Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/yOVm8-uWkzODzBIBG8musbo4aRQ.roa
File: yOVm8-uWkzODzBIBG8musbo4aRQ.roa (raw, json)
Hash identifier: qVv75PTNHycvSshlsHhcxRq4Nq1JxYjtpaFhHYzAsbg=
Subject key identifier: C8:E5:66:F3:EB:96:93:33:83:CC:12:01:1B:C9:AE:B1:BA:38:69:14
Certificate issuer: /CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Certificate serial: 01856FC251085E8177CE900366D145486BFC
Authority key identifier: 1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/yOVm8-uWkzODzBIBG8musbo4aRQ.roa
Signing time: Sun 01 Jan 2023 23:54:43 +0000
ROA not before: Sun 01 Jan 2023 23:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8448
IP address blocks: 188.44.128.0/17 maxlen: 17
217.79.128.0/20 maxlen: 20
84.225.192.0/18 maxlen: 18
2a00:1878::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:51:08:5e:81:77:ce:90:03:66:d1:45:48:6b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Validity
Not Before: Jan 1 23:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8e566f3eb96933383cc12011bc9aeb1ba386914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:98:ca:4a:01:fb:fb:58:34:ad:55:ef:43:31:
e9:9c:9a:cb:ce:50:0d:16:ce:64:1d:e2:9e:8a:f5:
af:75:bf:15:bb:11:30:29:cb:4c:9f:d7:35:7b:f9:
4f:0d:69:22:98:2b:ae:4d:5f:a6:8a:9f:34:01:ee:
c3:e4:f6:22:79:e0:ae:67:d8:be:7f:0c:3a:68:f5:
74:ab:fe:71:db:d8:57:87:f4:98:44:77:df:a8:81:
6f:1a:92:a1:08:d9:69:27:1d:3c:88:4e:7d:b7:cd:
1c:7a:33:87:a7:5b:88:39:3b:31:c8:f3:1b:b8:69:
83:99:0a:8b:7a:96:5e:a0:e2:97:37:85:e8:53:d0:
c0:fa:a8:ef:fa:b3:86:db:79:8d:2b:1e:e4:f7:0f:
af:b8:39:ef:70:fd:0e:0b:45:45:72:8f:96:e4:9d:
b9:0d:b2:84:67:bf:d7:f3:82:d9:87:3d:a4:35:ba:
70:dc:74:4c:f3:02:1f:cc:cf:6a:d6:9c:84:dd:8e:
49:98:5d:a3:e8:a4:78:c1:31:ca:5d:65:e1:a1:fe:
e9:34:43:b5:73:d6:3d:1e:90:19:5f:4e:ba:c7:2a:
9c:39:fb:cf:e8:b1:e1:eb:e9:e1:9f:65:0d:09:9d:
60:40:c0:56:e5:90:2e:45:6a:c5:db:a7:e7:63:ad:
42:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E5:66:F3:EB:96:93:33:83:CC:12:01:1B:C9:AE:B1:BA:38:69:14
X509v3 Authority Key Identifier:
keyid:1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/yOVm8-uWkzODzBIBG8musbo4aRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.225.192.0/18
188.44.128.0/17
217.79.128.0/20
IPv6:
2a00:1878::/29
Signature Algorithm: sha256WithRSAEncryption
48:33:c0:11:d3:dc:83:91:46:ba:66:f2:ce:e2:5c:2e:41:9d:
0b:43:9b:d0:e4:94:57:28:5a:4c:ce:38:3d:6c:c9:f1:34:e2:
af:0d:c5:fa:b1:18:c1:f1:d5:52:aa:2b:b0:b8:1f:b7:f1:08:
69:f1:1a:6c:1e:3e:cf:f0:1e:85:cf:6f:ec:29:79:07:fb:0b:
bf:66:52:62:f3:69:f6:84:da:a7:83:9c:8c:7e:0e:e5:8e:0d:
3a:d8:31:59:91:24:68:a8:7b:be:39:84:9d:ee:4c:ad:08:c6:
fc:28:c7:c0:2b:b0:9f:78:42:3f:b9:53:05:e2:f3:9e:d1:4b:
77:06:72:36:f7:1b:2a:51:55:95:8c:ee:18:a0:af:42:d8:7a:
27:70:33:2a:f9:7a:6a:a0:46:f7:45:08:9d:f9:1b:b5:57:18:
f4:42:b2:e3:6a:76:d2:83:4f:04:74:a9:dc:26:29:bb:28:28:
e0:5a:31:da:52:6d:3d:9a:e1:1f:17:15:73:a1:51:37:8a:61:
4e:0c:53:e5:9b:e0:28:68:92:5f:d0:c8:49:f8:c3:9e:41:7f:
77:3c:39:fa:4a:e1:8a:81:37:bc:d2:a8:0b:75:25:fb:7e:17:
d6:6c:f5:92:e0:fd:57:61:15:d0:5d:53:80:f1:e3:88:6c:52:
d7:4b:0d:91
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvwlEIXoF3zpADZtFFSGv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMTI5M2NiYmUyZjY5MjU0MGQzY2M1YTZlODIzNjYwNDk0
YzQwNjMwHhcNMjMwMTAxMjM1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU1NjZmM2ViOTY5MzMzODNjYzEyMDExYmM5YWViMWJhMzg2OTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipjKSgH7+1g0rVXvQzHpnJrLzlAN
Fs5kHeKeivWvdb8VuxEwKctMn9c1e/lPDWkimCuuTV+mip80Ae7D5PYieeCuZ9i+
fww6aPV0q/5x29hXh/SYRHffqIFvGpKhCNlpJx08iE59t80cejOHp1uIOTsxyPMb
uGmDmQqLepZeoOKXN4XoU9DA+qjv+rOG23mNKx7k9w+vuDnvcP0OC0VFco+W5J25
DbKEZ7/X84LZhz2kNbpw3HRM8wIfzM9q1pyE3Y5JmF2j6KR4wTHKXWXhof7pNEO1
c9Y9HpAZX066xyqcOfvP6LHh6+nhn2UNCZ1gQMBW5ZAuRWrF26fnY61CHQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMjlZvPrlpMzg8wSARvJrrG6OGkUMB8GA1UdIwQY
MBaAFB8Sk8u+L2klQNPMWm6CNmBJTEBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQt
MjY5NzE1OTlhNTU0LzEveU9WbTgtdVdrek9EekJJQkc4bXVzYm80YVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQtMjY5NzE1OTlhNTU0
LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGVOHAAwQH
vCyAAwQE2U+AMA0EAgACMAcDBQMqABh4MA0GCSqGSIb3DQEBCwUAA4IBAQBIM8AR
09yDkUa6ZvLO4lwuQZ0LQ5vQ5JRXKFpMzjg9bMnxNOKvDcX6sRjB8dVSqiuwuB+3
8Qhp8RpsHj7P8B6Fz2/sKXkH+wu/ZlJi82n2hNqng5yMfg7ljg062DFZkSRoqHu+
OYSd7kytCMb8KMfAK7CfeEI/uVMF4vOe0Ut3BnI29xsqUVWVjO4YoK9C2HoncDMq
+XpqoEb3RQid+Ru1Vxj0QrLjanbSg08EdKncJim7KCjgWjHaUm09muEfFxVzoVE3
imFODFPlm+AoaJJf0MhJ+MOeQX93PDn6SuGKgTe80qgLdSX7fhfWbPWS4P1XYRXQ
XVOA8eOIbFLXSw2R
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:29 2025 by rpki-client