Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/Yo65BD7M_PtHCSwS7QGf_bryWBg.roa
File: Yo65BD7M_PtHCSwS7QGf_bryWBg.roa (raw, json)
Hash identifier: TdXlbiuZrgpZ/2K0MiUkZ7Vqy+H9btekHZcNtNGzz48=
Subject key identifier: 62:8E:B9:04:3E:CC:FC:FB:47:09:2C:12:ED:01:9F:FD:BA:F2:58:18
Certificate issuer: /CN=40d5591a75bd693e9d3b766834bf074f7b1eee3a
Certificate serial: 0185626C483CB8EE3F1F409D68DFF42A7CD2
Authority key identifier: 40:D5:59:1A:75:BD:69:3E:9D:3B:76:68:34:BF:07:4F:7B:1E:EE:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNVZGnW9aT6dO3ZoNL8HT3se7jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/Yo65BD7M_PtHCSwS7QGf_bryWBg.roa
Signing time: Fri 30 Dec 2022 09:45:41 +0000
ROA not before: Fri 30 Dec 2022 09:45:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13195
IP address blocks: 193.201.107.0/24 maxlen: 24
2001:678:c28::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:6c:48:3c:b8:ee:3f:1f:40:9d:68:df:f4:2a:7c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d5591a75bd693e9d3b766834bf074f7b1eee3a
Validity
Not Before: Dec 30 09:45:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=628eb9043eccfcfb47092c12ed019ffdbaf25818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a3:e6:59:8c:7c:10:72:32:7d:6c:7a:8c:5c:
9d:ba:69:8d:f1:8a:96:37:1a:41:f2:ba:aa:ef:aa:
27:5e:80:71:3c:f1:94:5d:f4:3d:ec:92:a1:f3:70:
54:87:6d:48:f9:f7:0f:7c:2d:60:97:cc:e1:ca:4d:
1a:31:af:d9:09:c1:c7:8f:c2:0c:30:c3:9f:6d:82:
11:0d:2e:ca:d8:10:ec:6b:e3:8a:30:08:33:11:d9:
23:9b:2f:5b:dc:77:fd:da:9e:bb:60:53:85:1a:aa:
a7:d3:f5:ff:c3:d1:7c:65:f9:79:f8:1a:9f:1c:60:
00:a6:11:9a:b2:48:70:0e:56:4b:0a:b4:2f:26:a1:
3f:33:8f:33:c1:53:18:4f:55:10:40:fd:15:23:f7:
cc:84:fc:5d:44:4f:13:3c:84:32:5c:44:a5:cc:e5:
43:ee:25:75:1a:6a:b9:c6:34:a3:6b:12:22:d6:81:
58:49:b4:9a:b4:cc:aa:ed:b3:55:cf:c8:cc:79:32:
37:92:a1:ae:4b:a4:64:58:03:34:df:cf:a1:9d:b8:
aa:62:d2:8b:03:31:14:fa:6e:c8:6b:96:5d:16:46:
a5:f9:a5:53:e2:5f:78:70:3b:fc:c3:49:98:e3:a0:
f6:70:e4:8f:a7:61:f1:2c:4d:43:7d:e6:b4:ab:0c:
2e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:8E:B9:04:3E:CC:FC:FB:47:09:2C:12:ED:01:9F:FD:BA:F2:58:18
X509v3 Authority Key Identifier:
keyid:40:D5:59:1A:75:BD:69:3E:9D:3B:76:68:34:BF:07:4F:7B:1E:EE:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNVZGnW9aT6dO3ZoNL8HT3se7jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/Yo65BD7M_PtHCSwS7QGf_bryWBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.107.0/24
IPv6:
2001:678:c28::/48
Signature Algorithm: sha256WithRSAEncryption
