Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/CYnPwOenS98hiOP2f6fAT_xX6wc.roa
File: CYnPwOenS98hiOP2f6fAT_xX6wc.roa (raw, json)
Hash identifier: YYSJWukHCMh5VO9zwCGebRyqBudkffM/zbEWIsimxlw=
Subject key identifier: 09:89:CF:C0:E7:A7:4B:DF:21:88:E3:F6:7F:A7:C0:4F:FC:57:EB:07
Certificate issuer: /CN=602be661e57c14659a608e9f6be605d6250047fc
Certificate serial: 018B4D5AEC261875C1CCD0D869A4F3B47FF6
Authority key identifier: 60:2B:E6:61:E5:7C:14:65:9A:60:8E:9F:6B:E6:05:D6:25:00:47:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YCvmYeV8FGWaYI6fa-YF1iUAR_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/CYnPwOenS98hiOP2f6fAT_xX6wc.roa
Signing time: Fri 20 Oct 2023 13:51:26 +0000
ROA not before: Fri 20 Oct 2023 13:51:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6876
IP address blocks: 31.31.96.0/19 maxlen: 19
185.184.168.0/22 maxlen: 22
185.177.240.0/22 maxlen: 22
212.178.0.0/19 maxlen: 19
45.156.36.0/22 maxlen: 22
185.247.20.0/22 maxlen: 22
212.90.124.0/22 maxlen: 22
212.24.112.0/24 maxlen: 24
62.16.0.0/19 maxlen: 19
37.203.0.0/19 maxlen: 19
85.238.96.0/19 maxlen: 19
188.115.128.0/18 maxlen: 18
185.228.104.0/22 maxlen: 22
185.23.104.0/22 maxlen: 22
193.178.48.0/22 maxlen: 22
176.119.64.0/18 maxlen: 18
79.140.0.0/20 maxlen: 20
95.214.40.0/22 maxlen: 22
45.130.0.0/22 maxlen: 22
130.0.32.0/19 maxlen: 19
185.166.220.0/22 maxlen: 22
195.138.64.0/19 maxlen: 19
88.214.8.0/22 maxlen: 22
185.206.36.0/22 maxlen: 22
45.140.120.0/22 maxlen: 22
185.226.112.0/22 maxlen: 22
185.145.104.0/22 maxlen: 22
2a04:2c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:5a:ec:26:18:75:c1:cc:d0:d8:69:a4:f3:b4:7f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=602be661e57c14659a608e9f6be605d6250047fc
Validity
Not Before: Oct 20 13:51:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0989cfc0e7a74bdf2188e3f67fa7c04ffc57eb07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b9:90:f1:8a:85:36:be:38:3c:2c:e7:57:4e:
d5:0f:18:66:0e:4b:9c:2e:ae:cc:a6:d4:76:ee:9b:
e3:9f:52:e3:c4:36:1e:b6:d6:d0:8c:9a:7a:0d:78:
32:e7:dc:6d:65:33:2b:32:6d:e5:fd:69:9a:5d:91:
f9:e1:87:01:52:ba:53:44:92:a9:3c:47:5b:59:d6:
b0:46:2b:2d:af:3c:0f:12:58:6b:f3:5e:f4:6e:2f:
a6:fc:97:d0:f5:dd:11:91:15:e7:ab:66:59:0d:42:
1a:97:41:82:9e:20:b9:db:52:7e:48:c0:7f:58:52:
7f:b8:03:4d:5e:47:45:07:a9:0d:a7:f3:97:87:5a:
cf:86:d1:2f:61:35:4f:9a:4b:68:cb:89:2d:15:90:
f9:79:71:6f:5c:2e:47:b5:6f:bd:13:fc:bb:09:55:
f3:e9:27:d0:ed:7d:c1:0d:cc:2b:83:c7:6e:a9:af:
6e:72:09:36:b4:5e:a4:bd:a8:5b:6a:ac:44:e9:13:
42:d3:3a:0a:52:84:73:37:dc:24:f5:3e:71:9a:8c:
85:f9:30:6b:ff:3f:fe:1e:41:3b:ae:46:2a:d9:0e:
b2:c3:a0:ed:c0:63:13:e1:8c:c6:da:48:3e:77:91:
55:ff:ce:df:c7:07:9e:2d:d2:c6:d7:8f:cc:41:3d:
c8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:89:CF:C0:E7:A7:4B:DF:21:88:E3:F6:7F:A7:C0:4F:FC:57:EB:07
X509v3 Authority Key Identifier:
keyid:60:2B:E6:61:E5:7C:14:65:9A:60:8E:9F:6B:E6:05:D6:25:00:47:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YCvmYeV8FGWaYI6fa-YF1iUAR_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/CYnPwOenS98hiOP2f6fAT_xX6wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/YCvmYeV8FGWaYI6fa-YF1iUAR_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.96.0/19
