Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/yJ9qQ3c4w2vzIaFhJSw2BT__ukY.roa
File: yJ9qQ3c4w2vzIaFhJSw2BT__ukY.roa (raw, json)
Hash identifier: Yb/YhW9cS8VEW8SPr+fC5iISrUCtZJEig8jDNgI5q7c=
Subject key identifier: C8:9F:6A:43:77:38:C3:6B:F3:21:A1:61:25:2C:36:05:3F:FF:BA:46
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 029C016A
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/yJ9qQ3c4w2vzIaFhJSw2BT__ukY.roa
Signing time: Sat 01 Jan 2022 14:08:42 +0000
ROA not before: Sat 01 Jan 2022 14:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59930
IP address blocks: 91.108.12.0/22 maxlen: 22
149.154.172.0/22 maxlen: 22
2001:b28:f23d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43778410 (0x29c016a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 14:08:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c89f6a437738c36bf321a161252c36053fffba46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8d:33:37:15:90:0d:a8:f6:ab:e7:71:bb:52:
4b:e0:11:ee:2f:89:98:20:e9:18:9e:95:af:c8:72:
cd:b9:e2:ef:18:2d:0a:15:1f:3d:13:0b:8e:50:55:
3d:30:2c:ff:17:cc:ca:94:2d:f1:32:c8:7f:1a:07:
9d:99:5c:2f:01:3c:b2:ac:df:29:88:2a:8d:81:da:
45:72:1d:3b:44:60:b3:f0:e4:ed:5a:39:ea:4d:23:
55:b7:cc:27:dc:4e:fd:c9:80:30:c4:2a:ab:86:53:
ff:18:59:83:ec:51:89:72:8a:d0:74:28:b0:1f:51:
63:ca:f1:cb:85:fb:84:93:47:e2:30:ab:f2:08:57:
4c:b7:91:f4:b3:87:27:37:bc:80:9c:90:36:80:5a:
53:ca:60:e8:4f:dc:48:95:32:eb:a0:e2:d1:96:23:
4f:83:48:64:e5:e3:6d:0d:8e:ea:c9:7b:52:7e:c5:
ec:e7:64:e4:1d:2e:4b:86:73:2b:60:c7:e4:73:09:
b0:80:33:b9:23:ad:27:df:21:87:68:9d:c1:f3:57:
b2:86:ee:a8:03:22:b7:bf:33:b8:20:ff:4d:f1:4d:
0f:bd:d0:ec:da:a5:62:cb:eb:f6:d0:a1:bb:6c:75:
e9:5c:d0:68:99:56:82:31:ed:3f:28:b8:74:3a:99:
5b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9F:6A:43:77:38:C3:6B:F3:21:A1:61:25:2C:36:05:3F:FF:BA:46
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/yJ9qQ3c4w2vzIaFhJSw2BT__ukY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.12.0/22
149.154.172.0/22
IPv6:
2001:b28:f23d::/48
Signature Algorithm: sha256WithRSAEncryption
89:f5:4e:26:93:d3:b7:f2:f5:b0:e1:1c:58:30:13:12:53:ba:
94:60:b1:aa:73:ad:1b:ae:17:d5:95:ba:0f:e6:39:71:79:d9:
05:53:8c:10:66:98:11:34:74:23:c3:d6:8a:0e:04:9d:78:66:
0f:3c:24:70:2b:f2:63:b3:c3:20:50:3d:be:91:16:bb:32:91:
8c:4c:17:e6:1b:32:84:12:4c:0f:65:83:99:b8:a9:1f:0c:39:
a2:c5:95:4a:3f:3c:3a:1e:6f:89:6d:35:e4:0f:e6:81:ec:62:
da:93:5e:32:30:dd:00:35:90:e2:c3:80:4d:df:94:9b:6b:b4:
96:30:25:51:3f:8b:86:0b:46:ea:54:41:ff:cd:ba:04:6a:64:
ac:dd:a7:24:e8:e3:93:c8:ff:64:10:b5:28:2b:e4:c6:1e:62:
c7:89:63:de:18:6f:8f:83:95:69:d9:1f:d7:ad:11:84:5d:07:
c0:76:9d:79:38:68:dd:c6:9a:09:bd:1f:bf:6b:46:75:1b:be:
53:d5:97:0c:72:c5:26:26:50:18:de:c9:97:ac:fa:d2:df:93:
f5:58:ea:9b:3a:87:e5:be:83:fa:c1:21:6d:f2:2d:c4:fe:7f:
59:b9:9c:b7:47:71:00:45:f1:f2:53:25:07:34:87:b8:bd:95:
af:8b:af:e9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEApwBajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjI4ZTdlMDFmYWRhNDljMWE1MmZhMTNmMzYyNmM0MWI0MWE1MWI4MB4XDTIyMDEw
MTE0MDg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg5ZjZhNDM3NzM4
YzM2YmYzMjFhMTYxMjUyYzM2MDUzZmZmYmE0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeNMzcVkA2o9qvncbtSS+AR7i+JmCDpGJ6Vr8hyzbni7xgt
ChUfPRMLjlBVPTAs/xfMypQt8TLIfxoHnZlcLwE8sqzfKYgqjYHaRXIdO0Rgs/Dk
7Vo56k0jVbfMJ9xO/cmAMMQqq4ZT/xhZg+xRiXKK0HQosB9RY8rxy4X7hJNH4jCr
8ghXTLeR9LOHJze8gJyQNoBaU8pg6E/cSJUy66Di0ZYjT4NIZOXjbQ2O6sl7Un7F
7Odk5B0uS4ZzK2DH5HMJsIAzuSOtJ98hh2idwfNXsobuqAMit78zuCD/TfFND73Q
7NqlYsvr9tChu2x16VzQaJlWgjHtPyi4dDqZWw8CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTIn2pDdzjDa/MhoWElLDYFP/+6RjAfBgNVHSMEGDAWgBRiKOfgH62knBpS
+hPzYmxBtBpRuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lpam40Qi10cEp3YVV2b1Q4MkpzUWJRYVViZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvYmFhZmYzLWFlYjQtNDYxNi04ZmI1LTc2NzQxNjUyNTEwZC8x
L3lKOXFRM2M0dzJ2eklhRmhKU3cyQlRfX3VrWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
YmFhZmYzLWFlYjQtNDYxNi04ZmI1LTc2NzQxNjUyNTEwZC8xL1lpam40Qi10cEp3
YVV2b1Q4MkpzUWJRYVViZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAltsDAMEApWarDAPBAIAAjAJAwcA
IAELKPI9MA0GCSqGSIb3DQEBCwUAA4IBAQCJ9U4mk9O38vWw4RxYMBMSU7qUYLGq
c60brhfVlboP5jlxedkFU4wQZpgRNHQjw9aKDgSdeGYPPCRwK/Jjs8MgUD2+kRa7
MpGMTBfmGzKEEkwPZYOZuKkfDDmixZVKPzw6Hm+JbTXkD+aB7GLak14yMN0ANZDi
w4BN35Sba7SWMCVRP4uGC0bqVEH/zboEamSs3ack6OOTyP9kELUoK+TGHmLHiWPe
GG+Pg5Vp2R/XrRGEXQfAdp15OGjdxpoJvR+/a0Z1G75T1ZcMcsUmJlAY3smXrPrS
35P1WOqbOoflvoP6wSFt8i3E/n9ZuZy3R3EARfHyUyUHNIe4vZWvi6/p
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:22:10 2025 by rpki-client