Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/ywt0Pst_oIz6kdIa3p5SNlBdv5Y.roa
File: ywt0Pst_oIz6kdIa3p5SNlBdv5Y.roa (raw, json)
Hash identifier: 0fxovWQc7hP520/P2xZh5wS58B/udgxljG6JIvmFCzs=
Subject key identifier: CB:0B:74:3E:CB:7F:A0:8C:FA:91:D2:1A:DE:9E:52:36:50:5D:BF:96
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 018311587B6B2C6C3A138932CB5C392E86AE
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/ywt0Pst_oIz6kdIa3p5SNlBdv5Y.roa
Signing time: Tue 06 Sep 2022 05:49:14 +0000
ROA not before: Tue 06 Sep 2022 05:49:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35579
IP address blocks: 92.63.213.0/24 maxlen: 24
78.142.66.0/23 maxlen: 23
78.142.85.0/24 maxlen: 24
78.142.80.0/22 maxlen: 24
78.142.86.0/23 maxlen: 23
78.142.90.0/24 maxlen: 24
78.142.88.0/23 maxlen: 23
195.16.244.0/24 maxlen: 24
2a04:5080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:11:58:7b:6b:2c:6c:3a:13:89:32:cb:5c:39:2e:86:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Sep 6 05:49:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb0b743ecb7fa08cfa91d21ade9e5236505dbf96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d3:e2:b5:e2:c6:89:99:37:1f:8b:1f:60:c9:
41:20:b3:bd:a3:b6:ff:f4:72:d7:e9:4e:81:2e:0f:
17:7f:4b:d8:cd:72:17:81:77:ac:0d:c1:df:a8:59:
a5:41:9f:ce:1f:2c:f4:e4:32:c1:de:6e:fc:80:cc:
bb:41:bd:7b:4a:fe:3f:ac:7a:17:8c:65:d8:82:12:
81:33:1b:be:04:52:79:6f:2d:51:58:80:94:6b:54:
fb:f1:0d:eb:fb:44:6b:c8:7e:1d:c3:80:b7:ff:0a:
f2:3a:cd:8d:44:f2:f9:55:db:94:cd:a3:69:00:68:
7e:d8:b4:3f:af:a8:93:d1:d2:f9:77:60:84:85:ab:
21:cf:ae:ff:3d:e8:bc:55:1a:7a:2f:1e:5a:9c:47:
cf:6b:8c:7d:2a:83:c7:88:d1:96:9f:e5:b0:49:22:
16:28:2d:28:3f:2e:77:b9:c3:80:4f:ee:49:50:90:
37:24:a0:38:61:7b:40:bd:74:c5:6b:7d:6f:3d:46:
71:e1:91:48:7b:81:80:1e:ee:9c:86:45:9c:a8:8d:
71:09:b3:1e:25:77:42:15:c9:39:ad:0d:a7:d5:ec:
20:68:f5:1c:ea:a3:f3:d2:c0:7c:5a:fc:27:fc:05:
1a:74:ea:52:d0:10:10:16:30:e4:a9:7c:4e:ba:c8:
43:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0B:74:3E:CB:7F:A0:8C:FA:91:D2:1A:DE:9E:52:36:50:5D:BF:96
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/ywt0Pst_oIz6kdIa3p5SNlBdv5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.66.0/23
78.142.80.0/22
78.142.85.0-78.142.90.255
92.63.213.0/24
195.16.244.0/24
IPv6:
2a04:5080::/29
Signature Algorithm: sha256WithRSAEncryption
1f:81:cb:31:ed:46:6d:cf:ee:e9:00:06:0d:7a:cc:7f:fc:36:
ff:51:74:e8:2a:4c:01:16:b1:65:09:6c:3f:51:b4:0a:9a:29:
33:af:5f:1e:ab:49:e6:a1:52:bd:04:0f:d3:d9:49:ee:95:2e:
19:02:c8:08:3f:5b:bd:4e:ee:42:77:d6:f7:a1:70:96:71:32:
c7:96:2d:02:55:2a:ee:d7:ce:dc:69:d0:a4:e1:cf:26:89:04:
db:4a:13:f9:88:1b:24:75:f3:5f:70:67:cc:93:a2:e0:09:27:
bc:d6:bf:73:a5:89:a4:be:ba:d1:de:84:0c:f5:45:7e:f0:ff:
d8:b6:f8:ff:db:26:25:36:1a:f0:27:72:49:de:ad:6b:d8:2f:
2f:b0:ef:c2:1f:75:f5:d6:f4:fc:63:da:b9:77:22:cd:d6:17:
a6:6f:62:0b:51:56:39:f1:55:c5:4b:d6:29:46:20:c8:56:05:
11:5b:6a:6e:48:e9:a5:7d:fc:70:b9:6c:e1:51:30:d2:ea:e4:
80:10:8e:79:08:8e:da:ee:73:85:23:00:80:90:6f:69:53:02:
3f:8a:25:11:98:55:7e:f5:1d:b3:16:6a:7e:1d:52:31:55:e4:
93:0e:19:1d:22:80:89:0b:c1:81:45:a4:f3:4b:8b:6c:54:bb:
81:e8:36:10
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYMRWHtrLGw6E4kyy1w5LoauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjIwOTA2MDU0OTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBiNzQzZWNiN2ZhMDhjZmE5MWQyMWFkZTllNTIzNjUwNWRiZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNPiteLGiZk3H4sfYMlBILO9o7b/
9HLX6U6BLg8Xf0vYzXIXgXesDcHfqFmlQZ/OHyz05DLB3m78gMy7Qb17Sv4/rHoX
jGXYghKBMxu+BFJ5by1RWICUa1T78Q3r+0RryH4dw4C3/wryOs2NRPL5VduUzaNp
AGh+2LQ/r6iT0dL5d2CEhashz67/Pei8VRp6Lx5anEfPa4x9KoPHiNGWn+WwSSIW
KC0oPy53ucOAT+5JUJA3JKA4YXtAvXTFa31vPUZx4ZFIe4GAHu6chkWcqI1xCbMe
JXdCFck5rQ2n1ewgaPUc6qPz0sB8Wvwn/AUadOpS0BAQFjDkqXxOushD+wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMsLdD7Lf6CM+pHSGt6eUjZQXb+WMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEveXd0MFBzdF9vSXo2a2RJYTNwNVNObEJkdjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQBTo5CAwQC
To5QMAwDBABOjlUDBABOjloDBABcP9UDBADDEPQwDQQCAAIwBwMFAyoEUIAwDQYJ
KoZIhvcNAQELBQADggEBAB+ByzHtRm3P7ukABg16zH/8Nv9RdOgqTAEWsWUJbD9R
tAqaKTOvXx6rSeahUr0ED9PZSe6VLhkCyAg/W71O7kJ31vehcJZxMseWLQJVKu7X
ztxp0KThzyaJBNtKE/mIGyR1819wZ8yTouAJJ7zWv3OliaS+utHehAz1RX7w/9i2
+P/bJiU2GvAncknerWvYLy+w78IfdfXW9Pxj2rl3Is3WF6ZvYgtRVjnxVcVL1ilG
IMhWBRFbam5I6aV9/HC5bOFRMNLq5IAQjnkIjtruc4UjAICQb2lTAj+KJRGYVX71
HbMWan4dUjFV5JMOGR0igIkLwYFFpPNLi2xUu4HoNhA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:48 2025 by rpki-client