Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/yX1eKyL8dGmnbeXZf8u6NWtrWrk.roa
File: yX1eKyL8dGmnbeXZf8u6NWtrWrk.roa (raw, json)
Hash identifier: G9SpY5ndoCuzb9vj3/bPZ1SN2Tzz1YcHb/Llu3p6YLY=
Subject key identifier: C9:7D:5E:2B:22:FC:74:69:A7:6D:E5:D9:7F:CB:BA:35:6B:6B:5A:B9
Certificate issuer: /CN=624c494f56193b4e9adf3db72e4f01978c587f18
Certificate serial: 018A46E5E0199A535207B29F6787A8234A7C
Authority key identifier: 62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/yX1eKyL8dGmnbeXZf8u6NWtrWrk.roa
Signing time: Wed 30 Aug 2023 14:43:04 +0000
ROA not before: Wed 30 Aug 2023 14:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204720
IP address blocks: 185.31.113.0/24 maxlen: 24
91.231.238.0/24 maxlen: 24
91.238.111.0/24 maxlen: 24
151.236.110.0/24 maxlen: 24
151.236.108.0/24 maxlen: 24
151.236.112.0/24 maxlen: 24
151.236.118.0/24 maxlen: 24
151.236.117.0/24 maxlen: 24
151.236.116.0/24 maxlen: 24
151.236.115.0/24 maxlen: 24
151.236.114.0/24 maxlen: 24
151.236.124.0/24 maxlen: 24
151.236.121.0/24 maxlen: 24
151.236.120.0/24 maxlen: 24
151.236.119.0/24 maxlen: 24
151.236.127.0/24 maxlen: 24
151.236.126.0/24 maxlen: 24
151.236.71.0/24 maxlen: 24
151.236.69.0/24 maxlen: 24
151.236.68.0/24 maxlen: 24
151.236.66.0/24 maxlen: 24
151.236.82.0/24 maxlen: 24
151.236.79.0/24 maxlen: 24
151.236.98.0/24 maxlen: 24
151.236.97.0/24 maxlen: 24
151.236.92.0/24 maxlen: 24
151.236.105.0/24 maxlen: 24
151.236.104.0/24 maxlen: 24
151.236.103.0/24 maxlen: 24
151.236.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:e5:e0:19:9a:53:52:07:b2:9f:67:87:a8:23:4a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624c494f56193b4e9adf3db72e4f01978c587f18
Validity
Not Before: Aug 30 14:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c97d5e2b22fc7469a76de5d97fcbba356b6b5ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7b:92:9c:51:c1:dc:8d:3c:e5:e1:6f:56:06:
75:b1:1b:d8:6a:d5:80:00:6c:08:3a:12:e7:09:b6:
59:fa:a8:e7:d0:d2:50:ea:36:1e:24:6e:95:17:06:
f7:97:a0:33:87:6d:74:af:c8:a0:6a:e6:9e:f3:a7:
00:18:db:a2:24:90:1e:45:0a:34:9f:12:59:77:74:
d2:18:e4:b6:67:dc:ad:12:2f:a9:65:0d:5a:07:4d:
08:5f:e9:2c:f8:c0:c7:9b:65:13:46:23:40:7e:60:
ee:2f:55:74:c2:d3:b1:34:f8:46:b0:27:3a:7f:7d:
c4:03:ed:e2:e0:3f:21:41:a8:85:ef:d1:2f:da:2e:
93:3b:1d:46:40:e4:87:cb:b4:e5:c4:17:af:99:e0:
4a:94:b5:37:d9:24:6e:2c:f2:1b:fa:60:5e:cf:f6:
1b:93:04:ee:4a:27:77:9a:c2:2d:50:e4:3d:b8:65:
d9:dc:6f:b9:bb:6a:79:3e:c6:a8:e9:d9:97:44:52:
3f:30:66:27:53:25:4c:68:e0:35:8d:10:2f:0a:26:
bc:1a:6a:cf:05:69:60:5e:e9:e4:ef:cc:0b:b8:9a:
f8:1a:58:a9:2e:7b:34:cc:2f:5a:32:5c:fe:0a:1b:
0a:4a:d7:79:ce:42:9a:9f:bc:0b:1c:ed:9b:64:6e:
fc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7D:5E:2B:22:FC:74:69:A7:6D:E5:D9:7F:CB:BA:35:6B:6B:5A:B9
X509v3 Authority Key Identifier:
keyid:62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/yX1eKyL8dGmnbeXZf8u6NWtrWrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.238.0/24
