea:c1:e5:
23:6d:07:5b:d9:36:31:9d:55:fa:5a:a6:d3:ab:17:
74:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:53:19:D9:70:BB:C6:6F:AE:FB:A9:6E:3F:31:B0:97:C5:E3:E3:09
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.132.0/22
45.133.138.0/23
45.137.240.0/22
45.145.244.0/22
45.151.224.0/22
45.230.12.0/22
62.56.192.0/20
64.190.114.0/23
74.126.176.0/20
86.111.60.0/22
87.236.180.0/22
91.126.16.0-91.126.255.255
98.96.184.0/21
103.202.232.0/22
110.93.8.0/22
135.129.224.0/20
143.131.192.0/18
147.136.252.0/23
147.161.64.0/18
173.243.32.0/20
185.203.208.0/22
185.239.36.0/22
216.147.96.0/20
IPv6:
2a00:1af0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:d9:61:5d:a4:84:7e:e7:3c:c6:e5:f9:96:d6:01:19:17:8f:
d9:f7:ac:e9:f4:f2:1e:8e:ba:7b:fa:e6:93:6e:cd:2c:2d:2c:
80:5e:ec:96:9b:53:5b:90:8f:5a:fd:29:b4:64:36:c4:94:13:
d9:fe:1f:8f:46:5e:89:a6:46:fe:f7:be:db:9d:32:0e:dd:54:
ec:7d:14:da:0b:a8:06:15:68:0d:27:12:52:77:bf:4c:d1:09:
8b:ae:38:b3:7e:ad:ea:d9:8e:e8:30:47:35:c7:1f:6a:ac:18:
a7:b0:b4:92:77:78:6c:ed:da:5d:4f:4a:b0:5e:4b:9a:f6:69:
13:f6:67:1b:d9:aa:95:47:b5:ff:a6:7e:64:eb:6c:9e:f2:d1:
0f:3a:db:a9:14:df:47:37:4a:74:aa:b6:a6:18:16:b1:8a:df:
79:58:48:e8:cd:0f:02:c5:b4:05:90:e3:46:f1:b3:36:17:41:
79:79:66:b5:3a:64:b3:75:15:83:a3:07:c1:6e:f2:b4:ee:49:
e2:0c:7e:af:cb:bf:61:bc:41:5a:48:19:70:4e:27:48:23:10:
d6:4b:1b:ab:a7:09:31:d8:d2:05:f5:eb:5c:e5:41:b3:6b:89:
0d:06:ae:89:37:f0:50:22:97:ad:14:9e:79:a8:3b:9e:ad:4f:
ef:cf:80:9b
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIENjoH/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTcwYTE2OWI2Y2Q0MTEwMjIyNzllOWZmOTk3ZjEzNGZmNTRhYjFjMB4XDTIyMDQx
MTEwNTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E1MzE5ZDk3MGJi
YzY2ZmFlZmJhOTZlM2YzMWIwOTdjNWUzZTMwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6EW7GiLYzojmXw8669xycuXgceHyJbdlcAbRqOOdzeaJqZ
luvpxTB3alzo3byPS7v7/ZMsbE8lhbzgHj+rfN00E/jo73uaoC+I6+Ai5Ca9gZnK
+9AlSaXtjydYQuK/PDNEGPflciV7pc1pZarTDshSiNnY/ZxB5363gPFc1kU1o3fD
qZSRkUtoml3RMruVbWOoIf5xhvnR/QgPZzF/9iDS4dKV9a7nhPOPtOVdEytVb24d
+xD2EAa+Tpxud9ncdaFrb8baFJ1xX5evFsgPd1NYrI+3lnLUlr9wgG4aBf1BT840
BQ5GiBHkvmhb6sHlI20HW9k2MZ1V+lqm06sXdMcCAwEAAaOCAqgwggKkMB0GA1Ud
DgQWBBTKUxnZcLvGb677qW4/MbCXxePjCTAfBgNVHSMEGDAWgBQBcKFpts1BECIn
np/5l/E0/1SrHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FYQ2hhYmJOUVJBaUo1NmYtWmZ4TlA5VXF4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMWU3NzdmLTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8x
L3lsTVoyWEM3eG0tdS02bHVQekd3bDhYajR3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MWU3NzdmLTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8xL0FYQ2hhYmJOUVJB
aUo1NmYtWmZ4TlA5VXF4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vQYIKwYBBQUHAQcBAf8Ega0wgaowgZgEAgABMIGRAwQCLYKEAwQBLYWKAwQCLYnw
AwQCLZH0AwQCLZfgAwQCLeYMAwQEPjjAAwQBQL5yAwQESn6wAwQCVm88AwQCV+y0
MAsDBARbfhADAwBbfgMEA2JguAMEAmfK6AMEAm5dCAMEBIeB4AMEBo+DwAMEAZOI
/AMEBpOhQAMEBK3zIAMEArnL0AMEArnvJAMEBNiTYDANBAIAAjAHAwUDKgAa8DAN
BgkqhkiG9w0BAQsFAAOCAQEAj9lhXaSEfuc8xuX5ltYBGReP2fes6fTyHo66e/rm
k27NLC0sgF7slptTW5CPWv0ptGQ2xJQT2f4fj0ZeiaZG/ve+250yDt1U7H0U2guo
BhVoDScSUne/TNEJi644s36t6tmO6DBHNccfaqwYp7C0knd4bO3aXU9KsF5LmvZp
E/ZnG9mqlUe1/6Z+ZOtsnvLRDzrbqRTfRzdKdKq2phgWsYrfeVhI6M0PAsW0BZDj
RvGzNhdBeXlmtTpks3UVg6MHwW7ytO5J4gx+r8u/YbxBWkgZcE4nSCMQ1ksbq6cJ
MdjSBfXrXOVBs2uJDQauiTfwUCKXrRSeeag7nq1P78+Amw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-ams.rpki-client.org