Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/lYtD_JJlyaIZd3sPZ5uBVthqLo8.roa
File: lYtD_JJlyaIZd3sPZ5uBVthqLo8.roa (raw, json)
Hash identifier: mtObtTtjfl+8RkrQOB5YvRAm8AWH0rhY4RseFgvQFVY=
Subject key identifier: 95:8B:43:FC:92:65:C9:A2:19:77:7B:0F:67:9B:81:56:D8:6A:2E:8F
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018C1BA70C5F3D80DF39182ADCE5884AAF36
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/lYtD_JJlyaIZd3sPZ5uBVthqLo8.roa
Signing time: Wed 29 Nov 2023 15:16:21 +0000
ROA not before: Wed 29 Nov 2023 15:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201642
IP address blocks: 185.249.103.0/24 maxlen: 24
185.249.100.0/23 maxlen: 23
185.249.100.0/24 maxlen: 24
185.249.101.0/24 maxlen: 24
185.249.102.0/24 maxlen: 24
2a14:3200::/32 maxlen: 32
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:a7:0c:5f:3d:80:df:39:18:2a:dc:e5:88:4a:af:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Nov 29 15:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=958b43fc9265c9a219777b0f679b8156d86a2e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:85:4e:75:38:67:52:f7:4d:d3:b6:70:d9:49:
43:e1:c0:f7:f6:70:08:74:17:34:40:50:38:af:42:
88:9b:8a:6d:af:e8:b2:1a:3d:93:54:cd:18:08:cd:
d7:b7:bc:99:30:be:b3:16:b3:e9:65:27:d3:2a:30:
3c:8e:33:84:9b:34:a5:f8:d4:c4:05:fa:71:ca:d8:
5a:f2:6d:74:19:d7:cf:20:30:17:a1:ad:de:8e:f3:
ef:61:47:3a:17:74:a0:b3:af:99:cc:b9:6f:43:a5:
08:dd:b5:bd:ad:16:b6:a4:d3:08:bf:97:b5:38:4a:
42:95:fd:6e:c1:5e:10:5d:c0:89:f6:e3:3f:e3:fe:
6b:05:d4:1b:60:7b:29:3f:af:92:eb:68:0a:fd:8d:
9f:b6:c8:7b:47:32:c6:43:14:ca:56:d2:11:e8:6f:
26:dc:e9:0e:c7:86:c2:33:0a:a0:8d:4a:f9:bb:6b:
f9:0c:b9:8e:a8:0b:db:2f:86:75:b8:88:2f:bd:3f:
8a:29:1d:f0:d0:3c:86:f7:0c:ae:b0:93:52:87:13:
90:36:2d:9e:16:a0:c9:ce:3f:3b:31:41:43:42:1c:
0a:ca:9c:d4:18:27:5f:8a:bd:78:df:02:0e:10:27:
05:f4:2d:84:09:76:9c:bf:41:4a:cd:1c:9b:db:0f:
9f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8B:43:FC:92:65:C9:A2:19:77:7B:0F:67:9B:81:56:D8:6A:2E:8F
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/lYtD_JJlyaIZd3sPZ5uBVthqLo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.100.0/22
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
36:d1:75:ff:11:29:2d:f6:73:5a:2e:a4:74:b4:9d:6a:7e:63:
15:e9:ff:55:79:0a:6a:e3:93:ae:83:5f:fd:02:0f:41:dd:8a:
d1:b1:f3:6d:07:38:ac:71:23:83:c7:87:2c:c0:89:81:8f:66:
eb:ce:93:ff:1e:6c:54:17:41:72:a1:11:79:ff:e5:94:9c:3f:
60:72:5d:0d:87:23:f9:82:6e:8d:4b:a3:10:27:3b:3f:1e:21:
07:0b:35:b1:3b:df:1a:98:93:08:88:5f:e6:37:a7:60:6a:53:
2f:72:48:b4:0c:e1:47:4b:5e:f3:e1:21:ec:10:6b:16:b1:97:
fb:a2:b8:f6:00:fb:8b:8f:7b:a0:6b:55:6b:ce:9c:2f:e9:43:
77:ff:d5:4b:b0:e7:bc:9f:20:f6:92:14:d3:ee:a8:6c:d2:29:
59:2a:d2:be:4c:bc:cf:c6:e9:57:18:a8:17:7a:49:47:cd:ce:
ea:86:5d:1d:5f:11:65:f5:7e:59:24:43:f8:94:58:5b:01:96:
0b:e6:37:26:d5:d9:10:36:a1:fc:c4:8a:0b:67:25:e9:54:11:
ec:bf:be:d7:46:59:39:b9:9e:68:d8:8c:2f:df:c5:99:ff:ca:
87:57:db:6b:a5:d7:53:a4:fc:bd:8e:22:08:54:12:f1:61:9f:
80:3f:27:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwbpwxfPYDfORgq3OWISq82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjMxMTI5MTUxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThiNDNmYzkyNjVjOWEyMTk3NzdiMGY2NzliODE1NmQ4NmEyZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IVOdThnUvdN07Zw2UlD4cD39nAI
dBc0QFA4r0KIm4ptr+iyGj2TVM0YCM3Xt7yZML6zFrPpZSfTKjA8jjOEmzSl+NTE
Bfpxytha8m10GdfPIDAXoa3ejvPvYUc6F3Sgs6+ZzLlvQ6UI3bW9rRa2pNMIv5e1
OEpClf1uwV4QXcCJ9uM/4/5rBdQbYHspP6+S62gK/Y2ftsh7RzLGQxTKVtIR6G8m
3OkOx4bCMwqgjUr5u2v5DLmOqAvbL4Z1uIgvvT+KKR3w0DyG9wyusJNShxOQNi2e
FqDJzj87MUFDQhwKypzUGCdfir143wIOECcF9C2ECXacv0FKzRyb2w+faQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJWLQ/ySZcmiGXd7D2ebgVbYai6PMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvbFl0RF9KSmx5YUlaZDNzUFo1dUJWdGhxTG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuflkMA0E
AgACMAcDBQAqFDIAMA0GCSqGSIb3DQEBCwUAA4IBAQA20XX/ESkt9nNaLqR0tJ1q
fmMV6f9VeQpq45Oug1/9Ag9B3YrRsfNtBziscSODx4cswImBj2brzpP/HmxUF0Fy
oRF5/+WUnD9gcl0NhyP5gm6NS6MQJzs/HiEHCzWxO98amJMIiF/mN6dgalMvcki0
DOFHS17z4SHsEGsWsZf7orj2APuLj3uga1Vrzpwv6UN3/9VLsOe8nyD2khTT7qhs
0ilZKtK+TLzPxulXGKgXeklHzc7qhl0dXxFl9X5ZJEP4lFhbAZYL5jcm1dkQNqH8
xIoLZyXpVBHsv77XRlk5uZ5o2Iwv38WZ/8qHV9trpddTpPy9jiIIVBLxYZ+APyfH
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:32 2025 by rpki-client