Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/YRtgIrydehi869qcSS8W3bcPemA.roa
File: YRtgIrydehi869qcSS8W3bcPemA.roa (raw, json)
Hash identifier: /scBEql2L77vFKeEmNg7+vbvKL3OXID0C8JRVjDzB90=
Subject key identifier: 61:1B:60:22:BC:9D:7A:18:BC:EB:DA:9C:49:2F:16:DD:B7:0F:7A:60
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018BF586BDED78A59478B16F771AA805723F
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/YRtgIrydehi869qcSS8W3bcPemA.roa
Signing time: Wed 22 Nov 2023 05:35:30 +0000
ROA not before: Wed 22 Nov 2023 05:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.240.0/21 maxlen: 21
95.38.243.0/24 maxlen: 24
95.38.241.0/24 maxlen: 24
95.38.242.0/24 maxlen: 24
95.38.248.0/22 maxlen: 22
95.38.200.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.240.0/24 maxlen: 24
95.38.136.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/24 maxlen: 24
95.38.152.0/21 maxlen: 21
95.38.153.0/24 maxlen: 24
95.38.168.0/22 maxlen: 22
95.38.174.0/24 maxlen: 24
95.38.96.0/21 maxlen: 21
95.38.97.0/24 maxlen: 24
95.38.98.0/24 maxlen: 24
95.38.96.0/24 maxlen: 24
95.38.104.0/22 maxlen: 22
95.38.130.0/23 maxlen: 23
95.38.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:86:bd:ed:78:a5:94:78:b1:6f:77:1a:a8:05:72:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Nov 22 05:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=611b6022bc9d7a18bcebda9c492f16ddb70f7a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:e5:99:c3:cf:35:50:4b:3b:3e:ea:82:a4:
22:dc:22:0e:fe:c8:ff:5a:1a:1e:e2:ff:8d:00:55:
05:e0:94:e7:f4:35:54:ca:fb:87:58:2d:66:ee:e7:
b4:43:a8:48:9c:4e:ec:e5:fd:0a:b8:85:5a:69:a7:
f1:15:37:b1:13:a2:76:b0:84:98:77:82:bf:e6:77:
12:8e:d8:a7:c4:92:8d:63:cf:e9:10:9e:26:3c:9c:
85:2b:82:60:c6:8a:68:7d:46:e5:c3:e5:24:8b:ec:
fc:80:c3:f1:8d:17:33:c7:07:72:d8:52:80:4c:8d:
cf:20:df:68:c2:4b:1a:fc:50:3c:0a:35:68:fe:09:
bf:59:25:0a:b0:9b:ee:15:61:04:7f:6a:69:0f:18:
1d:7e:52:44:26:1d:82:fb:15:40:77:33:62:72:49:
35:04:f5:6a:23:21:4d:c7:88:56:23:91:23:9a:c3:
47:ff:8b:2d:37:2e:e0:df:6a:84:e5:45:b3:66:1a:
46:b0:c0:3d:54:6d:01:48:f6:19:1d:61:dd:a8:98:
f5:36:ee:54:4d:41:c0:37:3e:e7:45:e5:83:2c:73:
f2:93:d5:87:b4:2c:18:64:7a:30:b5:72:1c:de:7d:
c0:4b:4c:dd:fc:d7:99:cd:78:fc:e9:57:ed:31:6d:
92:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1B:60:22:BC:9D:7A:18:BC:EB:DA:9C:49:2F:16:DD:B7:0F:7A:60
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/YRtgIrydehi869qcSS8W3bcPemA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.130.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.174.0/24
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
8c:62:e7:cc:eb:38:54:81:b1:90:e4:07:01:b5:19:6f:5b:47:
a2:88:74:01:d3:f6:47:1c:b1:35:24:59:22:52:cd:81:89:5f:
e5:1b:25:39:4e:c3:a8:d1:f7:7f:42:32:3f:b5:29:45:b1:37:
8e:2b:65:8f:f9:d5:14:e8:73:79:6f:13:33:bc:b8:ca:a5:56:
31:8c:68:30:f6:1c:1f:98:7c:a2:d0:aa:fb:58:01:fc:dc:60:
c9:1f:7a:86:d1:e1:45:ce:35:6d:f6:f9:87:66:b3:b4:f7:38:
d4:6c:da:49:68:10:e9:95:4d:ce:58:a1:e5:e6:47:42:bb:86:
68:e6:9c:3c:aa:6c:85:b7:fc:39:9d:3f:07:82:10:98:62:4c:
f2:d4:f8:90:c8:ab:ff:1a:28:71:07:41:c3:4f:c4:af:44:9c:
a7:6b:7d:00:90:2c:6e:71:53:ff:fc:41:dc:ec:cc:57:7d:10:
bd:24:13:aa:4b:c4:dd:8d:49:a8:28:0b:b3:7c:19:43:47:a5:
5b:14:4f:ee:06:d2:a3:f4:c4:81:0d:9c:e8:24:30:0f:4e:8a:
29:c5:02:c0:a3:fd:18:c1:e7:07:32:8e:8c:d1:ce:ea:f5:ba:
68:31:90:43:49:1f:62:a5:ef:51:a4:17:1d:20:3d:a9:7e:76:
c8:63:c0:fa
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYv1hr3teKWUeLFvdxqoBXI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMxMTIyMDUzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFiNjAyMmJjOWQ3YTE4YmNlYmRhOWM0OTJmMTZkZGI3MGY3YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmDlmcPPNVBLOz7qgqQi3CIO/sj/
Whoe4v+NAFUF4JTn9DVUyvuHWC1m7ue0Q6hInE7s5f0KuIVaaafxFTexE6J2sISY
d4K/5ncSjtinxJKNY8/pEJ4mPJyFK4JgxopofUblw+Uki+z8gMPxjRczxwdy2FKA
TI3PIN9owksa/FA8CjVo/gm/WSUKsJvuFWEEf2ppDxgdflJEJh2C+xVAdzNickk1
BPVqIyFNx4hWI5EjmsNH/4stNy7g32qE5UWzZhpGsMA9VG0BSPYZHWHdqJj1Nu5U
TUHANz7nReWDLHPyk9WHtCwYZHowtXIc3n3AS0zd/NeZzXj86VftMW2S2QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGEbYCK8nXoYvOvanEkvFt23D3pgMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvWVJ0Z0lyeWRlaGk4NjlxY1NTOFczYmNQZW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVfJmAD
BAJfJmgwDAMEAV8mggMEBF8mgAMEA18mmAMEAl8mqAMEAF8mrgMEAl8myAMEAl8m
0DAMAwQEXybwAwQCXyb4MA0GCSqGSIb3DQEBCwUAA4IBAQCMYufM6zhUgbGQ5AcB
tRlvW0eiiHQB0/ZHHLE1JFkiUs2BiV/lGyU5TsOo0fd/QjI/tSlFsTeOK2WP+dUU
6HN5bxMzvLjKpVYxjGgw9hwfmHyi0Kr7WAH83GDJH3qG0eFFzjVt9vmHZrO09zjU
bNpJaBDplU3OWKHl5kdCu4Zo5pw8qmyFt/w5nT8HghCYYkzy1PiQyKv/GihxB0HD
T8SvRJyna30AkCxucVP//EHc7MxXfRC9JBOqS8TdjUmoKAuzfBlDR6VbFE/uBtKj
9MSBDZzoJDAPToopxQLAo/0YwecHMo6M0c7q9bpoMZBDSR9ipe9RpBcdID2pfnbI
Y8D6
-----END CERTIFICATE-----
Generated at Tue May 13 16:04:51 2025 by rpki-client