Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/YMdOztp7ylNeBEsLDovOBnLVLm4.roa
File: YMdOztp7ylNeBEsLDovOBnLVLm4.roa (raw, json)
Hash identifier: tK2NK7RNEE7MGulYq7oahlw/CH5aHyvH6ngGGzSwgZE=
Subject key identifier: 60:C7:4E:CE:DA:7B:CA:53:5E:04:4B:0B:0E:8B:CE:06:72:D5:2E:6E
Certificate issuer: /CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Certificate serial: 01856FE7044DA59AF3B8A907BA11A7DB7B0B
Authority key identifier: 91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/YMdOztp7ylNeBEsLDovOBnLVLm4.roa
Signing time: Mon 02 Jan 2023 00:34:48 +0000
ROA not before: Mon 02 Jan 2023 00:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203108
IP address blocks: 185.144.220.0/22 maxlen: 24
2a07:5b00::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:04:4d:a5:9a:f3:b8:a9:07:ba:11:a7:db:7b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Validity
Not Before: Jan 2 00:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60c74eceda7bca535e044b0b0e8bce0672d52e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2e:e0:db:4a:17:3e:9c:97:5c:23:ff:a0:96:
78:ef:95:99:40:d6:86:5d:54:b6:18:3c:cb:f0:1d:
8c:7e:06:42:2a:77:9a:2a:09:8d:ec:3d:a6:98:17:
d0:6f:16:5a:92:e2:0e:e1:f8:56:19:f6:25:ed:1c:
b6:e9:bd:70:5f:3d:f5:35:69:3c:cf:9b:f5:1e:03:
a2:3f:97:4e:3b:f1:e1:c6:ab:2b:7d:06:c9:26:b3:
23:d6:43:cb:6e:d7:4a:4c:16:a9:85:49:f2:27:be:
24:09:c7:0c:ad:5f:4f:64:53:2d:c4:93:50:b5:2d:
99:1a:ff:55:9a:7d:e1:f8:78:5a:14:0e:a1:31:76:
d4:27:d3:a2:08:f0:6d:af:a0:64:0c:be:3e:bc:e4:
9b:22:24:51:c9:6a:6b:80:8d:c4:53:34:e2:dc:95:
c3:99:e3:dd:72:d5:c3:2c:07:85:f0:98:31:09:60:
ad:8a:ef:c7:83:9e:94:ff:97:9a:f7:38:e7:40:cc:
cd:6e:a8:42:29:e1:f3:97:26:8c:fc:8f:bf:93:d1:
22:78:e7:4e:cf:6a:3e:52:da:b3:a4:c1:00:d4:0c:
f5:06:50:17:2f:61:9e:c3:f6:f5:79:15:31:49:61:
39:1c:26:76:03:9f:fb:f7:05:26:40:98:75:2b:0f:
c4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C7:4E:CE:DA:7B:CA:53:5E:04:4B:0B:0E:8B:CE:06:72:D5:2E:6E
X509v3 Authority Key Identifier:
keyid:91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/YMdOztp7ylNeBEsLDovOBnLVLm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.220.0/22
IPv6:
2a07:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
17:02:b9:4b:04:5c:fb:cf:8b:b6:ae:b1:8c:f9:5e:06:9c:95:
d5:ea:a3:65:d4:36:9e:8f:c2:9a:93:b9:33:04:15:22:55:7d:
48:01:ea:ad:49:54:14:ab:a8:ca:af:02:60:ea:fc:f4:0f:23:
f2:14:6f:c7:16:49:b2:b3:0d:79:0e:86:80:43:13:1b:94:83:
83:52:65:df:da:4f:ae:ac:f3:dc:5a:0c:01:8d:65:3b:de:28:
ea:09:95:8f:3e:07:8b:74:5f:c8:20:82:c5:46:5c:b8:13:39:
26:ed:81:1a:1a:55:e1:c1:d3:79:e2:f8:9f:43:b1:77:de:6d:
54:99:fe:ee:45:b7:53:bd:66:6d:15:3c:df:8e:eb:25:0e:72:
99:8b:23:68:a9:59:fb:fc:11:d1:66:c1:d3:47:e3:e1:15:7b:
46:e6:0a:04:0c:51:31:cc:c2:e6:e2:68:24:5c:57:4e:6e:a1:
4f:61:66:04:a4:1a:a9:2f:c7:d6:1a:f3:43:21:19:73:6d:14:
6b:fd:d1:2e:c2:9c:78:c3:df:9a:3f:41:13:40:ec:7c:e5:67:
a7:18:fb:23:ca:db:cf:96:8c:ee:0e:82:be:cf:5c:c3:30:14:
c3:e1:ad:95:e6:9b:0c:a5:e6:3d:e9:bb:21:04:af:8c:39:a3:
ee:27:eb:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv5wRNpZrzuKkHuhGn23sLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjU4OTFhMjZjZmE0MzZhMjNlN2UxZmY5NzY2NDhiZWU3
OWVmNzcwHhcNMjMwMTAyMDAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGM3NGVjZWRhN2JjYTUzNWUwNDRiMGIwZThiY2UwNjcyZDUyZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy7g20oXPpyXXCP/oJZ475WZQNaG
XVS2GDzL8B2MfgZCKneaKgmN7D2mmBfQbxZakuIO4fhWGfYl7Ry26b1wXz31NWk8
z5v1HgOiP5dOO/HhxqsrfQbJJrMj1kPLbtdKTBaphUnyJ74kCccMrV9PZFMtxJNQ
tS2ZGv9Vmn3h+HhaFA6hMXbUJ9OiCPBtr6BkDL4+vOSbIiRRyWprgI3EUzTi3JXD
mePdctXDLAeF8JgxCWCtiu/Hg56U/5ea9zjnQMzNbqhCKeHzlyaM/I+/k9EieOdO
z2o+UtqzpMEA1Az1BlAXL2Gew/b1eRUxSWE5HCZ2A5/79wUmQJh1Kw/ElwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDHTs7ae8pTXgRLCw6LzgZy1S5uMB8GA1UdIwQY
MBaAFJH1iRomz6Q2oj5+H/l2ZIvuee93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzkt
ZGFhNzM5MGI1YmE3LzEvWU1kT3p0cDd5bE5lQkVzTERvdk9CbkxWTG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzktZGFhNzM5MGI1YmE3
LzEva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDcMA0E
AgACMAcDBQMqB1sAMA0GCSqGSIb3DQEBCwUAA4IBAQAXArlLBFz7z4u2rrGM+V4G
nJXV6qNl1Daej8Kak7kzBBUiVX1IAeqtSVQUq6jKrwJg6vz0DyPyFG/HFkmysw15
DoaAQxMblIODUmXf2k+urPPcWgwBjWU73ijqCZWPPgeLdF/IIILFRly4Ezkm7YEa
GlXhwdN54vifQ7F33m1Umf7uRbdTvWZtFTzfjuslDnKZiyNoqVn7/BHRZsHTR+Ph
FXtG5goEDFExzMLm4mgkXFdObqFPYWYEpBqpL8fWGvNDIRlzbRRr/dEuwpx4w9+a
P0ETQOx85WenGPsjytvPlozuDoK+z1zDMBTD4a2V5psMpeY96bshBK+MOaPuJ+v2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:52 2025 by rpki-client