Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YR5TxERSezXKB2eeLd1zqXYc2ZI.roa
File: YR5TxERSezXKB2eeLd1zqXYc2ZI.roa (raw, json)
Hash identifier: AaKeeCWCwuLrk0veR4RuYoDJ+7cPE4OfTckiqldFLQY=
Subject key identifier: 61:1E:53:C4:44:52:7B:35:CA:07:67:9E:2D:DD:73:A9:76:1C:D9:92
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018731F778C7E07FF86658F0093D02A1A1E3
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YR5TxERSezXKB2eeLd1zqXYc2ZI.roa
Signing time: Thu 30 Mar 2023 10:01:54 +0000
ROA not before: Thu 30 Mar 2023 10:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43160
IP address blocks: 185.44.233.0/24 maxlen: 24
185.44.232.0/22 maxlen: 24
212.63.118.0/24 maxlen: 24
212.63.116.0/22 maxlen: 24
212.63.123.0/24 maxlen: 24
212.63.119.0/24 maxlen: 24
212.63.120.0/24 maxlen: 24
212.63.122.0/24 maxlen: 24
185.162.172.0/23 maxlen: 24
185.94.48.0/22 maxlen: 24
195.82.104.0/24 maxlen: 24
195.82.106.0/24 maxlen: 24
185.235.103.0/24 maxlen: 24
185.196.203.0/24 maxlen: 24
185.196.202.0/23 maxlen: 24
185.196.202.0/24 maxlen: 24
85.217.136.0/24 maxlen: 24
85.217.138.0/24 maxlen: 24
85.217.135.0/24 maxlen: 24
85.217.137.0/24 maxlen: 24
85.217.142.0/24 maxlen: 24
85.217.143.0/24 maxlen: 24
85.217.141.0/24 maxlen: 24
85.217.146.0/24 maxlen: 24
85.217.150.0/24 maxlen: 24
85.217.152.0/24 maxlen: 24
85.217.151.0/24 maxlen: 24
85.217.158.0/24 maxlen: 24
85.217.154.0/24 maxlen: 24
85.217.157.0/24 maxlen: 24
85.217.159.0/24 maxlen: 24
85.217.153.0/24 maxlen: 24
85.217.155.0/24 maxlen: 24
185.130.24.0/23 maxlen: 24
185.130.24.0/22 maxlen: 24
88.98.96.0/23 maxlen: 24
88.98.96.0/20 maxlen: 24
88.98.98.0/24 maxlen: 24
88.98.104.0/23 maxlen: 24
88.98.99.0/24 maxlen: 24
88.98.100.0/22 maxlen: 24
88.98.106.0/23 maxlen: 24
88.98.111.0/24 maxlen: 24
88.98.110.0/24 maxlen: 24
185.130.26.0/23 maxlen: 24
185.202.164.0/24 maxlen: 24
185.202.164.0/22 maxlen: 24
185.202.166.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:31:f7:78:c7:e0:7f:f8:66:58:f0:09:3d:02:a1:a1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Mar 30 10:01:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=611e53c444527b35ca07679e2ddd73a9761cd992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:42:6c:db:b5:26:d7:ee:bc:ab:4a:97:cb:
13:fe:c8:25:bb:da:24:6e:c1:23:ec:ee:66:a5:59:
db:b9:fe:f3:4c:58:65:9e:b1:59:46:91:0c:14:7b:
7c:60:82:e1:26:3c:18:84:cd:96:37:6d:2a:a6:4a:
ec:b5:3e:13:bd:e8:ab:36:a1:e2:47:82:b5:55:d7:
03:75:86:fc:e8:8e:29:ab:38:53:5b:f7:3a:eb:29:
4a:70:16:28:5a:ea:94:20:50:54:8a:75:0a:88:57:
7c:c8:a3:58:63:d4:5d:d9:f5:77:70:bd:ab:de:fb:
6e:92:99:0b:39:92:ea:5b:e4:9e:51:ca:61:a1:b3:
13:52:3e:35:56:50:d5:a7:55:97:01:e8:07:48:65:
18:22:39:6e:ed:1c:2a:7c:dd:ff:df:33:e6:a8:89:
90:94:20:35:a5:f3:4f:33:da:64:5a:3a:e9:38:00:
20:b3:9c:b0:e5:12:41:c4:a0:b6:fb:85:98:6c:36:
d6:24:13:49:bc:b9:8c:d0:23:bd:4e:5b:55:26:20:
ca:16:82:07:f5:82:0a:ae:59:a0:9b:82:78:de:1d:
32:65:1c:7f:1d:2f:93:ff:b7:c7:3e:0a:8f:d6:47:
fb:33:d7:94:71:45:ee:b1:8b:a4:08:97:b7:a4:dc:
ea:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1E:53:C4:44:52:7B:35:CA:07:67:9E:2D:DD:73:A9:76:1C:D9:92
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YR5TxERSezXKB2eeLd1zqXYc2ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.135.0-85.217.138.255
85.217.141.0-85.217.143.255
85.217.146.0/24
85.217.150.0-85.217.155.255
85.217.157.0-85.217.159.255
88.98.96.0/20
185.44.232.0/22
185.94.48.0/22
185.130.24.0/22
185.162.172.0/23
185.196.202.0/23
185.202.164.0/22
185.235.103.0/24
195.82.104.0/24
195.82.106.0/24
212.63.116.0-212.63.120.255
212.63.122.0/23
Signature Algorithm: sha256WithRSAEncryption
41:00:03:a3:7e:81:c0:bc:47:a6:b2:4a:98:5e:42:84:14:ea:
d3:9c:63:f8:08:a6:62:00:7f:2f:d2:ce:a2:b3:8c:09:4d:81:
2c:b6:56:7c:65:87:0c:e8:56:6d:f6:88:3d:d5:13:f9:ff:b8:
66:74:69:fd:41:34:25:e9:c9:43:15:23:6e:2e:dc:ca:cb:a9:
64:34:3c:79:85:14:c3:b0:68:88:49:f5:93:c8:23:e8:38:32:
d7:1d:42:6d:47:db:e0:4e:b6:52:ff:05:02:f8:8c:c4:fc:aa:
66:23:aa:a9:ae:d1:3a:85:39:41:95:6f:62:0b:f1:46:6c:d2:
5e:93:cb:f7:52:4f:e9:91:f3:cb:39:90:af:5c:1a:b2:3e:b5:
c6:60:4e:6d:58:12:af:04:74:66:ad:df:be:a7:ea:b6:01:9b:
e1:50:25:67:cd:73:d8:59:6b:9b:27:f1:f0:8d:01:b4:af:af:
69:13:e4:5a:0d:93:3f:6f:0e:ef:28:ee:e5:e2:68:cf:d9:12:
06:f0:0a:74:39:a8:da:64:8c:8d:5c:5a:a4:ae:7b:02:f9:e3:
23:3f:36:cd:1a:ef:bb:1d:fe:e5:7d:ce:34:21:52:67:96:4d:
ab:f1:28:b1:5c:e9:53:79:79:54:ae:a8:a7:0b:5e:39:21:35:
75:20:cd:ba
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYcx93jH4H/4ZljwCT0CoaHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMzMwMTAwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFlNTNjNDQ0NTI3YjM1Y2EwNzY3OWUyZGRkNzNhOTc2MWNkOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq1CbNu1JtfuvKtKl8sT/sglu9ok
bsEj7O5mpVnbuf7zTFhlnrFZRpEMFHt8YILhJjwYhM2WN20qpkrstT4TveirNqHi
R4K1VdcDdYb86I4pqzhTW/c66ylKcBYoWuqUIFBUinUKiFd8yKNYY9Rd2fV3cL2r
3vtukpkLOZLqW+SeUcphobMTUj41VlDVp1WXAegHSGUYIjlu7RwqfN3/3zPmqImQ
lCA1pfNPM9pkWjrpOAAgs5yw5RJBxKC2+4WYbDbWJBNJvLmM0CO9TltVJiDKFoIH
9YIKrlmgm4J43h0yZRx/HS+T/7fHPgqP1kf7M9eUcUXusYukCJe3pNzqVwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFGEeU8REUns1ygdnni3dc6l2HNmSMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWVI1VHhFUlNlelhLQjJlZUxkMXpxWFljMlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4wDAME
AFXZhwMEAFXZijAMAwQAVdmNAwQEVdmAAwQAVdmSMAwDBAFV2ZYDBAJV2ZgwDAME
AFXZnQMEBVXZgAMEBFhiYAMEArks6AMEArleMAMEArmCGAMEAbmirAMEAbnEygME
ArnKpAMEALnrZwMEAMNSaAMEAMNSajAMAwQC1D90AwQA1D94AwQB1D96MA0GCSqG
SIb3DQEBCwUAA4IBAQBBAAOjfoHAvEemskqYXkKEFOrTnGP4CKZiAH8v0s6is4wJ
TYEstlZ8ZYcM6FZt9og91RP5/7hmdGn9QTQl6clDFSNuLtzKy6lkNDx5hRTDsGiI
SfWTyCPoODLXHUJtR9vgTrZS/wUC+IzE/KpmI6qprtE6hTlBlW9iC/FGbNJek8v3
Uk/pkfPLOZCvXBqyPrXGYE5tWBKvBHRmrd++p+q2AZvhUCVnzXPYWWubJ/HwjQG0
r69pE+RaDZM/bw7vKO7l4mjP2RIG8Ap0OajaZIyNXFqkrnsC+eMjPzbNGu+7Hf7l
fc40IVJnlk2r8SixXOlTeXlUrqinC145ITV1IM26
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:12:10 2025 by rpki-client