Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/YPYhNkUky3g-WajP2sSmMOD_FxE.roa
File: YPYhNkUky3g-WajP2sSmMOD_FxE.roa (raw, json)
Hash identifier: lx+wB/Jlk1h1zyGcUGHaoiI0t3lxwFG73ktZCLR8sro=
Subject key identifier: 60:F6:21:36:45:24:CB:78:3E:59:A8:CF:DA:C4:A6:30:E0:FF:17:11
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 09324FA0
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/YPYhNkUky3g-WajP2sSmMOD_FxE.roa
Signing time: Mon 02 May 2022 09:15:50 +0000
ROA not before: Mon 02 May 2022 09:15:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 87.239.254.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.188.62.0/24 maxlen: 24
185.188.63.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
77.246.152.0/22 maxlen: 22
185.152.36.0/22 maxlen: 32
195.47.194.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154292128 (0x9324fa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: May 2 09:15:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60f621364524cb783e59a8cfdac4a630e0ff1711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2d:59:12:bb:be:9b:7d:80:71:2f:7b:55:e0:
a4:42:3a:9c:4a:53:f2:5d:80:18:fe:82:c4:d1:77:
28:1d:88:1b:6c:64:08:d6:76:e1:ce:b5:2f:48:a0:
85:74:a6:4a:18:6a:80:8e:09:d3:39:45:c1:1d:1a:
cc:25:15:ff:ab:fd:5d:12:f8:9a:4e:99:35:28:2d:
e1:88:78:05:00:72:74:33:5c:44:af:50:0c:26:d3:
94:bf:88:f9:e9:e9:4f:d6:2e:dc:17:23:7b:54:ce:
08:2c:08:ca:b1:c5:ca:a0:50:ce:6e:85:81:51:83:
41:b5:42:eb:56:29:9c:9b:32:bf:d3:78:9e:96:52:
5e:d3:4f:fa:38:bd:5c:da:6f:8d:20:78:d6:25:5b:
d8:eb:d1:cb:96:18:27:82:56:3a:9d:c8:75:3a:e9:
94:bd:65:48:f5:9a:37:2d:60:8d:9e:7d:24:ec:0e:
e4:6a:99:99:8d:e5:45:8e:7d:50:1b:44:33:7d:28:
57:95:09:e5:a5:7d:5b:e6:9d:bb:9e:ff:08:30:b1:
3e:ba:ff:3c:2e:10:6c:0b:9a:1f:80:28:69:2b:94:
79:8a:e4:66:eb:e8:fc:39:4a:25:bb:6e:3c:35:dd:
b7:99:3a:29:05:09:2b:64:4d:de:32:87:13:65:79:
e9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F6:21:36:45:24:CB:78:3E:59:A8:CF:DA:C4:A6:30:E0:FF:17:11
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/YPYhNkUky3g-WajP2sSmMOD_FxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
77.246.152.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.188.61.0-185.188.63.255
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
Signature Algorithm: sha256WithRSAEncryption
32:3e:8b:a2:2a:46:71:1b:42:83:98:76:66:c8:a4:65:96:4f:
b6:f8:06:f5:9a:2e:91:85:d4:d5:bc:b0:79:e1:06:62:c4:73:
2c:c9:ea:27:d1:61:0c:3e:a9:da:20:f7:8d:9c:e9:6b:87:82:
e1:87:4a:56:dc:2d:40:b1:16:f5:86:ff:25:a9:27:dd:c0:c8:
80:cc:f6:92:f6:05:94:06:bd:a5:f9:44:e9:95:4f:7f:7b:f9:
