Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/yT1gcFwWBo4VSbCs7kj5iEh8lXI.roa
File: yT1gcFwWBo4VSbCs7kj5iEh8lXI.roa (raw, json)
Hash identifier: RqEHiHSClpUF5JlVtaBr+pxwrawLynBwA2WofDMnwwo=
Subject key identifier: C9:3D:60:70:5C:16:06:8E:15:49:B0:AC:EE:48:F9:88:48:7C:95:72
Certificate issuer: /CN=d44bc0e83e81f57fb4894041dca76c77d33f02e7
Certificate serial: 01856DC1C6753193B411DE69EDAD00379B7D
Authority key identifier: D4:4B:C0:E8:3E:81:F5:7F:B4:89:40:41:DC:A7:6C:77:D3:3F:02:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/yT1gcFwWBo4VSbCs7kj5iEh8lXI.roa
Signing time: Sun 01 Jan 2023 14:34:53 +0000
ROA not before: Sun 01 Jan 2023 14:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43682
IP address blocks: 78.24.192.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c6:75:31:93:b4:11:de:69:ed:ad:00:37:9b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44bc0e83e81f57fb4894041dca76c77d33f02e7
Validity
Not Before: Jan 1 14:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c93d60705c16068e1549b0acee48f988487c9572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:47:05:57:f1:52:89:88:51:e7:d4:5f:36:a9:
a7:29:f3:42:86:8d:8e:e7:74:22:18:8c:69:21:58:
f6:92:ef:0e:78:3d:01:e6:37:12:71:3d:e8:bd:2b:
0a:fb:b0:29:e8:5b:e8:e7:37:68:bc:35:1b:e4:22:
23:f3:5a:90:a4:a4:5b:36:ce:27:77:b0:fe:4b:fc:
22:11:1e:7a:e3:96:a4:03:e7:a2:88:18:4b:a4:60:
2d:45:5f:3d:d8:56:02:cb:a1:1f:8c:08:e1:76:90:
a4:11:7a:b7:b5:19:d0:0f:ca:49:da:b5:86:0c:6b:
c8:0d:ef:09:3d:7b:2a:c5:b0:14:fa:f5:a4:dc:dc:
06:41:7d:66:64:b4:3b:9b:92:c1:5b:d4:75:2f:de:
b5:ba:90:73:97:61:66:9d:c5:b6:7d:0a:e2:c3:b1:
ef:8c:05:8a:fb:86:2d:f7:2d:b4:e3:14:e3:11:b4:
94:8d:ef:2e:d6:de:8b:67:ab:1a:37:26:51:b4:dc:
a7:9e:c8:8a:48:64:b0:fb:83:56:b4:c7:eb:93:70:
ad:ad:27:e5:90:49:1d:f4:c7:6b:79:ac:64:62:b9:
fc:97:ad:03:fc:a1:8f:6a:3b:16:94:8e:6a:c2:06:
20:17:d3:c2:c6:bc:b2:cb:43:f4:0e:37:fb:ab:08:
79:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3D:60:70:5C:16:06:8E:15:49:B0:AC:EE:48:F9:88:48:7C:95:72
X509v3 Authority Key Identifier:
keyid:D4:4B:C0:E8:3E:81:F5:7F:B4:89:40:41:DC:A7:6C:77:D3:3F:02:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/yT1gcFwWBo4VSbCs7kj5iEh8lXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.192.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:67:be:3b:ad:be:eb:0a:e9:23:6d:5e:90:cf:e8:fd:36:47:
b6:41:ae:c3:02:35:1b:db:32:5d:4a:4f:75:a7:cc:6d:00:c9:
42:02:80:49:18:e7:a9:70:b3:5a:4f:dc:8c:62:ec:fe:8b:53:
bc:1c:04:c0:ee:e9:63:b7:7b:25:5a:c2:05:8f:3f:49:be:08:
b0:f3:6e:ea:9e:c0:bb:fa:e7:53:f2:df:10:e6:74:a3:26:a4:
7a:f7:53:6e:f6:98:b8:23:30:4d:c4:65:d1:44:58:ea:56:53:
89:6f:a2:ad:a1:69:92:72:e8:af:84:c7:ee:05:6b:de:d5:31:
54:31:c9:0c:ab:d0:2a:ac:69:c1:dd:9c:09:6a:a7:24:85:ce:
90:f4:18:7f:66:f6:b3:e3:87:b6:3b:3e:e7:a6:97:08:cf:9a:
4c:c7:2d:a3:78:02:21:af:3d:79:a5:90:2e:33:b9:d7:8b:81:
0c:87:2c:22:e0:b3:cb:e2:ff:3b:29:0d:2c:dc:21:d9:1b:14:
f4:90:9e:1a:f5:8b:bc:0d:d3:fd:cf:5e:66:98:3c:83:a0:01:
af:65:83:8c:17:d9:e7:bc:de:fb:49:1f:8a:2e:49:45:28:a3:
29:11:a6:2d:c1:13:3e:3a:5b:1e:9c:d1:4f:7d:9c:69:c7:d5:
47:e9:5b:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwcZ1MZO0Ed5p7a0AN5t9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NGJjMGU4M2U4MWY1N2ZiNDg5NDA0MWRjYTc2Yzc3ZDMz
ZjAyZTcwHhcNMjMwMTAxMTQzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNkNjA3MDVjMTYwNjhlMTU0OWIwYWNlZTQ4Zjk4ODQ4N2M5NTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkcFV/FSiYhR59RfNqmnKfNCho2O
53QiGIxpIVj2ku8OeD0B5jcScT3ovSsK+7Ap6Fvo5zdovDUb5CIj81qQpKRbNs4n
d7D+S/wiER5645akA+eiiBhLpGAtRV892FYCy6EfjAjhdpCkEXq3tRnQD8pJ2rWG
DGvIDe8JPXsqxbAU+vWk3NwGQX1mZLQ7m5LBW9R1L961upBzl2FmncW2fQriw7Hv
jAWK+4Yt9y204xTjEbSUje8u1t6LZ6saNyZRtNynnsiKSGSw+4NWtMfrk3CtrSfl
kEkd9MdreaxkYrn8l60D/KGPajsWlI5qwgYgF9PCxryyy0P0Djf7qwh5UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMk9YHBcFgaOFUmwrO5I+YhIfJVyMB8GA1UdIwQY
MBaAFNRLwOg+gfV/tIlAQdynbHfTPwLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUV2QTZENkI5WC0waVVCQjNLZHNkOU1fQXVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hMTRlMWUtY2VkNC00MmU5LTgzMzgt
ZjJhZjgwMDFhYzc4LzEveVQxZ2NGd1dCbzRWU2JDczdrajVpRWg4bFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hMTRlMWUtY2VkNC00MmU5LTgzMzgtZjJhZjgwMDFhYzc4
LzEvMUV2QTZENkI5WC0waVVCQjNLZHNkOU1fQXVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDThjAMA0G
CSqGSIb3DQEBCwUAA4IBAQALZ747rb7rCukjbV6Qz+j9Nke2Qa7DAjUb2zJdSk91
p8xtAMlCAoBJGOepcLNaT9yMYuz+i1O8HATA7uljt3slWsIFjz9Jvgiw827qnsC7
+udT8t8Q5nSjJqR691Nu9pi4IzBNxGXRRFjqVlOJb6KtoWmScuivhMfuBWve1TFU
MckMq9AqrGnB3ZwJaqckhc6Q9Bh/Zvaz44e2Oz7nppcIz5pMxy2jeAIhrz15pZAu
M7nXi4EMhywi4LPL4v87KQ0s3CHZGxT0kJ4a9Yu8DdP9z15mmDyDoAGvZYOMF9nn
vN77SR+KLklFKKMpEaYtwRM+OlsenNFPfZxpx9VH6VvN
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:34 2025 by rpki-client