91.238.111.0/24
151.236.66.0/24
151.236.68.0/23
151.236.71.0/24
151.236.79.0/24
151.236.82.0/24
151.236.92.0/24
151.236.97.0-151.236.98.255
151.236.101.0/24
151.236.103.0-151.236.105.255
151.236.108.0/24
151.236.110.0/24
151.236.112.0/24
151.236.114.0-151.236.121.255
151.236.124.0/24
151.236.126.0/23
185.31.113.0/24
Signature Algorithm: sha256WithRSAEncryption
43:2e:02:3a:8e:b5:6f:23:b0:5f:ec:5e:85:5f:21:33:44:71:
07:58:fe:c9:10:75:b9:38:cf:17:a3:d9:55:a7:90:f5:a2:56:
d7:21:30:d4:d9:b4:5d:01:d4:59:25:7c:f8:47:4d:df:77:9c:
2d:32:a0:ad:06:2e:16:de:a0:86:c2:16:a1:71:9e:44:d1:44:
c8:69:4d:4c:92:d0:91:53:73:f6:5e:f3:ca:6b:14:47:35:eb:
12:be:8a:15:4d:f0:7c:9f:25:0c:41:81:94:0e:9d:07:24:0c:
1a:73:f6:17:d6:d1:f1:e5:ee:15:a2:d0:fc:cb:99:2c:9d:d9:
27:d3:b7:bd:9e:5e:a5:96:f7:4e:76:e2:99:63:9b:c2:06:5e:
fc:90:16:5a:6b:68:13:9e:92:4b:42:6e:cf:33:8f:fc:73:ad:
41:76:39:ef:1d:35:74:6c:cf:6a:cb:d0:ee:ab:31:a4:a3:a8:
de:e1:5d:1c:62:46:2d:ce:62:c6:17:b1:24:44:2a:5e:1e:87:
3d:73:52:d4:ef:f0:aa:6d:71:a9:58:a0:90:0d:e3:bb:ad:7d:
4c:a9:fe:0a:a7:be:71:a4:91:02:17:18:12:5f:fa:4d:fd:35:
49:d9:f3:ed:63:4a:27:1e:7f:67:42:98:6b:a5:15:37:b3:ec:
b7:dd:6b:31
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYpG5eAZmlNSB7KfZ4eoI0p8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGM0OTRmNTYxOTNiNGU5YWRmM2RiNzJlNGYwMTk3OGM1
ODdmMTgwHhcNMjMwODMwMTQ0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdkNWUyYjIyZmM3NDY5YTc2ZGU1ZDk3ZmNiYmEzNTZiNmI1YWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XuSnFHB3I085eFvVgZ1sRvYatWA
AGwIOhLnCbZZ+qjn0NJQ6jYeJG6VFwb3l6Azh210r8igauae86cAGNuiJJAeRQo0
nxJZd3TSGOS2Z9ytEi+pZQ1aB00IX+ks+MDHm2UTRiNAfmDuL1V0wtOxNPhGsCc6
f33EA+3i4D8hQaiF79Ev2i6TOx1GQOSHy7TlxBevmeBKlLU32SRuLPIb+mBez/Yb
kwTuSid3msItUOQ9uGXZ3G+5u2p5Psao6dmXRFI/MGYnUyVMaOA1jRAvCia8GmrP
BWlgXunk78wLuJr4GlipLns0zC9aMlz+ChsKStd5zkKan7wLHO2bZG782wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFMl9Xisi/HRpp23l2X/LujVra1q5MB8GA1UdIwQY
MBaAFGJMSU9WGTtOmt89ty5PAZeMWH8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2Mt
N2FhYjZlZjk1NWExLzEveVgxZUt5TDhkR21uYmVYWmY4dTZOV3RyV3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2MtN2FhYjZlZjk1NWEx
LzEvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBABb
5+4DBABb7m8DBACX7EIDBAGX7EQDBACX7EcDBACX7E8DBACX7FIDBACX7FwwDAME
AJfsYQMEAJfsYgMEAJfsZTAMAwQAl+xnAwQBl+xoAwQAl+xsAwQAl+xuAwQAl+xw
MAwDBAGX7HIDBAGX7HgDBACX7HwDBAGX7H4DBAC5H3EwDQYJKoZIhvcNAQELBQAD
ggEBAEMuAjqOtW8jsF/sXoVfITNEcQdY/skQdbk4zxej2VWnkPWiVtchMNTZtF0B
1FklfPhHTd93nC0yoK0GLhbeoIbCFqFxnkTRRMhpTUyS0JFTc/Ze88prFEc16xK+
ihVN8HyfJQxBgZQOnQckDBpz9hfW0fHl7hWi0PzLmSyd2SfTt72eXqWW90524plj
m8IGXvyQFlpraBOekktCbs8zj/xzrUF2Oe8dNXRsz2rL0O6rMaSjqN7hXRxiRi3O
YsYXsSREKl4ehz1zUtTv8KptcalYoJAN47utfUyp/gqnvnGkkQIXGBJf+k39NUnZ
8+1jSicef2dCmGulFTez7LfdazE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:36 2025 by rpki-client