Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Yhdrf-bqzGUTYECJNEPsQ8lyJMI.roa
File: Yhdrf-bqzGUTYECJNEPsQ8lyJMI.roa (raw, json)
Hash identifier: 5wglCNVOa5jhlDlRscHYfrK4SrONCyLZTQ8XjRGYbq4=
Subject key identifier: 62:17:6B:7F:E6:EA:CC:65:13:60:40:89:34:43:EC:43:C9:72:24:C2
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 375357C3
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Yhdrf-bqzGUTYECJNEPsQ8lyJMI.roa
Signing time: Wed 08 Jun 2022 10:09:05 +0000
ROA not before: Wed 08 Jun 2022 10:09:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12430
IP address blocks: 81.60.0.0/15 maxlen: 18
89.141.0.0/16 maxlen: 16
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
81.202.0.0/15 maxlen: 15
212.97.160.0/19 maxlen: 19
213.37.0.0/16 maxlen: 16
62.117.128.0/17 maxlen: 17
5.40.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
212.22.32.0/19 maxlen: 20
89.140.0.0/16 maxlen: 16
95.39.0.0/16 maxlen: 19
212.79.128.0/19 maxlen: 19
80.224.0.0/16 maxlen: 16
83.173.128.0/18 maxlen: 18
85.251.0.0/16 maxlen: 17
212.183.192.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
194.140.128.0/18 maxlen: 18
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
213.231.64.0/18 maxlen: 18
80.174.0.0/16 maxlen: 17
213.201.0.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
212.122.96.0/19 maxlen: 19
62.82.0.0/15 maxlen: 16
80.173.0.0/16 maxlen: 17
212.78.128.0/19 maxlen: 19
194.149.192.0/19 maxlen: 19
194.106.0.0/19 maxlen: 19
213.254.64.0/18 maxlen: 18
62.42.0.0/15 maxlen: 16
212.21.224.0/19 maxlen: 19
82.213.128.0/18 maxlen: 18
85.136.0.0/15 maxlen: 15
213.227.0.0/18 maxlen: 18
212.95.192.0/19 maxlen: 19
81.172.0.0/17 maxlen: 17
79.108.0.0/15 maxlen: 18
85.219.0.0/17 maxlen: 17
85.155.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
83.138.192.0/18 maxlen: 18
85.155.174.0/24 maxlen: 24
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
2.152.0.0/16 maxlen: 16
217.216.0.0/15 maxlen: 15
185.128.128.0/22 maxlen: 24
2.152.0.0/14 maxlen: 17
62.101.160.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928208835 (0x375357c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 8 10:09:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62176b7fe6eacc65136040893443ec43c97224c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:72:78:f4:f3:a3:8b:ce:ee:4d:7a:22:25:
d4:6b:09:54:26:64:fc:2b:58:6c:41:be:ff:a9:fd:
1c:0d:4c:46:8d:57:74:72:8e:69:64:ca:60:f5:88:
d6:cd:34:f7:75:e0:c4:9c:96:bd:21:e8:98:ae:64:
d9:e6:d1:72:c7:a1:0c:a4:4e:4f:4d:4e:3b:e0:54:
9a:06:5e:b3:83:52:26:b7:65:d8:c7:83:44:82:bf:
8f:6d:67:34:89:87:2a:60:34:17:1c:66:2e:76:b9:
54:8c:d7:be:94:31:9c:27:ba:22:d6:db:9c:b0:c3:
bc:f2:aa:48:ca:f0:36:62:04:4d:7d:8e:f4:32:d3:
2a:25:65:7f:e3:bc:8c:3f:0b:27:a0:18:56:c6:0a:
82:13:fb:c1:a8:80:c2:d8:6c:16:e8:09:65:c7:8e:
c3:a6:6b:60:92:94:6b:28:83:ef:d3:a9:aa:45:42:
bc:a7:5f:aa:60:65:7e:66:72:05:e3:0a:2b:f5:78:
ff:82:18:83:4a:e9:f6:ef:5f:70:36:ba:0c:c1:88:
61:97:fb:ec:b9:06:e0:5b:63:7d:c8:95:45:a1:cc:
61:9b:2f:49:38:56:f4:af:8c:dd:b6:02:70:3e:41:
8a:a9:b0:93:f7:73:b7:ee:f7:55:db:8e:02:fb:43:
b3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:17:6B:7F:E6:EA:CC:65:13:60:40:89:34:43:EC:43:C9:72:24:C2
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Yhdrf-bqzGUTYECJNEPsQ8lyJMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.117.128.0/17
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.172.0.0/17
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.136.0.0/15
85.155.0.0/16
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.22.32.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
217.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
95:71:1a:14:3e:15:79:42:fa:c9:db:ba:bf:72:6f:86:3d:e5:
65:50:58:68:5e:60:51:a8:75:c2:dd:c0:f4:72:a7:74:fc:75:
17:db:5f:b0:5a:77:f1:c6:a4:b5:e3:31:14:e7:39:dd:a2:c7:
2f:e5:f3:e7:1f:5b:3c:52:96:05:57:83:17:c0:70:d7:00:2d:
b2:b5:fd:c7:c7:98:8d:ff:11:78:b7:24:e1:f6:80:9d:28:68:
4c:ac:47:6a:13:e2:95:71:1d:7e:c4:60:6d:eb:43:85:45:8a:
24:5b:13:6e:3d:51:0a:4d:68:1a:2c:09:2e:a2:95:5d:d7:32:
3b:0b:26:20:d3:8c:bc:78:6d:0e:ea:99:6f:8d:db:f5:d3:01:
c5:08:ac:c7:64:11:33:d6:ab:4b:38:b4:49:d1:b3:6f:35:c4:
29:cc:2b:ae:7f:ed:a6:51:eb:52:76:8b:84:da:e1:6f:ca:b4:
fc:9b:9e:1a:97:c3:99:2a:3d:3f:d2:bd:cb:33:57:7f:e0:6f:
0a:df:fd:61:cf:8c:5d:96:45:c5:02:66:cf:0f:40:27:dc:18:
4c:b9:ce:6a:23:10:d5:25:e2:ba:85:3b:54:2e:2b:84:d3:b8:
5d:13:02:7e:c0:d2:29:82:22:ba:f5:b1:4b:ef:10:f4:7e:12:
b7:4e:79:44
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgIEN1NXwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDYw
ODEwMDkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIxNzZiN2ZlNmVh
Y2M2NTEzNjA0MDg5MzQ0M2VjNDNjOTcyMjRjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKl7cnj086OLzu5NeiIl1GsJVCZk/CtYbEG+/6n9HA1MRo1X
dHKOaWTKYPWI1s0093XgxJyWvSHomK5k2ebRcsehDKROT01OO+BUmgZes4NSJrdl
2MeDRIK/j21nNImHKmA0FxxmLna5VIzXvpQxnCe6ItbbnLDDvPKqSMrwNmIETX2O
9DLTKiVlf+O8jD8LJ6AYVsYKghP7waiAwthsFugJZceOw6ZrYJKUayiD79OpqkVC
vKdfqmBlfmZyBeMKK/V4/4IYg0rp9u9fcDa6DMGIYZf77LkG4FtjfciVRaHMYZsv
SThW9K+M3bYCcD5Biqmwk/dzt+73VduOAvtDs5MCAwEAAaOCAxowggMWMB0GA1Ud
DgQWBBRiF2t/5urMZRNgQIk0Q+xDyXIkwjAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L1loZHJmLWJxekdVVFlFQ0pORVBzUThseUpNSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AS4GCCsGAQUFBwEHAQH/BIIBHTCCARkwggEVBAIAATCCAQ0DAwICmAMDAAUoAwMB
PioDAwA+OTAKAwMAPlEDAwI+UAMEBT5kYAMEBT5loAMEBz51gAMDAT6uAwMBT2ww
CgMDAFCtAwMAUK4DAwBQ4AMDAVE8AwQHUawAAwMAUbgDAwFRygMDAVKeAwQGUtWA
AwQGU4rAAwQGU62AAwMDVHgDAwFViAMDAFWbAwQHVdsAAwMAVfsDAwFZjAMDAF8n
AwQCuYCAAwQFwmoAAwQGwoyAAwQFwpXAAwQF1BXgAwQF1BYgAwQF1CjgAwQF1E6A
AwQF1E+AAwQF1F/AAwQF1GGgAwQF1HpgAwQG1LfAAwMA1SUDBAfVyQADBAbV4wAD
BAbV50ADBAbV/kADAwHZ2DANBgkqhkiG9w0BAQsFAAOCAQEAlXEaFD4VeUL6ydu6
v3Jvhj3lZVBYaF5gUah1wt3A9HKndPx1F9tfsFp38cakteMxFOc53aLHL+Xz5x9b
PFKWBVeDF8Bw1wAtsrX9x8eYjf8ReLck4faAnShoTKxHahPilXEdfsRgbetDhUWK
JFsTbj1RCk1oGiwJLqKVXdcyOwsmINOMvHhtDuqZb43b9dMBxQisx2QRM9arSzi0
SdGzbzXEKcwrrn/tplHrUnaLhNrhb8q0/JueGpfDmSo9P9K9yzNXf+BvCt/9Yc+M
XZZFxQJmzw9AJ9wYTLnOaiMQ1SXiuoU7VC4rhNO4XRMCfsDSKYIiuvWxS+8Q9H4S
t055RA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-fra.rpki-client.org