Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/228efe-ff30-4328-a915-0f3b6f96990b/1/ynHmLBEbuQDrH7k4W0_Cjj0IjHg.roa
File: ynHmLBEbuQDrH7k4W0_Cjj0IjHg.roa (raw, json)
Hash identifier: tP73Ziz/yDHw+mylh+uafAGcaWUK1oXfABKxB8vvxo8=
Subject key identifier: CA:71:E6:2C:11:1B:B9:00:EB:1F:B9:38:5B:4F:C2:8E:3D:08:8C:78
Certificate issuer: /CN=e8159b68ce41368a99fe1079ec54c36c9bb1bf94
Certificate serial: 0185718C2A44CC9C151A0DC5456087442026
Authority key identifier: E8:15:9B:68:CE:41:36:8A:99:FE:10:79:EC:54:C3:6C:9B:B1:BF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6BWbaM5BNoqZ_hB57FTDbJuxv5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/228efe-ff30-4328-a915-0f3b6f96990b/1/ynHmLBEbuQDrH7k4W0_Cjj0IjHg.roa
Signing time: Mon 02 Jan 2023 08:14:49 +0000
ROA not before: Mon 02 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204366
IP address blocks: 185.250.64.0/22 maxlen: 22
185.250.64.0/24 maxlen: 24
185.250.65.0/24 maxlen: 24
185.250.67.0/24 maxlen: 24
185.250.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2a:44:cc:9c:15:1a:0d:c5:45:60:87:44:20:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8159b68ce41368a99fe1079ec54c36c9bb1bf94
Validity
Not Before: Jan 2 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca71e62c111bb900eb1fb9385b4fc28e3d088c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2e:c0:28:9a:8e:81:76:a0:ba:f1:8b:4d:ba:
3a:b5:fb:f8:23:72:25:64:53:82:c5:6b:e4:15:f4:
a8:ce:d8:82:3f:ea:c5:ad:49:cd:a0:d1:bf:58:c0:
57:45:13:09:a6:aa:58:5d:ae:be:b6:5a:78:45:1b:
c2:da:42:fe:97:33:58:7a:8a:79:49:98:0d:ab:62:
ed:c2:c3:ad:2e:ec:3f:ae:e9:3f:cf:13:6c:f1:11:
44:87:80:bd:98:ff:a5:18:8d:cd:f9:fc:a0:14:d3:
8b:80:df:60:f7:6d:86:1c:27:49:37:ab:4d:ff:b0:
b6:13:ab:23:b3:48:f7:dd:09:f0:24:60:8b:63:b1:
3b:ba:38:10:5c:2b:7a:38:f2:89:bf:89:08:06:3c:
85:5f:d7:53:e4:4a:18:5a:2f:ea:c2:03:4e:8c:c0:
34:e6:58:dc:a0:80:c5:97:94:56:35:4b:ab:01:ad:
69:78:92:73:8d:0a:98:9a:74:c4:07:64:a7:c7:db:
d6:ef:05:4e:bb:57:ea:b7:a1:1d:56:f6:77:ec:6b:
b5:f5:0e:c8:78:15:c0:81:12:01:c2:f8:eb:80:a0:
fb:1f:09:85:82:09:79:8e:9b:8e:4d:9a:71:a8:cc:
ad:a7:e2:70:29:0d:7c:08:8a:c4:3d:57:41:d4:3c:
19:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:71:E6:2C:11:1B:B9:00:EB:1F:B9:38:5B:4F:C2:8E:3D:08:8C:78
X509v3 Authority Key Identifier:
keyid:E8:15:9B:68:CE:41:36:8A:99:FE:10:79:EC:54:C3:6C:9B:B1:BF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BWbaM5BNoqZ_hB57FTDbJuxv5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/228efe-ff30-4328-a915-0f3b6f96990b/1/ynHmLBEbuQDrH7k4W0_Cjj0IjHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/228efe-ff30-4328-a915-0f3b6f96990b/1/6BWbaM5BNoqZ_hB57FTDbJuxv5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:0e:cf:f9:01:e1:8c:2b:a7:c3:3a:ef:b2:eb:8a:3d:6b:49:
05:d1:bc:fe:f8:28:8e:03:c3:eb:f6:9e:c9:79:bb:12:6c:ab:
67:53:07:0c:b2:ae:f4:a7:81:e2:12:c2:bf:c8:29:e4:4b:fd:
fe:e5:2e:0c:d8:88:21:94:17:7c:4c:21:31:d2:ec:55:59:46:
5c:1f:90:f0:eb:1c:44:75:51:04:30:11:81:2c:24:53:fa:b3:
32:34:b7:2b:e1:0a:54:12:cd:42:fb:c8:0a:c7:40:89:2d:76:
d7:eb:6d:4d:b9:d0:cc:b7:dc:c5:46:be:62:20:23:14:17:e7:
bd:26:7e:26:4b:a8:24:1e:22:fc:31:ab:52:36:5c:0b:ed:4c:
bf:25:81:c6:b1:5a:4a:5b:6a:93:95:32:a1:ab:0f:46:42:75:
07:e5:f8:fd:00:95:c1:61:ff:0b:7c:b5:7e:51:10:ed:61:9b:
d2:a6:2e:b1:e3:46:67:3b:df:2a:23:2c:96:ed:f2:09:49:c6:
5b:52:8b:b5:62:97:bf:4d:d7:ed:6c:39:36:72:63:dc:50:14:
b1:8f:66:ff:e0:78:88:2f:e9:d7:11:5b:d3:15:eb:b3:99:19:
21:54:cb:b0:a3:6f:ee:9e:d2:66:f7:ae:00:14:e0:bb:dd:9a:
aa:69:85:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjCpEzJwVGg3FRWCHRCAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTU5YjY4Y2U0MTM2OGE5OWZlMTA3OWVjNTRjMzZjOWJi
MWJmOTQwHhcNMjMwMTAyMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTcxZTYyYzExMWJiOTAwZWIxZmI5Mzg1YjRmYzI4ZTNkMDg4Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS7AKJqOgXaguvGLTbo6tfv4I3Il
ZFOCxWvkFfSoztiCP+rFrUnNoNG/WMBXRRMJpqpYXa6+tlp4RRvC2kL+lzNYeop5
SZgNq2LtwsOtLuw/ruk/zxNs8RFEh4C9mP+lGI3N+fygFNOLgN9g922GHCdJN6tN
/7C2E6sjs0j33QnwJGCLY7E7ujgQXCt6OPKJv4kIBjyFX9dT5EoYWi/qwgNOjMA0
5ljcoIDFl5RWNUurAa1peJJzjQqYmnTEB2Snx9vW7wVOu1fqt6EdVvZ37Gu19Q7I
eBXAgRIBwvjrgKD7HwmFggl5jpuOTZpxqMytp+JwKQ18CIrEPVdB1DwZ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpx5iwRG7kA6x+5OFtPwo49CIx4MB8GA1UdIwQY
MBaAFOgVm2jOQTaKmf4QeexUw2ybsb+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJXYmFNNUJOb3FaX2hCNTdGVERiSnV4djVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yMjhlZmUtZmYzMC00MzI4LWE5MTUt
MGYzYjZmOTY5OTBiLzEveW5IbUxCRWJ1UURySDdrNFcwX0NqajBJakhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yMjhlZmUtZmYzMC00MzI4LWE5MTUtMGYzYjZmOTY5OTBi
LzEvNkJXYmFNNUJOb3FaX2hCNTdGVERiSnV4djVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufpAMA0G
CSqGSIb3DQEBCwUAA4IBAQBLDs/5AeGMK6fDOu+y64o9a0kF0bz++CiOA8Pr9p7J
ebsSbKtnUwcMsq70p4HiEsK/yCnkS/3+5S4M2IghlBd8TCEx0uxVWUZcH5Dw6xxE
dVEEMBGBLCRT+rMyNLcr4QpUEs1C+8gKx0CJLXbX621NudDMt9zFRr5iICMUF+e9
Jn4mS6gkHiL8MatSNlwL7Uy/JYHGsVpKW2qTlTKhqw9GQnUH5fj9AJXBYf8LfLV+
URDtYZvSpi6x40ZnO98qIyyW7fIJScZbUou1Ype/TdftbDk2cmPcUBSxj2b/4HiI
L+nXEVvTFeuzmRkhVMuwo2/untJm964AFOC73ZqqaYWZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:57 2025 by rpki-client