Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/_YC9_Z8mOOWkPQMz-A2SBAFoxXc.roa
File: _YC9_Z8mOOWkPQMz-A2SBAFoxXc.roa (raw, json)
Hash identifier: ac7zelYBzhfrwXlax6/nZAky3XynpR4CAYsd0xcClAA=
Subject key identifier: FD:80:BD:FD:9F:26:38:E5:A4:3D:03:33:F8:0D:92:04:01:68:C5:77
Certificate issuer: /CN=01b3fa2ab8901b415e10838872c63d9f0ce136ad
Certificate serial: 01856F948C47773E721C27016883546DAE28
Authority key identifier: 01:B3:FA:2A:B8:90:1B:41:5E:10:83:88:72:C6:3D:9F:0C:E1:36:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AbP6KriQG0FeEIOIcsY9nwzhNq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/_YC9_Z8mOOWkPQMz-A2SBAFoxXc.roa
Signing time: Sun 01 Jan 2023 23:04:44 +0000
ROA not before: Sun 01 Jan 2023 23:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203329
IP address blocks: 185.138.140.0/22 maxlen: 24
149.233.0.0/19 maxlen: 24
2a07:e80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:8c:47:77:3e:72:1c:27:01:68:83:54:6d:ae:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01b3fa2ab8901b415e10838872c63d9f0ce136ad
Validity
Not Before: Jan 1 23:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd80bdfd9f2638e5a43d0333f80d92040168c577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:52:dd:7d:96:7a:8f:57:f8:bb:d0:d3:4c:
1b:82:7c:01:17:da:e5:11:7d:30:ea:b8:9d:be:e5:
c6:ca:b4:f5:f4:b3:36:04:a2:a3:30:f8:ed:bc:a6:
0f:b7:66:db:ea:57:0b:86:64:6f:51:9a:5c:18:89:
d3:58:67:ee:ef:31:88:41:76:8f:c9:8b:c9:ca:58:
5f:32:8e:b5:cb:14:37:1e:5a:36:92:48:6c:85:e9:
c8:01:15:4f:54:68:3a:f3:67:07:81:3c:31:fb:63:
ce:44:23:cb:ec:e4:e8:6a:51:4d:e3:8f:85:87:4e:
24:05:21:ce:98:07:44:3f:1b:5f:6b:a6:60:33:91:
e2:03:9c:fd:e1:8c:e7:37:69:35:11:b6:ac:e2:2c:
45:a7:b0:4d:ad:99:0a:6e:e8:05:4e:56:ec:26:70:
13:f0:40:96:10:28:d2:da:fa:31:05:39:34:c6:71:
f9:a8:49:ff:64:b3:6e:f0:26:2f:c0:b5:ea:7b:89:
1c:ef:2b:ae:00:cb:93:68:6a:2d:0d:71:17:51:d4:
9e:89:11:59:9e:d9:dc:2e:90:f2:12:2e:f0:dd:fd:
33:df:d2:6a:cb:bc:c5:02:3c:3c:e2:77:43:c6:d6:
46:0b:cc:a8:b9:62:80:5a:47:5a:9a:26:56:60:96:
85:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:80:BD:FD:9F:26:38:E5:A4:3D:03:33:F8:0D:92:04:01:68:C5:77
X509v3 Authority Key Identifier:
keyid:01:B3:FA:2A:B8:90:1B:41:5E:10:83:88:72:C6:3D:9F:0C:E1:36:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AbP6KriQG0FeEIOIcsY9nwzhNq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/_YC9_Z8mOOWkPQMz-A2SBAFoxXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/AbP6KriQG0FeEIOIcsY9nwzhNq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.233.0.0/19
185.138.140.0/22
IPv6:
2a07:e80::/29