1c:27:0c:8d:9c:d8:ce:84:4b:71:97:92:32:61:2b:7b:49:02:
c3:23:0c:ff:f5:9f:6e:14:b7:0a:94:31:bb:4c:61:56:94:fe:
f0:aa:2b:83:a7:11:fc:b7:ec:6b:d6:02:e3:b1:3d:ef:0e:93:
63:8d:f6:72:dd:7c:03:9c:33:bc:a3:f4:0e:d8:57:2e:60:0d:
89:39:67:24:29:a3:b6:6f:68:c5:57:95:0f:ad:6a:07:5c:8a:
06:30:66:ab:31:2c:58:31:6c:1b:b6:ac:cc:74:80:39:68:48:
92:96:bc:e0:88:17:60:92:5f:02:6d:cc:ce:7b:e3:af:dc:67:
9e:a6:6d:c6:16:10:7f:c7:24:e9:ab:0c:79:e2:ef:56:31:a7:
6d:38:3a:d7:96:d8:2f:b3:79:a9:9a:b5:d6:38:19:13:fb:f5:
f6:ed:94:68:94:bb:18:17:cf:44:6e:4c:a2:d2:92:ff:67:87:
8e:fe:c2:b4:4c:7d:9f:51:0e:92:e3:81:6f:e5:ae:9e:be:c9:
f5:7a:4b:73:29:72:4c:1e:fa:67:a5:93:91:0a:e5:eb:80:90:
a9:95:11:23:b3:3a:31:48:15:df:c2:d4:c2:25:36:ec:b2:59:
a3:00:0a:12:c8:6f:67:0d:2e:5c:0d:73:ad:7a:b0:49:66:4e:
9c:da:73:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVibEg8uO4/H0CdaN/0KnzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDU1OTFhNzViZDY5M2U5ZDNiNzY2ODM0YmYwNzRmN2Ix
ZWVlM2EwHhcNMjIxMjMwMDk0NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjhlYjkwNDNlY2NmY2ZiNDcwOTJjMTJlZDAxOWZmZGJhZjI1ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qPmWYx8EHIyfWx6jFydummN8YqW
NxpB8rqq76onXoBxPPGUXfQ97JKh83BUh21I+fcPfC1gl8zhyk0aMa/ZCcHHj8IM
MMOfbYIRDS7K2BDsa+OKMAgzEdkjmy9b3Hf92p67YFOFGqqn0/X/w9F8Zfl5+Bqf
HGAAphGaskhwDlZLCrQvJqE/M48zwVMYT1UQQP0VI/fMhPxdRE8TPIQyXESlzOVD
7iV1Gmq5xjSjaxIi1oFYSbSatMyq7bNVz8jMeTI3kqGuS6RkWAM038+hnbiqYtKL
AzEU+m7Ia5ZdFkal+aVT4l94cDv8w0mY46D2cOSPp2HxLE1Dfea0qwwuDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGKOuQQ+zPz7RwksEu0Bn/268lgYMB8GA1UdIwQY
MBaAFEDVWRp1vWk+nTt2aDS/B097Hu46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5WWkduVzlhVDZkTzNab05MOEhUM3NlN2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85YzlmMjgtNGY0MS00NzJkLWE2M2Ut
YTEwYTNhNDk2M2ZiLzEvWW82NUJEN01fUHRIQ1N3UzdRR2ZfYnJ5V0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85YzlmMjgtNGY0MS00NzJkLWE2M2UtYTEwYTNhNDk2M2Zi
LzEvUU5WWkduVzlhVDZkTzNab05MOEhUM3NlN2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwclrMA8E
AgACMAkDBwAgAQZ4DCgwDQYJKoZIhvcNAQELBQADggEBABwnDI2c2M6ES3GXkjJh
K3tJAsMjDP/1n24UtwqUMbtMYVaU/vCqK4OnEfy37GvWAuOxPe8Ok2ON9nLdfAOc
M7yj9A7YVy5gDYk5ZyQpo7ZvaMVXlQ+tagdcigYwZqsxLFgxbBu2rMx0gDloSJKW
vOCIF2CSXwJtzM5746/cZ56mbcYWEH/HJOmrDHni71Yxp204OteW2C+zeamatdY4
GRP79fbtlGiUuxgXz0RuTKLSkv9nh47+wrRMfZ9RDpLjgW/lrp6+yfV6S3Mpckwe
+melk5EK5euAkKmVESOzOjFIFd/C1MIlNuyyWaMAChLIb2cNLlwNc616sElmTpza
c+E=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:24:49 2025 by rpki-client