Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YuYYgbBrwSTATZRHos-yiW3I8Qc.roa
File: YuYYgbBrwSTATZRHos-yiW3I8Qc.roa (raw, json)
Hash identifier: SLzYUkJhDfEdUDSHkDdkG07My3oCvl+OOcSSUEZzRCk=
Subject key identifier: 62:E6:18:81:B0:6B:C1:24:C0:4D:94:47:A2:CF:B2:89:6D:C8:F1:07
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018AB13CDB71689C59B7FA20E8DED0A8C85D
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YuYYgbBrwSTATZRHos-yiW3I8Qc.roa
Signing time: Wed 20 Sep 2023 06:17:50 +0000
ROA not before: Wed 20 Sep 2023 06:17:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:3c:db:71:68:9c:59:b7:fa:20:e8:de:d0:a8:c8:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 20 06:17:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62e61881b06bc124c04d9447a2cfb2896dc8f107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:45:13:01:95:37:0a:6e:ee:00:56:17:eb:81:
8e:e0:86:50:74:cb:29:0b:97:2a:ae:41:c4:4e:a7:
e5:31:23:3c:a2:bf:e2:99:ce:9c:a3:78:76:bf:44:
ed:54:96:25:6a:85:6d:e1:00:fd:da:21:1f:75:79:
7c:da:f5:f4:39:61:01:0c:75:e8:91:d3:93:04:c5:
3d:f1:92:df:a5:a1:a6:90:49:7c:a1:09:fa:50:7c:
b8:63:b3:2d:aa:d4:e6:72:d0:6b:f4:6c:75:62:22:
0f:1b:e9:aa:93:73:fc:f7:91:3d:bc:57:a8:7b:d0:
16:6c:d5:01:c3:e8:eb:bc:25:07:af:64:4a:94:92:
ff:5d:58:8b:c7:f2:06:0b:8d:0e:3c:a6:da:1d:fb:
e9:af:70:9a:15:eb:b6:62:ad:e0:4b:b6:3a:65:36:
43:16:46:78:45:11:8e:b6:67:9a:4c:99:e6:a0:80:
8c:76:52:00:4f:53:dd:0c:cc:08:2b:2f:ef:54:4e:
73:58:c2:ce:f0:c6:94:ff:73:23:32:fd:b1:31:7a:
30:ec:37:67:99:35:78:e8:2a:1f:57:b4:0b:e0:95:
3c:e8:fe:08:c9:a2:66:2b:3f:6e:bd:c8:9d:c2:35:
39:cc:81:4a:82:4d:de:e2:f2:a9:fa:9e:09:fa:4c:
b3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E6:18:81:B0:6B:C1:24:C0:4D:94:47:A2:CF:B2:89:6D:C8:F1:07
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YuYYgbBrwSTATZRHos-yiW3I8Qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.140.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
86:2a:85:6d:69:15:9b:33:09:cb:d5:c6:38:02:9a:06:94:02:
3a:02:b2:dd:b7:6a:43:e9:c6:f3:bc:04:ab:45:45:84:32:ef:
ad:cc:b7:bd:78:55:e5:5b:15:ca:aa:30:ae:3b:76:fe:6f:53:
40:bc:72:0f:5d:18:d6:2c:6c:d7:52:bb:32:d5:80:ec:9e:10:
68:66:74:13:2a:d4:95:6c:1e:32:1e:8f:bc:2b:20:b3:c2:54:
c5:e8:67:ec:d3:8b:1f:94:5f:25:5d:10:02:f0:24:d5:70:cd:
d2:ca:de:dc:c9:24:1f:7b:4e:36:e5:7c:18:36:c4:fa:88:ed:
f1:4c:11:cf:e9:c3:10:72:85:7e:ad:6c:48:2e:59:45:61:45:
c0:74:f4:d1:cd:3e:52:3f:77:4e:73:9c:a3:ad:06:5c:c0:92:
12:13:f3:12:d3:a4:aa:af:64:5f:bc:d0:f8:62:a6:e4:12:86:
c6:33:6d:66:09:2c:c5:33:d3:25:f2:9d:01:d0:54:20:7b:9a:
65:5a:15:10:2d:a2:28:0f:df:ac:7f:05:35:e7:f5:94:42:68:
05:2f:6f:66:98:0c:b0:ef:13:36:1d:f4:85:70:93:52:df:3e:
61:fc:a1:d4:fe:e4:0d:a8:8c:a5:09:d3:90:da:54:68:46:f4:
08:0f:74:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqxPNtxaJxZt/og6N7QqMhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTIwMDYxNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmU2MTg4MWIwNmJjMTI0YzA0ZDk0NDdhMmNmYjI4OTZkYzhmMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEUTAZU3Cm7uAFYX64GO4IZQdMsp
C5cqrkHETqflMSM8or/imc6co3h2v0TtVJYlaoVt4QD92iEfdXl82vX0OWEBDHXo
kdOTBMU98ZLfpaGmkEl8oQn6UHy4Y7MtqtTmctBr9Gx1YiIPG+mqk3P895E9vFeo
e9AWbNUBw+jrvCUHr2RKlJL/XViLx/IGC40OPKbaHfvpr3CaFeu2Yq3gS7Y6ZTZD
FkZ4RRGOtmeaTJnmoICMdlIAT1PdDMwIKy/vVE5zWMLO8MaU/3MjMv2xMXow7Ddn
mTV46CofV7QL4JU86P4IyaJmKz9uvcidwjU5zIFKgk3e4vKp+p4J+kyz8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGLmGIGwa8EkwE2UR6LPsoltyPEHMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWXVZWWdiQnJ3U1RBVFpSSG9zLXlpVzNJOFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCURaMAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCGKoVtaRWbMwnL1cY4ApoGlAI6
ArLdt2pD6cbzvASrRUWEMu+tzLe9eFXlWxXKqjCuO3b+b1NAvHIPXRjWLGzXUrsy
1YDsnhBoZnQTKtSVbB4yHo+8KyCzwlTF6Gfs04sflF8lXRAC8CTVcM3Syt7cySQf
e0425XwYNsT6iO3xTBHP6cMQcoV+rWxILllFYUXAdPTRzT5SP3dOc5yjrQZcwJIS
E/MS06Sqr2RfvND4YqbkEobGM21mCSzFM9Ml8p0B0FQge5plWhUQLaIoD9+sfwU1
5/WUQmgFL29mmAyw7xM2HfSFcJNS3z5h/KHU/uQNqIylCdOQ2lRoRvQID3Q2
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:22:13 2025 by rpki-client