Signature Algorithm: sha256WithRSAEncryption
99:66:14:de:53:03:02:30:50:7d:93:d4:bc:c0:b3:a9:40:5c:
a2:75:96:b0:7d:2f:57:90:0f:21:c6:b9:7a:3f:76:60:bc:e8:
0c:bf:fa:55:97:ef:6c:2b:5c:cb:02:d7:f4:93:01:ff:60:3f:
c0:71:86:b2:92:9c:75:6f:7a:69:21:16:ea:e7:06:0b:a2:c9:
c2:bf:36:d4:e0:9f:8a:bd:2a:ef:f4:9d:fe:24:25:b3:2e:5d:
4c:f6:25:20:7b:63:48:9b:f9:ea:3c:02:b6:0f:f0:11:90:a9:
8f:b4:35:05:af:be:7d:7d:29:91:3c:93:67:0c:ec:09:18:e7:
23:27:7b:06:b0:e2:04:b0:43:66:4f:4a:f6:55:1d:79:e8:25:
ef:5c:3f:44:31:05:3a:bc:2d:91:e1:b4:73:8c:c4:5c:2e:b6:
90:1a:5f:90:aa:46:7f:ea:bc:e8:0a:87:5e:dd:f3:03:b2:52:
f6:a1:3e:28:65:1c:22:44:d8:b4:86:d1:26:f1:1a:1d:6c:60:
e7:3a:4b:0d:4f:cc:7a:d7:75:16:00:8a:71:15:af:44:4a:20:
c8:0e:60:34:51:22:40:9e:24:69:55:b7:ee:6e:85:2c:68:72:
9b:46:39:89:03:0c:29:3f:90:3a:88:1c:14:81:ec:50:e7:d1:
f0:ec:2a:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvlIxHdz5yHCcBaINUba4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYjNmYTJhYjg5MDFiNDE1ZTEwODM4ODcyYzYzZDlmMGNl
MTM2YWQwHhcNMjMwMTAxMjMwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDgwYmRmZDlmMjYzOGU1YTQzZDAzMzNmODBkOTIwNDAxNjhjNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGhS3X2Weo9X+LvQ00wbgnwBF9rl
EX0w6ridvuXGyrT19LM2BKKjMPjtvKYPt2bb6lcLhmRvUZpcGInTWGfu7zGIQXaP
yYvJylhfMo61yxQ3Hlo2kkhshenIARVPVGg682cHgTwx+2PORCPL7OToalFN44+F
h04kBSHOmAdEPxtfa6ZgM5HiA5z94YznN2k1Ebas4ixFp7BNrZkKbugFTlbsJnAT
8ECWECjS2voxBTk0xnH5qEn/ZLNu8CYvwLXqe4kc7yuuAMuTaGotDXEXUdSeiRFZ
ntncLpDyEi7w3f0z39Jqy7zFAjw84ndDxtZGC8youWKAWkdamiZWYJaFTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP2Avf2fJjjlpD0DM/gNkgQBaMV3MB8GA1UdIwQY
MBaAFAGz+iq4kBtBXhCDiHLGPZ8M4TatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWJQNktyaVFHMEZlRUlPSWNzWTlud3poTnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80MmJkYTYtYTVkYS00NzFiLWEzYmYt
ODFlY2I0OTBmYjg2LzEvX1lDOV9aOG1PT1drUFFNei1BMlNCQUZveFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS80MmJkYTYtYTVkYS00NzFiLWEzYmYtODFlY2I0OTBmYjg2
LzEvQWJQNktyaVFHMEZlRUlPSWNzWTlud3poTnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFlekAAwQC
uYqMMA0EAgACMAcDBQMqBw6AMA0GCSqGSIb3DQEBCwUAA4IBAQCZZhTeUwMCMFB9
k9S8wLOpQFyidZawfS9XkA8hxrl6P3ZgvOgMv/pVl+9sK1zLAtf0kwH/YD/AcYay
kpx1b3ppIRbq5wYLosnCvzbU4J+KvSrv9J3+JCWzLl1M9iUge2NIm/nqPAK2D/AR
kKmPtDUFr759fSmRPJNnDOwJGOcjJ3sGsOIEsENmT0r2VR156CXvXD9EMQU6vC2R
4bRzjMRcLraQGl+QqkZ/6rzoCode3fMDslL2oT4oZRwiRNi0htEm8RodbGDnOksN
T8x613UWAIpxFa9ESiDIDmA0USJAniRpVbfuboUsaHKbRjmJAwwpP5A6iBwUgexQ
59Hw7Cos
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:49:15 2025 by rpki-client