37.203.0.0/19
45.130.0.0/22
45.140.120.0/22
45.156.36.0/22
62.16.0.0/19
79.140.0.0/20
85.238.96.0/19
88.214.8.0/22
95.214.40.0/22
130.0.32.0/19
176.119.64.0/18
185.23.104.0/22
185.145.104.0/22
185.166.220.0/22
185.177.240.0/22
185.184.168.0/22
185.206.36.0/22
185.226.112.0/22
185.228.104.0/22
185.247.20.0/22
188.115.128.0/18
193.178.48.0/22
195.138.64.0/19
212.24.112.0/24
212.90.124.0/22
212.178.0.0/19
IPv6:
2a04:2c00::/29
Signature Algorithm: sha256WithRSAEncryption
b1:d8:89:c4:fb:07:86:ff:3a:80:63:d6:78:e2:96:97:62:2b:
d5:05:8d:3c:43:71:71:0e:a3:5c:f9:d9:53:c9:b6:97:06:4f:
f2:3a:7d:aa:3e:8a:51:a4:a7:c0:78:96:da:53:9c:62:e2:6e:
5f:92:0a:49:68:99:85:6e:ea:64:3f:a4:a0:d5:09:cd:9e:5b:
15:82:d1:e3:8f:7e:49:6c:c4:ed:80:03:ee:d6:14:00:32:d0:
23:21:4d:4a:8c:89:35:14:df:93:a2:5c:41:1f:01:41:1a:df:
23:6a:2e:7c:45:69:57:fe:3e:66:79:e9:93:c4:09:b5:10:16:
6d:e5:4c:93:d8:23:db:61:f3:cc:65:d2:77:ca:68:9e:7e:a6:
f7:3e:52:d9:68:74:f3:38:cc:3a:e0:86:4e:fa:14:f7:58:a9:
3e:1a:e8:98:9e:9a:ce:9d:9f:66:82:21:1e:0c:2d:2e:df:47:
20:19:38:4e:e4:e2:5e:07:e4:5b:e7:bb:0e:db:09:88:5e:65:
33:f9:eb:bb:9d:26:d3:7f:7f:21:0a:64:cf:6e:4a:ab:77:33:
c2:3b:37:3a:8a:51:f0:5b:e5:03:16:9c:c5:5e:1a:63:ae:99:
cc:50:32:62:96:32:a3:e1:0a:d0:a8:b4:4c:84:d6:8a:bf:ab:
a3:5c:66:d5
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYtNWuwmGHXBzNDYaaTztH/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMmJlNjYxZTU3YzE0NjU5YTYwOGU5ZjZiZTYwNWQ2MjUw
MDQ3ZmMwHhcNMjMxMDIwMTM1MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg5Y2ZjMGU3YTc0YmRmMjE4OGUzZjY3ZmE3YzA0ZmZjNTdlYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7mQ8YqFNr44PCznV07VDxhmDkuc
Lq7MptR27pvjn1LjxDYettbQjJp6DXgy59xtZTMrMm3l/WmaXZH54YcBUrpTRJKp
PEdbWdawRistrzwPElhr8170bi+m/JfQ9d0RkRXnq2ZZDUIal0GCniC521J+SMB/
WFJ/uANNXkdFB6kNp/OXh1rPhtEvYTVPmktoy4ktFZD5eXFvXC5HtW+9E/y7CVXz
6SfQ7X3BDcwrg8duqa9ucgk2tF6kvahbaqxE6RNC0zoKUoRzN9wk9T5xmoyF+TBr
/z/+HkE7rkYq2Q6yw6DtwGMT4YzG2kg+d5FV/87fxweeLdLG14/MQT3IUQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFAmJz8Dnp0vfIYjj9n+nwE/8V+sHMB8GA1UdIwQY
MBaAFGAr5mHlfBRlmmCOn2vmBdYlAEf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUN2bVllVjhGR1dhWUk2ZmEtWUYxaVVBUl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQyMTMtNDlmZC00YzVjLTgwMTQt
YmQzYTYzMGVlNWNjLzEvQ1luUHdPZW5TOThoaU9QMmY2ZkFUX3hYNndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85NzQyMTMtNDlmZC00YzVjLTgwMTQtYmQzYTYzMGVlNWNj
LzEvWUN2bVllVjhGR1dhWUk2ZmEtWUYxaVVBUl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAUf
H2ADBAUlywADBAItggADBAItjHgDBAItnCQDBAU+EAADBARPjAADBAVV7mADBAJY
1ggDBAJf1igDBAWCACADBAawd0ADBAK5F2gDBAK5kWgDBAK5ptwDBAK5sfADBAK5
uKgDBAK5ziQDBAK54nADBAK55GgDBAK59xQDBAa8c4ADBALBsjADBAXDikADBADU
GHADBALUWnwDBAXUsgAwDQQCAAIwBwMFAyoELAAwDQYJKoZIhvcNAQELBQADggEB
ALHYicT7B4b/OoBj1njilpdiK9UFjTxDcXEOo1z52VPJtpcGT/I6fao+ilGkp8B4
ltpTnGLibl+SCklomYVu6mQ/pKDVCc2eWxWC0eOPfklsxO2AA+7WFAAy0CMhTUqM
iTUU35OiXEEfAUEa3yNqLnxFaVf+PmZ56ZPECbUQFm3lTJPYI9th88xl0nfKaJ5+
pvc+UtlodPM4zDrghk76FPdYqT4a6Jiems6dn2aCIR4MLS7fRyAZOE7k4l4H5Fvn
uw7bCYheZTP567udJtN/fyEKZM9uSqt3M8I7NzqKUfBb5QMWnMVeGmOumcxQMmKW
MqPhCtCotEyE1oq/q6NcZtU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:52 2025 by rpki-client