Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/YdJSloK_b9IeO03gZIBwf3EoD64.roa
File: YdJSloK_b9IeO03gZIBwf3EoD64.roa (raw, json)
Hash identifier: Zv+owZHfmDmPlWc3ZF9hIUiwKN5pg+Pk320Fa8j26Zg=
Subject key identifier: 61:D2:52:96:82:BF:6F:D2:1E:3B:4D:E0:64:80:70:7F:71:28:0F:AE
Certificate issuer: /CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Certificate serial: 06957D96
Authority key identifier: 09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/YdJSloK_b9IeO03gZIBwf3EoD64.roa
Signing time: Sat 01 Jan 2022 08:58:17 +0000
ROA not before: Sat 01 Jan 2022 08:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49865
IP address blocks: 194.24.0.0/21 maxlen: 21
194.24.1.0/24 maxlen: 24
194.24.4.0/22 maxlen: 22
2a0a:5080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110460310 (0x6957d96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Validity
Not Before: Jan 1 08:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61d2529682bf6fd21e3b4de06480707f71280fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1c:3c:c9:92:dd:f4:7f:a3:c3:85:46:e1:01:
32:92:dc:46:c2:e9:5e:8f:49:5e:57:52:6e:0a:af:
b2:67:e7:db:02:ab:5c:78:88:a9:fe:29:8d:e9:9c:
64:04:b6:cb:ed:7d:a5:5c:c2:ab:1b:50:86:11:9b:
ce:f2:20:4e:95:2d:65:6d:9c:26:d3:71:6f:9d:c1:
0f:53:3c:97:db:21:93:88:fe:0d:c1:2d:d8:69:fa:
c7:a0:1a:5b:77:14:88:78:41:ae:7c:24:58:8f:44:
d7:47:8c:b1:82:c3:eb:d0:48:3b:22:8d:74:41:14:
d0:9d:38:10:37:f4:47:1e:0c:6b:26:9e:f9:e2:0e:
b7:90:2c:fb:23:f7:c8:14:46:cc:cb:8c:49:63:98:
69:a0:b8:4b:da:8c:52:13:6f:d0:9d:e0:1e:5c:c9:
b6:e2:5b:c5:72:da:d9:bf:40:66:40:8e:86:09:4e:
2e:98:b4:ef:5b:48:f7:21:7c:29:86:0c:9a:99:67:
89:2f:f6:6e:7e:2b:3e:11:b7:18:d1:bb:7c:c1:fd:
c0:a4:88:79:c1:a1:a4:10:b5:b7:8f:d8:93:35:02:
f5:8e:0a:cc:a8:de:7c:da:99:59:7f:45:5b:72:34:
0f:98:cb:bd:b3:62:13:93:5d:53:38:ae:86:e1:cc:
78:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D2:52:96:82:BF:6F:D2:1E:3B:4D:E0:64:80:70:7F:71:28:0F:AE
X509v3 Authority Key Identifier:
keyid:09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/YdJSloK_b9IeO03gZIBwf3EoD64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.0.0/21
IPv6:
2a0a:5080::/29
Signature Algorithm: sha256WithRSAEncryption
62:09:9b:05:be:ec:61:4a:6c:ac:1d:bd:4c:91:bf:f7:4a:61:
0c:da:49:26:2f:df:4c:9f:ad:63:4c:07:4f:fb:0f:95:33:32:
23:3a:5e:02:f0:f0:48:7e:88:55:27:8d:10:46:55:f4:0f:6d:
05:cb:7e:b2:03:8f:97:b3:38:06:3f:29:2e:bb:fa:5b:53:23:
0a:4a:ac:de:79:c2:79:cf:ea:ca:4d:58:92:d8:14:ba:01:54:
d5:b3:8f:d5:9d:50:e5:9b:34:37:1b:ed:22:c4:96:6e:c6:da:
9c:03:1f:47:f0:64:26:57:83:25:81:80:29:44:ca:96:a0:49:
93:11:78:ed:61:ae:f4:cc:a3:63:a8:60:85:28:a6:60:35:e3:
a2:f1:a1:21:a9:e2:57:8a:e9:e4:3b:de:01:4a:86:b4:66:5a:
23:19:dc:e6:fc:01:6b:bb:4f:88:00:38:9c:fd:4a:9a:ee:5e:
20:f7:a6:51:79:31:fd:d4:9f:29:6b:d4:64:06:d6:35:2a:ed:
1b:06:d6:85:79:96:87:dc:fa:49:ac:fd:a4:04:2e:91:ea:bc:
3d:39:d7:ef:92:71:a7:be:9a:92:40:9f:a8:b2:03:f7:4f:dd:
9d:53:2d:84:ea:3e:74:e2:d2:e5:d2:8f:06:6d:23:ce:90:a4:
36:d4:54:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBpV9ljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWM1MGVmZTEzYWFkZjU0MjNiMDRmMGRkY2E4YjMyODgzOTU4MjNlMB4XDTIyMDEw
MTA4NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFkMjUyOTY4MmJm
NmZkMjFlM2I0ZGUwNjQ4MDcwN2Y3MTI4MGZhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkcPMmS3fR/o8OFRuEBMpLcRsLpXo9JXldSbgqvsmfn2wKr
XHiIqf4pjemcZAS2y+19pVzCqxtQhhGbzvIgTpUtZW2cJtNxb53BD1M8l9shk4j+
DcEt2Gn6x6AaW3cUiHhBrnwkWI9E10eMsYLD69BIOyKNdEEU0J04EDf0Rx4Mayae
+eIOt5As+yP3yBRGzMuMSWOYaaC4S9qMUhNv0J3gHlzJtuJbxXLa2b9AZkCOhglO
Lpi071tI9yF8KYYMmplniS/2bn4rPhG3GNG7fMH9wKSIecGhpBC1t4/YkzUC9Y4K
zKjefNqZWX9FW3I0D5jLvbNiE5NdUziuhuHMeKUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRh0lKWgr9v0h47TeBkgHB/cSgPrjAfBgNVHSMEGDAWgBQJxQ7+E6rfVCOw
Tw3cqLMog5WCPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NjVU9faE9xMzFRanNFOE4zS2l6S0lPVmdqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvODVhMjA4LTFhYjYtNDZmNy1iMWE1LWEyNmQyNWJjNzY1NC8x
L1lkSlNsb0tfYjlJZU8wM2daSUJ3ZjNFb0Q2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
ODVhMjA4LTFhYjYtNDZmNy1iMWE1LWEyNmQyNWJjNzY1NC8xL0NjVU9faE9xMzFR
anNFOE4zS2l6S0lPVmdqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA8IYADANBAIAAjAHAwUDKgpQgDAN
BgkqhkiG9w0BAQsFAAOCAQEAYgmbBb7sYUpsrB29TJG/90phDNpJJi/fTJ+tY0wH
T/sPlTMyIzpeAvDwSH6IVSeNEEZV9A9tBct+sgOPl7M4Bj8pLrv6W1MjCkqs3nnC
ec/qyk1YktgUugFU1bOP1Z1Q5Zs0NxvtIsSWbsbanAMfR/BkJleDJYGAKUTKlqBJ
kxF47WGu9MyjY6hghSimYDXjovGhIaniV4rp5DveAUqGtGZaIxnc5vwBa7tPiAA4
nP1Kmu5eIPemUXkx/dSfKWvUZAbWNSrtGwbWhXmWh9z6Saz9pAQukeq8PTnX75Jx
p76akkCfqLID90/dnVMthOo+dOLS5dKPBm0jzpCkNtRUwg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:40 2025 by rpki-client