Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/YA1h-cNkqM4O_yREChxobO2N8Bc.roa
File: YA1h-cNkqM4O_yREChxobO2N8Bc.roa (raw, json)
Hash identifier: 5jlUxvGybvy5XT7kktLaWhm8KinIlnjxByzPvWT6Nyw=
Subject key identifier: 60:0D:61:F9:C3:64:A8:CE:0E:FF:24:44:0A:1C:68:6C:ED:8D:F0:17
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 01833201DFC2D4C8F862F595BD70E725328E
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/YA1h-cNkqM4O_yREChxobO2N8Bc.roa
Signing time: Mon 12 Sep 2022 14:02:06 +0000
ROA not before: Mon 12 Sep 2022 14:02:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44709
IP address blocks: 91.228.126.0/23 maxlen: 23
194.36.91.0/24 maxlen: 24
194.36.90.0/24 maxlen: 24
194.36.89.0/24 maxlen: 24
5.100.250.0/23 maxlen: 23
5.100.251.0/24 maxlen: 24
5.100.250.0/24 maxlen: 24
5.100.252.0/23 maxlen: 23
5.100.253.0/24 maxlen: 24
5.100.252.0/24 maxlen: 24
5.100.249.0/24 maxlen: 24
5.100.248.0/23 maxlen: 23
5.100.248.0/24 maxlen: 24
212.80.204.0/24 maxlen: 24
212.80.206.0/24 maxlen: 24
212.80.205.0/24 maxlen: 24
5.100.254.0/23 maxlen: 23
5.100.254.0/24 maxlen: 24
5.100.255.0/24 maxlen: 24
212.80.207.0/24 maxlen: 24
188.191.147.0/24 maxlen: 24
31.133.103.0/24 maxlen: 24
31.133.102.0/24 maxlen: 24
31.133.100.0/24 maxlen: 24
195.28.181.0/24 maxlen: 24
195.28.180.0/24 maxlen: 24
109.207.76.0/24 maxlen: 24
185.241.4.0/24 maxlen: 24
109.207.79.0/24 maxlen: 24
185.241.7.0/24 maxlen: 24
185.241.6.0/24 maxlen: 24
185.241.5.0/24 maxlen: 24
185.220.207.0/24 maxlen: 24
45.83.40.0/24 maxlen: 24
45.83.43.0/24 maxlen: 24
45.83.42.0/24 maxlen: 24
45.93.95.0/24 maxlen: 24
45.93.92.0/24 maxlen: 24
45.93.94.0/24 maxlen: 24
81.28.7.0/24 maxlen: 24
91.223.106.0/24 maxlen: 24
63.250.63.0/24 maxlen: 24
63.250.61.0/24 maxlen: 24
63.250.62.0/24 maxlen: 24
185.28.152.0/24 maxlen: 24
185.28.154.0/24 maxlen: 24
185.28.153.0/24 maxlen: 24
185.28.155.0/24 maxlen: 24
83.229.71.0/24 maxlen: 24
83.229.70.0/24 maxlen: 24
83.229.74.0/24 maxlen: 24
83.229.73.0/24 maxlen: 24
83.229.72.0/24 maxlen: 24
185.253.75.0/24 maxlen: 24
185.253.73.0/24 maxlen: 24
185.253.72.0/24 maxlen: 24
185.162.125.0/24 maxlen: 24
185.162.124.0/24 maxlen: 24
185.162.126.0/24 maxlen: 24
91.202.171.0/24 maxlen: 24
91.202.168.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.202.169.0/24 maxlen: 24
91.226.72.0/24 maxlen: 24
2a06:c5c0:700::/48 maxlen: 48
2a06:c5c0:900::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:01:df:c2:d4:c8:f8:62:f5:95:bd:70:e7:25:32:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Sep 12 14:02:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=600d61f9c364a8ce0eff24440a1c686ced8df017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:34:2f:0a:4f:85:73:03:9f:ab:6d:52:5b:fc:
1b:a0:fd:0e:33:76:ba:ba:55:6e:bb:98:8d:31:58:
9d:d2:2d:09:28:2d:6c:18:81:8d:ce:3a:6a:19:18:
ba:2b:24:80:58:9d:4c:07:fc:29:0a:d4:8e:c9:cb:
90:c9:f4:ed:2e:2c:50:a1:3d:bb:18:51:2d:ee:52:
a0:2e:fe:3d:8a:7a:bc:69:4c:b2:b4:da:c0:45:47:
c9:1a:7d:14:ae:47:00:67:58:6f:cf:7c:7c:f2:8b:
07:59:54:51:f3:1f:f4:76:5c:84:05:b2:11:c6:a5:
2d:e9:b2:ee:02:30:c5:f4:cf:27:ec:a5:fa:97:21:
f3:15:36:bf:30:3d:ba:ba:d9:6c:05:4e:f3:4e:63:
1d:4d:c3:6a:8a:98:47:58:1e:52:8b:f1:29:25:22:
57:06:0c:5a:88:2c:41:43:33:78:7b:41:c1:81:f6:
81:18:ce:2c:9c:50:35:83:6a:ea:a4:d9:9e:e8:ba:
dc:85:bd:ac:f6:5e:f3:23:d7:95:13:6e:2e:0c:55:
c8:f4:20:8b:07:b8:4b:ee:b8:7d:a9:6e:a7:ee:47:
84:00:35:f5:ae:43:d8:7c:d3:90:da:78:dd:c2:0c:
9d:76:af:2d:e8:d0:b5:30:3e:bc:ee:36:2b:75:64:
d5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0D:61:F9:C3:64:A8:CE:0E:FF:24:44:0A:1C:68:6C:ED:8D:F0:17
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/YA1h-cNkqM4O_yREChxobO2N8Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.248.0/21
31.133.100.0/24
31.133.102.0/23
45.83.40.0/24
45.83.42.0/23
45.93.92.0/24
45.93.94.0/23
63.250.61.0-63.250.63.255
81.28.7.0/24
83.229.70.0-83.229.74.255
91.202.168.0/22
91.223.106.0/24
91.226.72.0/24
91.228.126.0/23
109.207.76.0/24
109.207.79.0/24
185.28.152.0/22
185.162.124.0-185.162.126.255
185.220.207.0/24
185.241.4.0/22
185.253.72.0/23
185.253.75.0/24
188.191.147.0/24
194.36.89.0-194.36.91.255
195.28.180.0/23
212.80.204.0/22
IPv6:
2a06:c5c0:700::/48
2a06:c5c0:900::/48
Signature Algorithm: sha256WithRSAEncryption
4a:bf:46:f5:70:75:40:ec:7e:3f:74:e7:42:a1:c0:40:3b:c2:
5b:0f:8e:9b:5e:35:a8:4c:b5:83:b7:bb:43:de:6f:54:3b:af:
64:d9:dd:15:61:9d:e0:3b:00:82:16:7a:67:42:ee:7b:34:62:
ff:d3:28:aa:0d:63:61:50:c0:52:50:ee:9c:5d:f9:4a:5a:a1:
97:38:c0:78:bf:04:46:f5:ad:44:28:ec:a6:5e:74:34:fa:2d:
fb:66:e1:01:7c:39:8e:5e:b0:16:09:cd:cf:d3:90:ad:df:9d:
41:1c:31:98:2b:18:1c:22:13:de:37:c3:8f:fe:f6:5a:a6:5c:
75:e9:e7:71:f3:e1:31:e2:f5:61:b9:2d:36:8f:eb:78:40:fd:
4b:69:fc:c7:30:82:13:27:f5:62:1a:e2:b7:20:f3:6c:81:f4:
b0:f5:38:6e:db:0b:dc:32:5c:f0:f9:28:86:bb:bd:46:1b:b8:
2d:ec:6e:48:b8:c6:65:d4:4f:34:af:e7:bc:e1:16:91:78:f8:
bc:35:3c:ff:c9:68:99:72:aa:c9:36:ce:ac:f4:b5:42:d7:47:
99:38:7c:37:90:b6:76:56:c4:fa:93:86:7c:85:26:3f:58:c3:
d3:34:01:d5:1b:c9:9b:98:b6:91:f5:4d:24:65:e2:ea:a7:28:
e6:60:13:b1
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYMyAd/C1Mj4YvWVvXDnJTKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIwOTEyMTQwMjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBkNjFmOWMzNjRhOGNlMGVmZjI0NDQwYTFjNjg2Y2VkOGRmMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTQvCk+FcwOfq21SW/wboP0OM3a6
ulVuu5iNMVid0i0JKC1sGIGNzjpqGRi6KySAWJ1MB/wpCtSOycuQyfTtLixQoT27
GFEt7lKgLv49inq8aUyytNrARUfJGn0UrkcAZ1hvz3x88osHWVRR8x/0dlyEBbIR
xqUt6bLuAjDF9M8n7KX6lyHzFTa/MD26utlsBU7zTmMdTcNqiphHWB5Si/EpJSJX
BgxaiCxBQzN4e0HBgfaBGM4snFA1g2rqpNme6Lrchb2s9l7zI9eVE24uDFXI9CCL
B7hL7rh9qW6n7keEADX1rkPYfNOQ2njdwgyddq8t6NC1MD687jYrdWTVywIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFGANYfnDZKjODv8kRAocaGztjfAXMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvWUExaC1jTmtxTTRPX3lSRUNoeG9iTzJOOEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCBwwQCAAEwgbwDBAMF
ZPgDBAAfhWQDBAEfhWYDBAAtUygDBAEtUyoDBAAtXVwDBAEtXV4wDAMEAD/6PQME
Bj/6AAMEAFEcBzAMAwQBU+VGAwQAU+VKAwQCW8qoAwQAW99qAwQAW+JIAwQBW+R+
AwQAbc9MAwQAbc9PAwQCuRyYMAwDBAK5onwDBAC5on4DBAC53M8DBAK58QQDBAG5
/UgDBAC5/UsDBAC8v5MwDAMEAMIkWQMEAsIkWAMEAcMctAMEAtRQzDAYBAIAAjAS
AwcAKgbFwAcAAwcAKgbFwAkAMA0GCSqGSIb3DQEBCwUAA4IBAQBKv0b1cHVA7H4/
dOdCocBAO8JbD46bXjWoTLWDt7tD3m9UO69k2d0VYZ3gOwCCFnpnQu57NGL/0yiq
DWNhUMBSUO6cXflKWqGXOMB4vwRG9a1EKOymXnQ0+i37ZuEBfDmOXrAWCc3P05Ct
351BHDGYKxgcIhPeN8OP/vZaplx16edx8+Ex4vVhuS02j+t4QP1LafzHMIITJ/Vi
GuK3IPNsgfSw9Thu2wvcMlzw+SiGu71GG7gt7G5IuMZl1E80r+e84RaRePi8NTz/
yWiZcqrJNs6s9LVC10eZOHw3kLZ2VsT6k4Z8hSY/WMPTNAHVG8mbmLaR9U0kZeLq
pyjmYBOx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:26 2025 by rpki-client