Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlxB7tbSwgPUpXxJKbzqr93ymtA.roa
File: YlxB7tbSwgPUpXxJKbzqr93ymtA.roa (raw, json)
Hash identifier: yX3lX38xH4iB90UouU/GZiyoWvLJpxPHaRSY7b2U2Pc=
Subject key identifier: 62:5C:41:EE:D6:D2:C2:03:D4:A5:7C:49:29:BC:EA:AF:DD:F2:9A:D0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187524F81B358000AD0F931E1000CC35221
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlxB7tbSwgPUpXxJKbzqr93ymtA.roa
Signing time: Wed 05 Apr 2023 16:45:54 +0000
ROA not before: Wed 05 Apr 2023 16:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:4f:81:b3:58:00:0a:d0:f9:31:e1:00:0c:c3:52:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=625c41eed6d2c203d4a57c4929bceaafddf29ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:64:4a:41:59:43:48:2f:0b:fd:f2:45:72:45:
92:9a:77:c1:c0:3c:84:b5:41:a5:58:44:a8:e2:9a:
91:fc:54:59:fa:ef:9e:f6:4a:71:03:ef:d8:b0:fc:
dd:75:fc:30:17:9e:b3:27:29:2c:9f:7f:2b:f8:8f:
21:db:75:58:c8:c3:c2:4d:ea:6b:58:45:2e:83:d9:
de:d2:d0:69:ee:f2:fe:be:01:ef:36:f6:8f:79:5c:
25:94:63:b9:50:09:7f:85:28:84:d5:0c:c4:b4:f9:
c8:81:38:4f:3b:74:52:28:da:db:43:6e:4a:51:85:
0d:3a:4b:a2:e3:17:06:81:00:d2:2b:76:3e:fd:4c:
0b:2f:96:5e:c1:8e:e9:ac:e7:30:23:04:c6:5e:87:
b4:0c:0d:76:10:73:47:41:6f:71:d8:3d:de:cc:56:
a5:a7:db:0d:98:e9:ff:c1:4c:0e:c5:90:b3:e2:50:
60:5f:1f:9b:f8:e5:c2:db:c2:49:98:ba:fa:85:0e:
ad:38:34:7d:34:2c:16:cf:89:3c:da:ab:e7:26:96:
fb:9b:7b:81:c2:62:48:9d:c2:c6:6f:2b:06:0a:32:
78:07:55:84:af:c8:78:74:4e:ec:73:86:eb:5f:c3:
39:16:17:05:22:b2:14:8f:bc:51:35:d1:28:fc:83:
ed:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5C:41:EE:D6:D2:C2:03:D4:A5:7C:49:29:BC:EA:AF:DD:F2:9A:D0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlxB7tbSwgPUpXxJKbzqr93ymtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.71.0/24
194.87.218.0/24
Signature Algorithm: sha256WithRSAEncryption
94:76:6f:96:95:76:b8:82:9a:82:fb:f4:fa:84:2c:b6:e3:b9:
80:73:83:43:35:19:ec:54:7e:ca:70:12:1b:8c:b3:c2:bd:02:
63:cd:44:3b:05:95:dc:47:71:b9:15:e1:14:78:dd:8c:c7:56:
c9:1b:70:49:60:c6:e5:4e:33:50:40:99:e3:99:2d:9b:9e:bc:
21:91:9c:17:4c:ad:85:c1:fd:ee:ef:84:13:ef:b4:4a:a9:4e:
bc:2b:5a:5a:4b:e3:b5:18:98:d6:d8:27:67:ac:45:7e:03:ed:
e8:58:ff:43:40:13:11:7b:1f:60:00:b1:b3:42:3c:a8:80:90:
fb:a7:b9:e2:02:55:5f:50:d4:94:bc:4b:06:a1:15:5a:67:cf:
41:2d:ad:0f:1f:58:8a:88:d7:f7:89:14:a8:94:00:34:ac:bc:
9e:f6:9d:bd:f5:77:b5:07:8d:d6:2f:c6:a0:fe:c3:0e:4b:27:
cd:2c:7f:3d:11:fb:f1:48:97:00:47:3d:06:97:3f:b8:56:6d:
82:aa:fb:4f:14:af:ca:5f:d7:7f:91:0b:4d:6c:a6:4a:e7:ec:
25:5c:de:81:7f:3f:e2:cd:e8:9f:9e:79:77:59:6c:5d:41:0e:
68:61:82:96:75:b5:96:f9:5d:40:ff:1e:14:02:4c:cc:35:81:
11:97:18:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdST4GzWAAK0Pkx4QAMw1IhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTY0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjVjNDFlZWQ2ZDJjMjAzZDRhNTdjNDkyOWJjZWFhZmRkZjI5YWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGRKQVlDSC8L/fJFckWSmnfBwDyE
tUGlWESo4pqR/FRZ+u+e9kpxA+/YsPzddfwwF56zJyksn38r+I8h23VYyMPCTepr
WEUug9ne0tBp7vL+vgHvNvaPeVwllGO5UAl/hSiE1QzEtPnIgThPO3RSKNrbQ25K
UYUNOkui4xcGgQDSK3Y+/UwLL5ZewY7prOcwIwTGXoe0DA12EHNHQW9x2D3ezFal
p9sNmOn/wUwOxZCz4lBgXx+b+OXC28JJmLr6hQ6tODR9NCwWz4k82qvnJpb7m3uB
wmJIncLGbysGCjJ4B1WEr8h4dE7sc4brX8M5FhcFIrIUj7xRNdEo/IPtkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGJcQe7W0sID1KV8SSm86q/d8prQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWWx4Qjd0YlN3Z1BVcFh4SktienFyOTN5bXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldHAwQA
wlfaMA0GCSqGSIb3DQEBCwUAA4IBAQCUdm+WlXa4gpqC+/T6hCy247mAc4NDNRns
VH7KcBIbjLPCvQJjzUQ7BZXcR3G5FeEUeN2Mx1bJG3BJYMblTjNQQJnjmS2bnrwh
kZwXTK2Fwf3u74QT77RKqU68K1paS+O1GJjW2CdnrEV+A+3oWP9DQBMRex9gALGz
QjyogJD7p7niAlVfUNSUvEsGoRVaZ89BLa0PH1iKiNf3iRSolAA0rLye9p299Xe1
B43WL8ag/sMOSyfNLH89EfvxSJcARz0Glz+4Vm2CqvtPFK/KX9d/kQtNbKZK5+wl
XN6Bfz/izeifnnl3WWxdQQ5oYYKWdbWW+V1A/x4UAkzMNYERlxj9
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:15:48 2025 by rpki-client