Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/ykSZPrZ-OoaUi0Z4OHRURuMtYZY.roa
File: ykSZPrZ-OoaUi0Z4OHRURuMtYZY.roa (raw, json)
Hash identifier: ZCrRfSbJa8ZFH77S+9x3txXs+WJP+yXDdnToIELanWI=
Subject key identifier: CA:44:99:3E:B6:7E:3A:86:94:8B:46:78:38:74:54:46:E3:2D:61:96
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0189AB84640A27AFAB7FBC10691669468CCB
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/ykSZPrZ-OoaUi0Z4OHRURuMtYZY.roa
Signing time: Mon 31 Jul 2023 10:35:27 +0000
ROA not before: Mon 31 Jul 2023 10:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205552
IP address blocks: 185.224.218.0/24 maxlen: 24
194.40.240.0/24 maxlen: 24
194.40.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:84:64:0a:27:af:ab:7f:bc:10:69:16:69:46:8c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jul 31 10:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca44993eb67e3a86948b467838745446e32d6196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:13:b5:4a:bb:f6:83:16:73:c5:93:52:43:9e:
1b:e8:05:47:07:09:b1:01:28:db:91:e9:4d:ab:3b:
5d:5b:0e:55:68:9f:55:6a:90:df:31:03:ee:b6:f1:
1a:54:c1:09:61:f3:95:d9:8f:64:ff:6c:77:c6:68:
5c:0e:a8:87:fe:3e:16:6d:a5:1f:ff:f7:8c:98:01:
59:33:51:67:11:2f:00:ee:21:47:8d:7a:23:61:52:
85:5d:58:41:19:14:78:91:a7:c4:fa:e0:f9:34:60:
c5:6d:65:c5:2e:86:c8:7d:c6:4e:92:38:54:ed:56:
03:17:f3:dd:5d:18:7a:0b:4c:18:93:4b:21:97:81:
41:67:ed:3e:56:13:53:93:d0:b3:a0:a3:4a:d5:69:
7f:74:7d:24:b1:3c:63:23:28:be:23:0c:04:73:a1:
5c:31:d1:18:c0:bb:8d:7d:46:b2:08:0d:a5:12:e4:
49:78:91:e7:bc:2f:3e:de:06:85:17:25:c3:9f:aa:
c5:12:b8:82:7d:a3:a8:04:6a:c2:b7:09:ab:f3:4e:
99:31:7d:f9:e9:5a:a3:4e:64:de:e0:56:de:34:99:
81:99:07:b5:92:76:51:7e:55:29:21:62:fa:43:bb:
94:4c:9e:34:2c:98:6c:07:b3:17:b4:1b:d4:8a:8f:
62:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:44:99:3E:B6:7E:3A:86:94:8B:46:78:38:74:54:46:E3:2D:61:96
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/ykSZPrZ-OoaUi0Z4OHRURuMtYZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.218.0/24
194.40.240.0/23
Signature Algorithm: sha256WithRSAEncryption
64:9c:2f:a8:22:5e:26:65:74:0d:5d:23:e1:fe:78:69:5d:60:
d7:06:ab:8f:58:6d:ad:eb:73:4f:9a:46:24:fc:61:fd:6d:f0:
05:23:3c:03:9b:37:9c:36:28:b3:54:7d:18:05:3f:47:f1:ef:
16:24:78:8b:27:63:0b:85:ed:68:ed:e7:ac:b5:a8:40:a3:4f:
2d:1e:ba:49:b4:6c:62:a5:01:b3:0b:95:d0:3b:bd:68:22:a7:
87:b9:f0:32:f2:12:0e:3d:61:13:88:16:7e:45:3a:45:a3:56:
8f:84:42:65:f4:1f:c4:61:b3:28:69:41:af:41:d2:48:d4:ea:
d6:c9:2e:9e:5e:1d:d2:89:f4:14:f6:1c:95:7c:9f:6f:9a:cc:
46:1a:65:20:42:40:6f:a1:4a:95:14:f2:1c:77:fa:08:81:7a:
05:7a:46:9f:ec:7e:ce:d6:b5:f3:b1:bb:d9:35:c7:9f:9f:84:
18:9a:1a:90:55:fa:c1:bd:01:a0:fc:f7:36:cb:bb:43:58:9b:
38:e1:c5:96:02:25:1a:cb:50:79:a1:41:ac:41:ee:09:ce:0d:
a4:b0:e0:dd:42:3e:b5:44:5a:11:3d:64:83:4f:6b:10:67:91:
ae:7f:2f:6e:14:79:39:d3:93:ea:e4:9d:35:37:f6:79:3c:15:
57:f0:ed:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmrhGQKJ6+rf7wQaRZpRozLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwNzMxMTAzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ0OTkzZWI2N2UzYTg2OTQ4YjQ2NzgzODc0NTQ0NmUzMmQ2MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghO1Srv2gxZzxZNSQ54b6AVHBwmx
ASjbkelNqztdWw5VaJ9VapDfMQPutvEaVMEJYfOV2Y9k/2x3xmhcDqiH/j4WbaUf
//eMmAFZM1FnES8A7iFHjXojYVKFXVhBGRR4kafE+uD5NGDFbWXFLobIfcZOkjhU
7VYDF/PdXRh6C0wYk0shl4FBZ+0+VhNTk9CzoKNK1Wl/dH0ksTxjIyi+IwwEc6Fc
MdEYwLuNfUayCA2lEuRJeJHnvC8+3gaFFyXDn6rFEriCfaOoBGrCtwmr806ZMX35
6VqjTmTe4FbeNJmBmQe1knZRflUpIWL6Q7uUTJ40LJhsB7MXtBvUio9iKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMpEmT62fjqGlItGeDh0VEbjLWGWMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEveWtTWlByWi1Pb2FVaTBaNE9IUlVSdU10WVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueDaAwQB
wijwMA0GCSqGSIb3DQEBCwUAA4IBAQBknC+oIl4mZXQNXSPh/nhpXWDXBquPWG2t
63NPmkYk/GH9bfAFIzwDmzecNiizVH0YBT9H8e8WJHiLJ2MLhe1o7eestahAo08t
HrpJtGxipQGzC5XQO71oIqeHufAy8hIOPWETiBZ+RTpFo1aPhEJl9B/EYbMoaUGv
QdJI1OrWyS6eXh3SifQU9hyVfJ9vmsxGGmUgQkBvoUqVFPIcd/oIgXoFekaf7H7O
1rXzsbvZNcefn4QYmhqQVfrBvQGg/Pc2y7tDWJs44cWWAiUay1B5oUGsQe4Jzg2k
sODdQj61RFoRPWSDT2sQZ5Gufy9uFHk505Pq5J01N/Z5PBVX8O3k
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:08:37 2025 by rpki-client