Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Yv3vvmy65Vu8KF0w9hlYWVXfPzM.roa
File: Yv3vvmy65Vu8KF0w9hlYWVXfPzM.roa (raw, json)
Hash identifier: B+YhRiM4kmMyYoF8Nshb7mvEJ1eEX9LEaCTzPz2jgfk=
Subject key identifier: 62:FD:EF:BE:6C:BA:E5:5B:BC:28:5D:30:F6:19:58:59:55:DF:3F:33
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CA055AC0B4A959AF648A15CE8472EB283
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Yv3vvmy65Vu8KF0w9hlYWVXfPzM.roa
Signing time: Mon 25 Dec 2023 09:36:58 +0000
ROA not before: Mon 25 Dec 2023 09:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
193.57.41.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:55:ac:0b:4a:95:9a:f6:48:a1:5c:e8:47:2e:b2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 25 09:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62fdefbe6cbae55bbc285d30f619585955df3f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f9:6c:29:53:29:85:5c:8e:21:bc:90:93:37:
8c:fd:21:c1:8a:0d:3b:89:ea:8f:73:17:c7:a8:04:
e5:b7:87:b2:d7:18:86:41:29:80:b0:d3:81:53:c0:
81:a3:3b:e8:16:a3:5f:fc:9e:53:16:58:8f:0a:3e:
a2:e2:1c:ef:b3:04:f8:a5:c7:93:a8:8e:bf:59:2d:
ef:7e:7b:5c:3e:99:70:d5:c3:da:85:57:82:c7:96:
95:d6:b0:cb:9e:50:45:ce:29:5b:1d:25:28:e0:20:
d5:65:cc:2e:76:ce:f3:24:c2:96:c8:8f:df:67:a2:
8d:96:f5:dd:f6:9f:c9:96:81:c7:1b:7d:85:7b:ad:
cc:ed:8a:04:f0:e0:56:3b:3f:94:fa:da:b9:a2:ea:
07:d9:3a:a6:ae:8f:cf:1c:1e:b8:dc:5c:be:d8:ee:
58:2e:e2:e3:9e:32:40:2e:bd:8b:54:e0:f2:d1:01:
9a:aa:0e:68:6b:65:e9:2a:d8:bd:35:96:06:45:44:
7e:9e:d0:98:13:67:d5:5d:98:5f:59:de:ae:76:11:
8b:05:ee:bb:78:b6:4f:24:d6:a7:32:43:0f:48:00:
57:9a:63:8f:a4:0c:0c:82:d7:93:01:dd:ae:72:bc:
00:df:c2:25:33:25:66:c2:4b:43:61:f2:69:05:f1:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FD:EF:BE:6C:BA:E5:5B:BC:28:5D:30:F6:19:58:59:55:DF:3F:33
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Yv3vvmy65Vu8KF0w9hlYWVXfPzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.115.0/24
45.88.139.0/24
45.94.170.0/23
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:d3:e2:13:53:16:ed:a1:b3:fe:b2:ff:92:ee:f1:01:78:a2:
b4:18:8c:e9:ad:e8:23:90:95:22:c6:39:6d:f4:a9:11:3c:2f:
cf:bd:28:72:c1:84:a2:ad:05:12:1e:60:45:58:df:8d:82:74:
64:9b:c5:ea:a9:b3:da:75:54:40:50:82:04:54:2f:22:e1:d8:
6b:01:d4:c7:9a:b3:a0:4c:b5:8e:f9:3c:f1:f5:61:f8:b9:34:
b4:21:c0:10:32:c4:1c:79:b3:43:d2:30:b3:5f:22:8d:d6:af:
3b:52:e4:e6:fd:9d:23:7a:ac:f5:2d:9f:b1:ea:bc:23:ec:13:
ea:dd:33:0c:c2:b5:0a:2f:22:3b:53:3a:8e:dd:a1:52:e8:de:
29:f3:1d:7a:3b:36:9b:c0:9b:43:3b:08:78:14:83:54:0c:d6:
77:7e:95:df:7e:01:b1:d6:63:d1:b1:ae:09:c1:d4:6d:c8:62:
cd:2e:c4:67:35:dd:bc:23:16:33:8c:ae:89:e9:83:62:99:89:
ab:36:36:f3:3b:0f:92:fe:f0:00:96:92:cc:40:d3:92:77:77:
b5:15:b3:71:b0:60:5f:4e:78:52:23:93:a1:9b:e4:e0:64:79:
88:8f:5f:62:50:d8:be:74:c3:41:fd:5a:7f:d5:01:f0:37:43:
3e:a7:ce:d4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYygVawLSpWa9kihXOhHLrKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjI1MDkzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZkZWZiZTZjYmFlNTViYmMyODVkMzBmNjE5NTg1OTU1ZGYzZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPlsKVMphVyOIbyQkzeM/SHBig07
ieqPcxfHqATlt4ey1xiGQSmAsNOBU8CBozvoFqNf/J5TFliPCj6i4hzvswT4pceT
qI6/WS3vfntcPplw1cPahVeCx5aV1rDLnlBFzilbHSUo4CDVZcwuds7zJMKWyI/f
Z6KNlvXd9p/JloHHG32Fe63M7YoE8OBWOz+U+tq5ouoH2Tqmro/PHB643Fy+2O5Y
LuLjnjJALr2LVODy0QGaqg5oa2XpKti9NZYGRUR+ntCYE2fVXZhfWd6udhGLBe67
eLZPJNanMkMPSABXmmOPpAwMgteTAd2ucrwA38IlMyVmwktDYfJpBfElTwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGL9775suuVbvChdMPYZWFlV3z8zMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWXYzdnZteTY1VnU4S0YwdzlobFlXVlhmUHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVFzAwQA
LViLAwQBLV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3
DQEBCwUAA4IBAQC80+ITUxbtobP+sv+S7vEBeKK0GIzpregjkJUixjlt9KkRPC/P
vShywYSirQUSHmBFWN+NgnRkm8XqqbPadVRAUIIEVC8i4dhrAdTHmrOgTLWO+Tzx
9WH4uTS0IcAQMsQcebND0jCzXyKN1q87UuTm/Z0jeqz1LZ+x6rwj7BPq3TMMwrUK
LyI7UzqO3aFS6N4p8x16OzabwJtDOwh4FINUDNZ3fpXffgGx1mPRsa4JwdRtyGLN
LsRnNd28IxYzjK6J6YNimYmrNjbzOw+S/vAAlpLMQNOSd3e1FbNxsGBfTnhSI5Oh
m+TgZHmIj19iUNi+dMNB/Vp/1QHwN0M+p87U
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:31:56 2025 by rpki-client