Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/Cy3sUuxqhixI6Aw7MOATLBZm7vQ.roa
File: Cy3sUuxqhixI6Aw7MOATLBZm7vQ.roa (raw, json)
Hash identifier: kG0tsLWYL3zUqClKVbIROMV2wfg4c3Y/nwu9v7U5Am8=
Subject key identifier: 0B:2D:EC:52:EC:6A:86:2C:48:E8:0C:3B:30:E0:13:2C:16:66:EE:F4
Certificate issuer: /CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485
Certificate serial: 05E0B042
Authority key identifier: AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/Cy3sUuxqhixI6Aw7MOATLBZm7vQ.roa
Signing time: Sat 01 Jan 2022 15:55:40 +0000
ROA not before: Sat 01 Jan 2022 15:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59439
IP address blocks: 185.168.52.0/23 maxlen: 23
91.240.178.0/24 maxlen: 24
2a0d:c0c0:4e1::/48 maxlen: 48
2a0d:c0c0:3e1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98611266 (0x5e0b042)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485
Validity
Not Before: Jan 1 15:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b2dec52ec6a862c48e80c3b30e0132c1666eef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:68:6c:c1:4d:29:1e:76:64:8b:42:50:80:68:
6a:ef:61:75:fb:eb:62:3c:93:2a:5d:ad:98:08:fc:
57:a5:7a:af:4c:d9:d4:d9:67:bf:85:aa:91:74:74:
4f:18:15:2a:8a:42:47:5f:73:e4:27:c9:0a:f2:79:
7c:2f:03:25:3e:e2:49:bb:9c:ed:fe:36:d8:6d:43:
5a:3e:c9:dd:83:0c:d1:fc:a0:2a:cf:e3:72:a5:35:
b3:39:28:40:05:55:58:44:40:01:d9:37:76:0c:4a:
3b:e9:79:73:b1:c5:f3:38:17:89:ee:e4:c8:9a:26:
92:c8:24:ea:d8:b1:80:4b:82:d8:5e:cd:68:b0:c9:
c1:26:60:c4:5d:61:d7:18:14:fa:f2:01:bf:c3:89:
bf:06:ad:5c:64:21:27:18:1f:f7:3c:a1:c6:21:ae:
36:22:c4:5b:16:2d:57:dc:3d:8b:bd:6c:52:8b:54:
d7:96:bf:aa:7b:b2:e0:ce:34:73:6c:26:cc:fe:48:
dc:06:cb:7c:44:ac:87:a6:ad:1a:ac:59:e8:c8:7b:
64:41:19:52:1a:1a:39:e8:e1:40:0c:90:16:4b:9b:
3e:3b:c1:6b:f3:ff:36:9e:01:aa:8e:b3:c4:b8:dd:
37:da:1e:33:f5:b0:e2:7b:3c:49:0b:95:df:03:a3:
92:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2D:EC:52:EC:6A:86:2C:48:E8:0C:3B:30:E0:13:2C:16:66:EE:F4
X509v3 Authority Key Identifier:
keyid:AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/Cy3sUuxqhixI6Aw7MOATLBZm7vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/rY6Ff8AL4U7ZK554zDymm4rcJIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.178.0/24
185.168.52.0/23
IPv6:
2a0d:c0c0:3e1::/48
2a0d:c0c0:4e1::/48
Signature Algorithm: sha256WithRSAEncryption
49:0f:17:7f:a6:06:3b:06:e1:7a:70:d8:a6:47:26:8f:ae:72:
fc:47:a8:ed:96:87:b6:fb:24:75:d0:42:ea:d7:2e:af:eb:a1:
41:8a:fa:39:95:34:33:01:f3:14:4f:cd:5f:8d:09:7b:e0:d0:
ca:f8:76:80:3a:24:c9:fa:ce:5d:df:e2:3a:1c:5a:6c:a8:da:
0a:da:59:1f:00:65:be:68:db:33:16:b5:dc:a3:22:4a:f2:c5:
c9:6b:4d:fc:78:1c:24:90:3b:83:b4:8a:d9:1b:50:d5:d5:9a:
78:f6:b0:f8:b8:44:28:a6:ee:b1:89:b9:6f:76:b4:7c:d4:74:
92:33:e4:f1:f4:e4:40:01:48:d7:3d:a7:86:82:1e:30:82:21:
13:1e:87:d3:b8:9d:6e:09:78:39:f0:e7:be:46:06:97:28:9b:
da:6e:7f:38:05:83:4c:df:95:52:bb:50:0d:fb:b6:81:ab:64:
bd:be:60:7d:2f:4c:37:68:b3:fa:80:d4:5b:96:5f:f4:1c:6e:
a6:21:8a:5a:6d:9e:a1:47:29:fc:98:f7:e5:f4:b8:c3:69:98:
15:83:83:fd:2c:68:6b:f1:f7:98:9d:fa:e5:3a:e8:34:74:50:
b4:10:3f:88:58:a0:79:36:e8:44:d0:04:f6:eb:24:39:7f:a4:
5f:c5:fa:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBeCwQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDhlODU3ZmMwMGJlMTRlZDkyYjllNzhjYzNjYTY5YjhhZGMyNDg1MB4XDTIyMDEw
MTE1NTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIyZGVjNTJlYzZh
ODYyYzQ4ZTgwYzNiMzBlMDEzMmMxNjY2ZWVmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpobMFNKR52ZItCUIBoau9hdfvrYjyTKl2tmAj8V6V6r0zZ
1Nlnv4WqkXR0TxgVKopCR19z5CfJCvJ5fC8DJT7iSbuc7f422G1DWj7J3YMM0fyg
Ks/jcqU1szkoQAVVWERAAdk3dgxKO+l5c7HF8zgXie7kyJomksgk6tixgEuC2F7N
aLDJwSZgxF1h1xgU+vIBv8OJvwatXGQhJxgf9zyhxiGuNiLEWxYtV9w9i71sUotU
15a/qnuy4M40c2wmzP5I3AbLfESsh6atGqxZ6Mh7ZEEZUhoaOejhQAyQFkubPjvB
a/P/Np4Bqo6zxLjdN9oeM/Ww4ns8SQuV3wOjkq0CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQLLexS7GqGLEjoDDsw4BMsFmbu9DAfBgNVHSMEGDAWgBStjoV/wAvhTtkr
nnjMPKabitwkhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JZNkZmOEFMNFU3Wks1NTR6RHltbTRyY0pJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvYjhjM2JkLTE2ZWYtNGYyYy05NDAwLWRiMDk5ZTU4NWU0Yi8x
L0N5M3NVdXhxaGl4STZBdzdNT0FUTEJabTd2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
YjhjM2JkLTE2ZWYtNGYyYy05NDAwLWRiMDk5ZTU4NWU0Yi8xL3JZNkZmOEFMNFU3
Wks1NTR6RHltbTRyY0pJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAFvwsgMEAbmoNDAYBAIAAjASAwcA
Kg3AwAPhAwcAKg3AwAThMA0GCSqGSIb3DQEBCwUAA4IBAQBJDxd/pgY7BuF6cNim
RyaPrnL8R6jtloe2+yR10ELq1y6v66FBivo5lTQzAfMUT81fjQl74NDK+HaAOiTJ
+s5d3+I6HFpsqNoK2lkfAGW+aNszFrXcoyJK8sXJa038eBwkkDuDtIrZG1DV1Zp4
9rD4uEQopu6xiblvdrR81HSSM+Tx9ORAAUjXPaeGgh4wgiETHofTuJ1uCXg58Oe+
RgaXKJvabn84BYNM35VSu1AN+7aBq2S9vmB9L0w3aLP6gNRbll/0HG6mIYpabZ6h
Ryn8mPfl9LjDaZgVg4P9LGhr8feYnfrlOug0dFC0ED+IWKB5NuhE0AT26yQ5f6Rf
xfqk
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:09:27 2025 by rpki-client