Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/yVG7D72EULqLRX3v_RNVQlNS-XQ.roa
File: yVG7D72EULqLRX3v_RNVQlNS-XQ.roa (raw, json)
Hash identifier: 2Yap9PCRJVLr0JdeelRKPdVae+56tH4hFB5ZasSGnkE=
Subject key identifier: C9:51:BB:0F:BD:84:50:BA:8B:45:7D:EF:FD:13:55:42:53:52:F9:74
Certificate issuer: /CN=a4f131e3e15058d93ffddb60ac7083bef89d2e86
Certificate serial: 0188118ACDB3B15CD1578AD58BDBA195A7CD
Authority key identifier: A4:F1:31:E3:E1:50:58:D9:3F:FD:DB:60:AC:70:83:BE:F8:9D:2E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPEx4-FQWNk__dtgrHCDvvidLoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/yVG7D72EULqLRX3v_RNVQlNS-XQ.roa
Signing time: Fri 12 May 2023 19:58:09 +0000
ROA not before: Fri 12 May 2023 19:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12628
IP address blocks: 194.153.117.0/24 maxlen: 24
2001:67c:2738::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:11:8a:cd:b3:b1:5c:d1:57:8a:d5:8b:db:a1:95:a7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f131e3e15058d93ffddb60ac7083bef89d2e86
Validity
Not Before: May 12 19:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c951bb0fbd8450ba8b457deffd1355425352f974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:31:e8:75:2a:60:e2:a2:10:4e:ed:48:be:ee:
b1:82:61:1b:79:d2:86:97:6d:fa:97:30:d1:6f:f2:
a2:ed:d5:2d:5c:14:78:cc:42:12:11:d2:b4:a0:97:
50:c3:2d:1d:c6:5d:a8:bb:1f:0c:ce:00:20:f6:3b:
cd:53:f4:11:50:11:9b:c5:73:31:37:8c:27:8e:e1:
a6:54:84:41:53:b5:9e:10:db:fc:ac:f8:62:a8:8b:
14:16:a8:52:9c:09:75:db:dc:e9:25:4e:b4:e6:bf:
c7:e1:39:fe:e9:ef:de:53:1a:32:22:f8:e4:a5:83:
dc:92:a1:7b:63:e5:b1:1f:5d:d4:91:96:28:20:1d:
31:8a:fb:73:2d:f9:5f:ea:3b:14:7f:73:36:5a:e5:
15:04:be:99:8b:76:b3:2d:b6:b6:85:e9:3c:dc:74:
fc:22:39:d6:e5:71:92:5e:a1:90:fd:12:c2:be:0e:
67:46:f8:28:8d:a5:30:d3:9c:e8:6d:95:b7:8b:1b:
91:cd:98:3f:90:bf:a4:cf:b8:ab:63:e3:60:6b:80:
d4:3b:dd:dd:8d:9b:05:3a:9c:54:4c:5f:09:5c:43:
21:a4:0f:86:d9:7e:bd:41:d7:5b:c5:8b:cb:0f:f5:
e9:b4:58:93:c1:60:ae:d5:f7:2d:42:b9:86:0b:dc:
0c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:51:BB:0F:BD:84:50:BA:8B:45:7D:EF:FD:13:55:42:53:52:F9:74
X509v3 Authority Key Identifier:
keyid:A4:F1:31:E3:E1:50:58:D9:3F:FD:DB:60:AC:70:83:BE:F8:9D:2E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPEx4-FQWNk__dtgrHCDvvidLoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/yVG7D72EULqLRX3v_RNVQlNS-XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/pPEx4-FQWNk__dtgrHCDvvidLoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.117.0/24
IPv6:
2001:67c:2738::/48
