Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/yLxSnnVvP8JVf7rR0kCy7JZpQ1s.roa
File: yLxSnnVvP8JVf7rR0kCy7JZpQ1s.roa (raw, json)
Hash identifier: mtZ0+LktsiB9u4n2P37n3FX/i+fBgpNmHVEeR9UDqAM=
Subject key identifier: C8:BC:52:9E:75:6F:3F:C2:55:7F:BA:D1:D2:40:B2:EC:96:69:43:5B
Certificate issuer: /CN=6f4dbbc069669f2e7e8822f6398f6b36c449345c
Certificate serial: 018572711FF557C76667D78D39CE7C85F7EF
Authority key identifier: 6F:4D:BB:C0:69:66:9F:2E:7E:88:22:F6:39:8F:6B:36:C4:49:34:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b027wGlmny5-iCL2OY9rNsRJNFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/yLxSnnVvP8JVf7rR0kCy7JZpQ1s.roa
Signing time: Mon 02 Jan 2023 12:24:54 +0000
ROA not before: Mon 02 Jan 2023 12:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48390
IP address blocks: 185.20.3.0/24 maxlen: 24
2a0c:d0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:1f:f5:57:c7:66:67:d7:8d:39:ce:7c:85:f7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4dbbc069669f2e7e8822f6398f6b36c449345c
Validity
Not Before: Jan 2 12:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8bc529e756f3fc2557fbad1d240b2ec9669435b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:d7:d9:8b:66:4e:41:4f:87:59:e4:40:ea:
99:c0:a0:5b:eb:03:c0:2f:c4:9c:98:99:a8:40:96:
fc:34:9d:ce:a9:a6:ac:55:3a:9a:6b:38:cd:bf:3a:
b4:8b:f5:8e:74:9c:f7:6a:78:f4:29:f5:db:54:b6:
71:38:9d:ba:53:b5:4c:aa:8e:6c:3b:01:3b:b8:58:
c3:3b:54:51:0f:3c:22:73:22:2d:e0:e5:66:0d:00:
01:c7:df:05:ce:e1:d6:75:f4:40:48:62:84:89:ea:
6c:91:05:dd:e1:e7:ef:a8:0f:1d:ac:76:c6:93:c4:
6f:f4:09:0a:06:44:80:4d:75:6c:40:35:9b:c1:55:
7c:fb:f1:c2:e7:47:d2:7c:82:38:79:d0:e7:37:5f:
a8:84:14:a3:f0:78:18:6b:83:2e:8e:7c:6e:30:7e:
e2:8c:b6:98:ec:1f:7d:53:b6:b2:95:84:49:bc:d2:
41:2e:bf:19:0b:c5:25:e4:58:4b:8f:72:a0:af:d7:
67:ff:1d:29:3b:3c:04:16:ee:28:31:a2:29:d9:4e:
5d:00:a7:62:05:bc:b9:b6:77:ca:cf:d0:92:7a:b5:
1a:5b:a6:a3:f2:39:d2:d1:b7:68:75:1c:89:92:e9:
19:5e:46:f4:1f:cf:d0:98:02:56:78:ba:0b:09:4e:
7e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BC:52:9E:75:6F:3F:C2:55:7F:BA:D1:D2:40:B2:EC:96:69:43:5B
X509v3 Authority Key Identifier:
keyid:6F:4D:BB:C0:69:66:9F:2E:7E:88:22:F6:39:8F:6B:36:C4:49:34:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b027wGlmny5-iCL2OY9rNsRJNFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/yLxSnnVvP8JVf7rR0kCy7JZpQ1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/b027wGlmny5-iCL2OY9rNsRJNFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.3.0/24
IPv6:
