Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YII0-7TNUT6F1NkpDZoFumnKet4.roa
File: YII0-7TNUT6F1NkpDZoFumnKet4.roa (raw, json)
Hash identifier: Ly/T5NhG81E3hed199RNuTRiG+fMh85Nf1gFuAzK610=
Subject key identifier: 60:82:34:FB:B4:CD:51:3E:85:D4:D9:29:0D:9A:05:BA:69:CA:7A:DE
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8AFECF8C0014CE439D04623875E6D4
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YII0-7TNUT6F1NkpDZoFumnKet4.roa
Signing time: Sun 01 Jan 2023 13:35:03 +0000
ROA not before: Sun 01 Jan 2023 13:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18679
IP address blocks: 195.65.31.0/24 maxlen: 24
195.65.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:fe:cf:8c:00:14:ce:43:9d:04:62:38:75:e6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=608234fbb4cd513e85d4d9290d9a05ba69ca7ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ac:77:63:47:f1:b9:34:e3:ba:21:f8:4f:22:
05:8c:9d:cb:4e:a8:d7:40:bf:ac:29:b4:5e:0b:af:
7d:52:77:ff:e5:9d:bc:89:d5:30:d6:e8:cd:ae:96:
6a:19:01:68:fa:7c:f7:1c:7b:9e:7f:e7:53:f1:90:
d1:82:13:02:36:a9:b6:5d:72:f2:41:18:35:ee:30:
5b:1a:36:c0:f6:eb:57:a8:44:66:04:c7:51:06:b9:
ce:44:38:b8:1f:39:21:d5:86:3e:39:57:b9:bb:59:
9b:13:f7:e9:fc:5d:c0:68:71:c3:0b:b9:0a:ec:f9:
95:6f:f9:6f:35:22:15:6d:db:9d:c5:ea:49:12:ad:
7f:02:66:03:fb:19:dd:63:84:23:e1:7a:eb:e7:37:
1f:92:35:18:bf:8b:18:0c:6b:a3:2b:06:69:58:6b:
b1:f3:86:19:6f:aa:8a:3a:38:3f:9e:12:b6:cc:be:
c3:be:0a:b0:c4:45:f8:a6:19:45:64:de:8a:af:e2:
31:3d:17:ba:64:c9:c0:cc:d0:64:37:c7:7f:e4:4f:
93:8a:51:ae:8e:57:51:be:43:8b:a6:64:77:be:0f:
82:4c:db:a4:14:e9:d8:cd:01:38:b5:be:44:27:09:
ee:e6:88:b6:03:38:11:28:ed:ce:7e:65:00:07:06:
17:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:82:34:FB:B4:CD:51:3E:85:D4:D9:29:0D:9A:05:BA:69:CA:7A:DE
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YII0-7TNUT6F1NkpDZoFumnKet4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.10.0/24
195.65.31.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:4f:ab:8e:d1:11:ec:a9:93:07:71:d1:c4:60:d6:92:9f:cf:
36:0e:4e:81:a3:ee:0c:a0:50:7f:3c:45:cf:d5:02:51:63:fb:
20:3a:e8:f3:be:cd:3e:6d:2d:e8:df:5d:5d:8b:a7:a5:e2:ac:
eb:27:c8:65:62:1b:3b:f6:52:f6:9e:ff:53:10:0e:56:98:8a:
fd:71:3c:fb:08:6f:c2:b6:03:88:a0:8f:70:18:bc:3e:12:17:
91:27:c8:60:33:45:ce:82:f5:4e:8c:be:5e:9c:24:af:d4:73:
fa:a3:72:e7:68:04:cf:c9:34:9c:45:1e:bb:e7:aa:df:a8:d5:
19:09:6a:64:d6:63:a4:63:34:75:fd:24:65:65:33:6f:24:66:
f6:6e:54:65:2c:fa:bc:ab:0e:a1:ee:0f:62:2a:60:2c:dd:cc:
bd:a7:cd:80:d5:37:ea:19:ff:4e:67:f1:91:91:bc:50:fb:b5:
4c:f1:b8:f9:c0:4d:f1:32:a6:ba:f6:fc:33:7c:29:6b:c1:32:
e3:5b:b9:26:06:ec:d7:5f:1a:8f:9a:0a:1c:f0:9e:a4:07:9a:
bd:1f:54:84:b2:53:6a:ec:b1:6d:c5:fb:48:fc:cf:dd:d3:b4:
86:56:5c:73:c0:c0:2c:66:11:52:04:91:93:01:1f:30:52:91:
bf:57:37:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtiv7PjAAUzkOdBGI4debUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDgyMzRmYmI0Y2Q1MTNlODVkNGQ5MjkwZDlhMDViYTY5Y2E3YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhax3Y0fxuTTjuiH4TyIFjJ3LTqjX
QL+sKbReC699Unf/5Z28idUw1ujNrpZqGQFo+nz3HHuef+dT8ZDRghMCNqm2XXLy
QRg17jBbGjbA9utXqERmBMdRBrnORDi4Hzkh1YY+OVe5u1mbE/fp/F3AaHHDC7kK
7PmVb/lvNSIVbdudxepJEq1/AmYD+xndY4Qj4Xrr5zcfkjUYv4sYDGujKwZpWGux
84YZb6qKOjg/nhK2zL7DvgqwxEX4phlFZN6Kr+IxPRe6ZMnAzNBkN8d/5E+TilGu
jldRvkOLpmR3vg+CTNukFOnYzQE4tb5EJwnu5oi2AzgRKO3OfmUABwYXTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCCNPu0zVE+hdTZKQ2aBbppynreMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvWUlJMC03VE5VVDZGMU5rcERab0Z1bW5LZXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw0EKAwQA
w0EfMA0GCSqGSIb3DQEBCwUAA4IBAQCkT6uO0RHsqZMHcdHEYNaSn882Dk6Bo+4M
oFB/PEXP1QJRY/sgOujzvs0+bS3o311di6el4qzrJ8hlYhs79lL2nv9TEA5WmIr9
cTz7CG/CtgOIoI9wGLw+EheRJ8hgM0XOgvVOjL5enCSv1HP6o3LnaATPyTScRR67
56rfqNUZCWpk1mOkYzR1/SRlZTNvJGb2blRlLPq8qw6h7g9iKmAs3cy9p82A1Tfq
Gf9OZ/GRkbxQ+7VM8bj5wE3xMqa69vwzfClrwTLjW7kmBuzXXxqPmgoc8J6kB5q9
H1SEslNq7LFtxftI/M/d07SGVlxzwMAsZhFSBJGTAR8wUpG/Vzf/
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:30 2025 by rpki-client