9c:47:85:75:80:12:e9:41:f3:d3:6c:2d:f1:ba:aa:c4:b1:f4:
87:2f:f3:cd:ac:e7:16:4b:e6:a6:b4:0c:74:48:a6:ba:49:3f:
8f:bc:88:b8:b4:d5:37:23:85:d5:d7:e0:9f:8f:d8:31:85:2d:
74:57:b8:90:0d:87:59:99:e1:fc:86:ec:88:37:5d:43:d4:ac:
dc:c3:86:e2:5d:55:c8:77:47:b9:10:90:ef:66:f0:0e:35:ad:
42:c1:e5:7e:3c:97:fb:30:3b:5e:2d:96:ce:42:aa:71:8b:dc:
3a:fb:b2:f6:99:1d:e9:af:8d:22:03:4d:56:79:96:01:fd:e4:
71:c5:d0:04:97:42:4f:a4:c1:b6:ac:84:dd:4c:b8:67:a5:c4:
84:78:17:5c:73:81:aa:e0:79:66:1a:c7:8e:0b:2f:ba:b4:26:
d8:29:24:75
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIECTJPoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjIyMDhiNDdiNmE4NjRkOWQxZmYzM2UwNmFhODFkMTM4MTlhNzRlMB4XDTIyMDUw
MjA5MTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBmNjIxMzY0NTI0
Y2I3ODNlNTlhOGNmZGFjNGE2MzBlMGZmMTcxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAtWRK7vpt9gHEve1XgpEI6nEpT8l2AGP6CxNF3KB2IG2xk
CNZ24c61L0ighXSmShhqgI4J0zlFwR0azCUV/6v9XRL4mk6ZNSgt4Yh4BQBydDNc
RK9QDCbTlL+I+enpT9Yu3Bcje1TOCCwIyrHFyqBQzm6FgVGDQbVC61YpnJsyv9N4
npZSXtNP+ji9XNpvjSB41iVb2OvRy5YYJ4JWOp3IdTrplL1lSPWaNy1gjZ59JOwO
5GqZmY3lRY59UBtEM30oV5UJ5aV9W+adu57/CDCxPrr/PC4QbAuaH4AoaSuUeYrk
Zuvo/DlKJbtuPDXdt5k6KQUJK2RN3jKHE2V56T8CAwEAAaOCAs4wggLKMB0GA1Ud
DgQWBBRg9iE2RSTLeD5ZqM/axKYw4P8XETAfBgNVHSMEGDAWgBSSIgi0e2qGTZ0f
8z4GqoHROBmnTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpSUl0SHRxaGsyZEhfTS1CcXFCMFRnWnAwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvNjk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBjZi8x
L1lQWWhOa1VreTNnLVdhalAyc1NtTU9EX0Z4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
Njk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBjZi8xL2tpSUl0SHRxaGsy
ZEhfTS1CcXFCMFRnWnAwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
4wYIKwYBBQUHAQcBAf8EgdMwgdAwgY0EAgABMIGGAwQABZquAwQCTfaYAwQAUPYe
AwQAVmm3AwQAV+/+AwQAWSP5AwQAWSzNAwQAW+TYAwQAXi7OAwQAuST+AwQAuWCi
AwQBuWxoAwQCuZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUMAwDBAC5vD0DBAa5
vAADBAK52UADBAC8d5oDBADDL8IwPgQCAAIwOAMFACoBR0ADBQMqBSjAAwUDKgX0
wAMFAyoGMEADBQMqBkbAAwUDKgZKAAMFAyoGUAADBQMqBlcAMA0GCSqGSIb3DQEB
CwUAA4IBAQAyPouiKkZxG0KDmHZmyKRllk+2+Ab1mi6RhdTVvLB54QZixHMsyeon
0WEMPqnaIPeNnOlrh4Lhh0pW3C1AsRb1hv8lqSfdwMiAzPaS9gWUBr2l+UTplU9/
e/mcR4V1gBLpQfPTbC3xuqrEsfSHL/PNrOcWS+amtAx0SKa6ST+PvIi4tNU3I4XV
1+Cfj9gxhS10V7iQDYdZmeH8huyIN11D1Kzcw4biXVXId0e5EJDvZvAONa1CweV+
PJf7MDteLZbOQqpxi9w6+7L2mR3pr40iA01WeZYB/eRxxdAEl0JPpMG2rITdTLhn
pcSEeBdcc4Gq4HlmGseOCy+6tCbYKSR1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:22 2023 by rpki-client on console-ams.rpki-client.org