2a0c:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:18:47:04:02:4b:8b:07:da:46:ee:b1:11:d4:bb:62:4f:40:
fa:c2:f8:27:8b:68:e7:cb:ec:d2:74:50:68:81:61:10:c1:b0:
8c:01:51:06:a1:5e:09:c1:b1:e7:4f:13:2b:13:04:b8:f1:e7:
37:3d:8d:67:92:18:b3:1c:87:30:b2:dd:3a:39:a5:2a:23:17:
7e:58:3f:fb:ba:94:af:5b:58:b7:94:90:bd:44:9a:10:d5:ea:
ff:4e:78:f7:a6:7b:6c:eb:ee:fe:2b:66:09:9b:9f:90:45:11:
93:59:4c:cc:39:4a:c6:be:ad:b2:07:ce:3d:0b:ec:f1:29:17:
72:54:44:78:c0:ae:1b:0d:f1:48:76:ae:6f:5f:7f:86:c9:62:
89:3f:e9:ee:7e:72:f8:30:08:5b:e6:e8:14:19:45:6e:06:fb:
10:19:25:c5:ab:1b:34:3b:50:1c:ca:31:2f:88:0f:23:91:a8:
6f:ce:06:df:e0:20:3d:fa:36:08:e8:43:6f:74:bb:d2:fb:43:
c6:4b:84:a6:de:fb:64:d3:71:a1:c3:2a:7f:4c:67:d6:e7:27:
a6:53:30:9e:8b:78:eb:c8:e6:f3:e0:70:38:39:8d:38:a5:e6:
c3:ce:4c:40:b6:c6:fa:b9:1a:35:0b:2e:16:71:51:04:1d:b3:
01:f8:50:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVycR/1V8dmZ9eNOc58hffvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNGRiYmMwNjk2NjlmMmU3ZTg4MjJmNjM5OGY2YjM2YzQ0
OTM0NWMwHhcNMjMwMTAyMTIyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJjNTI5ZTc1NmYzZmMyNTU3ZmJhZDFkMjQwYjJlYzk2Njk0MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ3X2YtmTkFPh1nkQOqZwKBb6wPA
L8ScmJmoQJb8NJ3OqaasVTqaazjNvzq0i/WOdJz3anj0KfXbVLZxOJ26U7VMqo5s
OwE7uFjDO1RRDzwicyIt4OVmDQABx98FzuHWdfRASGKEiepskQXd4efvqA8drHbG
k8Rv9AkKBkSATXVsQDWbwVV8+/HC50fSfII4edDnN1+ohBSj8HgYa4MujnxuMH7i
jLaY7B99U7aylYRJvNJBLr8ZC8Ul5FhLj3Kgr9dn/x0pOzwEFu4oMaIp2U5dAKdi
Bby5tnfKz9CSerUaW6aj8jnS0bdodRyJkukZXkb0H8/QmAJWeLoLCU5+KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMi8Up51bz/CVX+60dJAsuyWaUNbMB8GA1UdIwQY
MBaAFG9Nu8BpZp8ufogi9jmPazbESTRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjAyN3dHbG1ueTUtaUNMMk9ZOXJOc1JKTkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNzM0MzYtMjI1MS00OWI0LWIzNTct
OTg0Yzk1N2EzNTNlLzEveUx4U25uVnZQOEpWZjdyUjBrQ3k3SlpwUTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNzM0MzYtMjI1MS00OWI0LWIzNTctOTg0Yzk1N2EzNTNl
LzEvYjAyN3dHbG1ueTUtaUNMMk9ZOXJOc1JKTkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRQDMA0E
AgACMAcDBQMqDNDAMA0GCSqGSIb3DQEBCwUAA4IBAQCEGEcEAkuLB9pG7rER1Lti
T0D6wvgni2jny+zSdFBogWEQwbCMAVEGoV4JwbHnTxMrEwS48ec3PY1nkhizHIcw
st06OaUqIxd+WD/7upSvW1i3lJC9RJoQ1er/Tnj3pnts6+7+K2YJm5+QRRGTWUzM
OUrGvq2yB849C+zxKRdyVER4wK4bDfFIdq5vX3+GyWKJP+nufnL4MAhb5ugUGUVu
BvsQGSXFqxs0O1AcyjEviA8jkahvzgbf4CA9+jYI6ENvdLvS+0PGS4Sm3vtk03Gh
wyp/TGfW5yemUzCei3jryObz4HA4OY04pebDzkxAtsb6uRo1Cy4WcVEEHbMB+FAr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:55 2025 by rpki-client