Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YBCP72Eb3Khdz1OelBGGapfaUIU.roa
File: YBCP72Eb3Khdz1OelBGGapfaUIU.roa (raw, json)
Hash identifier: 2/elkqUfks7+hjyxrQ06mPd0a1NHqTH18kwVHaAvWSU=
Subject key identifier: 60:10:8F:EF:61:1B:DC:A8:5D:CF:53:9E:94:11:86:6A:97:DA:50:85
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B1D21BE9601F0ED1933FF4E414F1D
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YBCP72Eb3Khdz1OelBGGapfaUIU.roa
Signing time: Sun 01 Jan 2023 13:35:11 +0000
ROA not before: Sun 01 Jan 2023 13:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212777
IP address blocks: 194.209.237.0/24 maxlen: 24
212.243.178.0/24 maxlen: 24
194.209.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:1d:21:be:96:01:f0:ed:19:33:ff:4e:41:4f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60108fef611bdca85dcf539e9411866a97da5085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8a:d6:0a:37:8f:73:4e:f3:89:cb:3b:60:08:
89:5d:00:25:cc:cf:40:e5:1d:ef:4f:61:66:0f:df:
45:6d:9f:65:bd:aa:7b:70:08:e4:c1:63:62:a3:e2:
c1:cb:0d:71:ea:86:90:c2:31:b5:d2:80:7a:33:fd:
20:60:26:6c:bf:86:a5:53:2b:85:45:d5:b9:70:18:
97:57:5f:10:73:88:70:8f:e7:01:df:82:53:c4:09:
a9:c2:04:46:25:02:b7:eb:4b:06:d7:5d:6e:8a:a2:
8a:30:8e:a0:b7:91:b8:d4:d6:46:d0:d8:d9:2f:0a:
70:f2:c8:d4:23:88:6d:44:dd:fe:b8:28:05:8c:f5:
78:54:f4:7b:af:72:52:35:7b:82:fd:a4:c7:ba:f0:
32:6f:2d:ae:77:ca:2a:a1:c3:7f:75:6d:d5:63:dc:
22:31:cb:0b:5b:d3:10:a4:f1:98:dd:e7:5e:9c:c5:
a2:1b:68:9b:0a:1c:a5:99:fd:31:56:fa:41:13:b8:
4b:eb:bd:ca:62:b9:e6:05:2b:e6:83:61:3b:dd:cb:
cf:89:0f:29:cf:53:2b:d0:61:31:4b:c6:4b:ad:e3:
dc:2e:50:d2:63:84:10:f0:82:e5:eb:8e:52:c1:a0:
84:4c:2d:e6:9f:6c:53:63:09:c6:c1:bd:2f:ed:98:
e9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:10:8F:EF:61:1B:DC:A8:5D:CF:53:9E:94:11:86:6A:97:DA:50:85
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YBCP72Eb3Khdz1OelBGGapfaUIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.202.0/24
194.209.237.0/24
212.243.178.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:84:13:b1:9a:00:e6:9b:8b:89:15:bd:b3:f5:3a:46:01:a2:
59:6f:32:83:22:67:37:33:d4:29:b3:5d:43:e7:b8:34:9b:80:
47:87:20:e7:d5:b4:b1:41:2c:7f:b7:b1:47:10:09:8b:49:34:
22:e3:fa:7f:db:02:c6:73:6f:69:3b:f1:8e:d3:c9:df:24:86:
c8:88:fe:1d:4c:42:39:3e:07:9b:c4:76:b0:e8:98:d2:4e:8b:
9e:98:2b:45:d2:39:a5:c2:89:16:49:0a:41:5e:2d:2d:13:8c:
2b:89:84:b9:df:b2:b5:ea:e4:a2:f2:94:dd:55:c5:88:5c:3d:
f3:27:53:48:6d:ee:a4:06:fe:15:9f:62:9b:be:35:84:40:88:
4a:01:b1:83:0a:0c:b7:6c:47:09:24:e3:76:f8:db:25:2b:07:
c2:42:d1:b1:a0:6e:52:e3:63:7d:7b:4b:92:bf:74:e9:e4:a9:
de:15:4c:94:e8:52:36:f0:b6:79:c5:ba:f4:55:d1:d9:6d:76:
08:66:5d:15:72:f5:14:de:ee:e2:02:a0:7a:19:27:3d:af:6c:
23:51:03:ca:e9:b7:01:e9:1d:8a:bb:b9:8e:ff:d9:b2:fb:56:
13:55:75:d0:73:01:e7:92:a0:be:64:35:c6:8c:8e:df:50:07:
78:a6:c9:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtix0hvpYB8O0ZM/9OQU8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDEwOGZlZjYxMWJkY2E4NWRjZjUzOWU5NDExODY2YTk3ZGE1MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYrWCjePc07zics7YAiJXQAlzM9A
5R3vT2FmD99FbZ9lvap7cAjkwWNio+LByw1x6oaQwjG10oB6M/0gYCZsv4alUyuF
RdW5cBiXV18Qc4hwj+cB34JTxAmpwgRGJQK360sG111uiqKKMI6gt5G41NZG0NjZ
Lwpw8sjUI4htRN3+uCgFjPV4VPR7r3JSNXuC/aTHuvAyby2ud8oqocN/dW3VY9wi
McsLW9MQpPGY3edenMWiG2ibChylmf0xVvpBE7hL673KYrnmBSvmg2E73cvPiQ8p
z1Mr0GExS8ZLrePcLlDSY4QQ8ILl645SwaCETC3mn2xTYwnGwb0v7ZjpawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGAQj+9hG9yoXc9TnpQRhmqX2lCFMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvWUJDUDcyRWIzS2hkejFPZWxCR0dhcGZhVUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwtHKAwQA
wtHtAwQA1POyMA0GCSqGSIb3DQEBCwUAA4IBAQCyhBOxmgDmm4uJFb2z9TpGAaJZ
bzKDImc3M9Qps11D57g0m4BHhyDn1bSxQSx/t7FHEAmLSTQi4/p/2wLGc29pO/GO
08nfJIbIiP4dTEI5PgebxHaw6JjSTouemCtF0jmlwokWSQpBXi0tE4wriYS537K1
6uSi8pTdVcWIXD3zJ1NIbe6kBv4Vn2KbvjWEQIhKAbGDCgy3bEcJJON2+NslKwfC
QtGxoG5S42N9e0uSv3Tp5KneFUyU6FI28LZ5xbr0VdHZbXYIZl0VcvUU3u7iAqB6
GSc9r2wjUQPK6bcB6R2Ku7mO/9my+1YTVXXQcwHnkqC+ZDXGjI7fUAd4psmn
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:45:45 2025 by rpki-client