Signature Algorithm: sha256WithRSAEncryption
5f:0c:a1:da:78:3c:1e:c4:ea:43:63:f8:50:e3:d5:27:52:84:
f0:91:5b:45:04:19:ad:06:5f:c6:86:4a:f6:69:28:83:3b:41:
aa:ff:b0:74:9b:95:75:f9:8e:6e:20:c5:e7:4e:84:d4:cd:8c:
a3:0d:13:87:3e:d1:31:38:21:9d:2f:0d:36:d8:9b:8c:42:c6:
93:42:8c:e0:af:d1:08:6a:01:3e:32:73:c0:15:eb:9d:6d:a2:
17:c9:4d:e0:d2:ca:77:52:37:83:f5:1a:0b:c9:0d:d6:4a:c4:
45:e5:5d:63:04:a3:1b:d1:cf:db:ce:26:56:82:15:e9:b7:d9:
31:dd:cc:10:a9:6a:d9:97:88:37:63:1e:4f:eb:5b:de:a0:ef:
9d:1d:ce:c2:4c:36:0d:52:01:a4:1c:ea:27:1b:8e:8e:c0:09:
e2:94:89:bc:da:0f:bf:7c:4c:e0:43:7c:10:98:9b:9f:cd:2c:
9b:2c:57:09:9f:90:55:fc:03:36:4d:8f:11:6b:9b:69:af:a3:
8b:95:f2:55:67:8b:44:ce:f0:d8:20:ef:d0:d7:e6:40:85:cb:
11:a9:76:93:37:bf:5b:69:54:3f:41:1b:2c:7e:14:c7:3a:a1:
5c:00:5e:e9:06:5b:22:a0:93:2f:1b:0c:39:29:6e:86:c5:d1:
8e:f7:f2:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgRis2zsVzRV4rVi9uhlafNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjEzMWUzZTE1MDU4ZDkzZmZkZGI2MGFjNzA4M2JlZjg5
ZDJlODYwHhcNMjMwNTEyMTk1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTUxYmIwZmJkODQ1MGJhOGI0NTdkZWZmZDEzNTU0MjUzNTJmOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTHodSpg4qIQTu1Ivu6xgmEbedKG
l236lzDRb/Ki7dUtXBR4zEISEdK0oJdQwy0dxl2oux8MzgAg9jvNU/QRUBGbxXMx
N4wnjuGmVIRBU7WeENv8rPhiqIsUFqhSnAl129zpJU605r/H4Tn+6e/eUxoyIvjk
pYPckqF7Y+WxH13UkZYoIB0xivtzLflf6jsUf3M2WuUVBL6Zi3azLba2hek83HT8
IjnW5XGSXqGQ/RLCvg5nRvgojaUw05zobZW3ixuRzZg/kL+kz7irY+Nga4DUO93d
jZsFOpxUTF8JXEMhpA+G2X69QddbxYvLD/XptFiTwWCu1fctQrmGC9wMnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMlRuw+9hFC6i0V97/0TVUJTUvl0MB8GA1UdIwQY
MBaAFKTxMePhUFjZP/3bYKxwg774nS6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBFeDQtRlFXTmtfX2R0Z3JIQ0R2dmlkTG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84NDJlN2YtMDM1MC00YjAyLWE5OTQt
ZjcxYTQ5ZWJhNDhhLzEveVZHN0Q3MkVVTHFMUlgzdl9STlZRbE5TLVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84NDJlN2YtMDM1MC00YjAyLWE5OTQtZjcxYTQ5ZWJhNDhh
LzEvcFBFeDQtRlFXTmtfX2R0Z3JIQ0R2dmlkTG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwpl1MA8E
AgACMAkDBwAgAQZ8JzgwDQYJKoZIhvcNAQELBQADggEBAF8Modp4PB7E6kNj+FDj
1SdShPCRW0UEGa0GX8aGSvZpKIM7Qar/sHSblXX5jm4gxedOhNTNjKMNE4c+0TE4
IZ0vDTbYm4xCxpNCjOCv0QhqAT4yc8AV651tohfJTeDSyndSN4P1GgvJDdZKxEXl
XWMEoxvRz9vOJlaCFem32THdzBCpatmXiDdjHk/rW96g750dzsJMNg1SAaQc6icb
jo7ACeKUibzaD798TOBDfBCYm5/NLJssVwmfkFX8AzZNjxFrm2mvo4uV8lVni0TO
8Ngg79DX5kCFyxGpdpM3v1tpVD9BGyx+FMc6oVwAXukGWyKgky8bDDkpbobF0Y73
8gI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:03 2025 by rpki-client