Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YYB5J1rHn8BWzLzaPGR3oO82TkA.roa
File: YYB5J1rHn8BWzLzaPGR3oO82TkA.roa (raw, json)
Hash identifier: enyPAz3xpM1m2zS1vr66TRlgbwB+As9bZV+WIglW5uo=
Subject key identifier: 61:80:79:27:5A:C7:9F:C0:56:CC:BC:DA:3C:64:77:A0:EF:36:4E:40
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0185A1CC64AF1435B042E484B446C546DC60
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YYB5J1rHn8BWzLzaPGR3oO82TkA.roa
Signing time: Wed 11 Jan 2023 17:06:44 +0000
ROA not before: Wed 11 Jan 2023 17:06:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 109.203.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:cc:64:af:14:35:b0:42:e4:84:b4:46:c5:46:dc:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 11 17:06:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=618079275ac79fc056ccbcda3c6477a0ef364e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f5:40:e6:9e:08:f7:da:43:29:c3:b4:61:5e:
2c:fb:a9:32:a8:c9:d8:d8:1f:8d:59:76:ba:64:67:
f4:53:82:4d:e5:2f:88:6d:8f:84:57:0a:d0:96:be:
58:cd:94:79:34:9a:29:56:75:b7:42:16:62:51:5d:
67:48:00:66:15:3f:ea:0c:e7:bc:0f:fd:84:34:1c:
8b:48:27:28:0b:5e:c3:71:62:c5:8b:03:a5:30:9a:
1d:0b:19:13:1b:38:c2:9b:89:52:0e:f5:1f:d1:c6:
11:f5:c0:55:f0:94:21:ed:5c:c4:69:92:51:b5:1c:
80:aa:7a:36:e6:20:64:c3:a5:18:7f:86:eb:76:e9:
58:5a:e0:ad:d9:76:5a:f1:4b:ab:47:65:86:aa:65:
21:f1:68:9a:00:32:ca:b9:72:a8:ae:ca:00:3a:cb:
91:27:27:40:67:a3:35:3f:b7:e3:ac:27:94:43:b6:
74:23:4d:14:86:d2:81:34:80:b2:2d:26:4d:18:1e:
e9:05:c7:04:b8:e2:60:15:01:a1:22:09:c0:ca:ec:
36:47:5b:e0:4a:c6:21:5c:f4:2e:1d:c2:bf:6a:94:
26:8a:2d:22:df:f8:a1:ee:47:2b:cf:9c:0c:2c:fc:
57:24:e9:90:be:58:94:5b:2e:b7:16:63:2f:23:b5:
09:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:80:79:27:5A:C7:9F:C0:56:CC:BC:DA:3C:64:77:A0:EF:36:4E:40
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YYB5J1rHn8BWzLzaPGR3oO82TkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.163.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:75:59:0c:00:9d:24:5a:ad:00:c6:a3:ee:2f:9d:33:68:f8:
f2:64:25:e5:db:fe:0f:84:99:1e:6a:3a:9d:ff:0b:fd:f0:d1:
28:45:11:ca:f4:83:5c:5b:cf:15:64:91:ef:9e:a7:e3:88:76:
e0:50:77:7b:b9:25:2b:ee:6f:39:18:24:d1:43:07:71:8a:2e:
27:8c:14:c7:a4:ef:6c:5c:f9:f0:21:6a:98:61:db:b1:4d:6d:
a1:21:96:d6:fc:82:9c:85:f4:6c:d0:5f:79:0b:51:d2:7b:54:
ae:0f:12:8f:aa:e4:7e:1a:16:87:fc:58:1d:b6:95:78:e6:83:
cc:b8:3a:c8:42:3b:52:57:4b:e0:c5:54:2d:a7:55:cb:18:c8:
a4:a7:ea:34:96:ea:cb:7e:4a:e5:d9:d5:67:fc:3b:40:8f:4a:
31:50:79:6a:a9:b3:ef:59:42:2b:cf:2c:4b:04:a5:45:f1:75:
31:3e:f1:19:17:49:6b:62:62:db:ea:c4:26:58:ed:2d:b5:5d:
e3:67:1d:15:b0:bb:94:a4:05:51:68:0a:b7:eb:c5:5e:2d:c4:
0f:49:91:69:ab:9e:7b:1d:c9:d1:e9:64:a2:0e:9b:12:ea:ff:
1a:82:19:d9:4e:fd:47:f9:0b:14:d5:c0:a2:f1:7a:c6:be:c2:
60:34:f8:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWhzGSvFDWwQuSEtEbFRtxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMTExMTcwNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTgwNzkyNzVhYzc5ZmMwNTZjY2JjZGEzYzY0NzdhMGVmMzY0ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvVA5p4I99pDKcO0YV4s+6kyqMnY
2B+NWXa6ZGf0U4JN5S+IbY+EVwrQlr5YzZR5NJopVnW3QhZiUV1nSABmFT/qDOe8
D/2ENByLSCcoC17DcWLFiwOlMJodCxkTGzjCm4lSDvUf0cYR9cBV8JQh7VzEaZJR
tRyAqno25iBkw6UYf4brdulYWuCt2XZa8UurR2WGqmUh8WiaADLKuXKorsoAOsuR
JydAZ6M1P7fjrCeUQ7Z0I00UhtKBNICyLSZNGB7pBccEuOJgFQGhIgnAyuw2R1vg
SsYhXPQuHcK/apQmii0i3/ih7kcrz5wMLPxXJOmQvliUWy63FmMvI7UJ1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGAeSdax5/AVsy82jxkd6DvNk5AMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWVlCNUoxckhuOEJXekx6YVBHUjNvTzgyVGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbcujMA0G
CSqGSIb3DQEBCwUAA4IBAQBqdVkMAJ0kWq0AxqPuL50zaPjyZCXl2/4PhJkeajqd
/wv98NEoRRHK9INcW88VZJHvnqfjiHbgUHd7uSUr7m85GCTRQwdxii4njBTHpO9s
XPnwIWqYYduxTW2hIZbW/IKchfRs0F95C1HSe1SuDxKPquR+GhaH/FgdtpV45oPM
uDrIQjtSV0vgxVQtp1XLGMikp+o0lurLfkrl2dVn/DtAj0oxUHlqqbPvWUIrzyxL
BKVF8XUxPvEZF0lrYmLb6sQmWO0ttV3jZx0VsLuUpAVRaAq368VeLcQPSZFpq557
HcnR6WSiDpsS6v8aghnZTv1H+QsU1cCi8XrGvsJgNPjM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:10 2025 by rpki-client