Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/yMpL54YykpPiu-UB5vAF2VyZiL8.roa
File: yMpL54YykpPiu-UB5vAF2VyZiL8.roa (raw, json)
Hash identifier: E4xNrjhDdTNzrmlVUdQKRGleV+tz6toG5DwOk4LZtYc=
Subject key identifier: C8:CA:4B:E7:86:32:92:93:E2:BB:E5:01:E6:F0:05:D9:5C:99:88:BF
Certificate issuer: /CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf
Certificate serial: 0185710C0B5E8D18EC8463174AB9D51CAEC4
Authority key identifier: FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/yMpL54YykpPiu-UB5vAF2VyZiL8.roa
Signing time: Mon 02 Jan 2023 05:54:52 +0000
ROA not before: Mon 02 Jan 2023 05:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51800
IP address blocks: 217.28.80.0/21 maxlen: 21
217.28.88.0/21 maxlen: 21
2a02:28a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:0b:5e:8d:18:ec:84:63:17:4a:b9:d5:1c:ae:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf
Validity
Not Before: Jan 2 05:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8ca4be786329293e2bbe501e6f005d95c9988bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:b2:fb:4e:49:d2:d0:71:41:87:5a:c7:37:
84:1e:0f:a0:80:e2:b7:c3:f8:cd:0f:c1:d1:11:86:
51:e8:90:12:15:32:ef:6e:5d:e9:b6:ce:6a:bf:70:
69:60:af:d8:89:de:6e:bc:6a:5d:da:ac:e1:ad:d2:
c4:10:63:0c:1c:8a:57:19:20:75:0e:e5:7b:e7:d6:
69:91:07:78:57:df:5d:b6:9b:67:c7:e4:41:01:0c:
21:e8:57:3b:b4:af:fa:f7:00:38:39:56:9a:9f:ab:
b3:54:60:3b:b5:6c:f7:6b:7e:28:16:52:3d:b4:90:
66:3f:5f:3d:36:a8:0d:5b:2b:45:59:5b:e6:ea:9d:
6a:dc:80:42:73:48:4f:c7:77:ed:47:56:52:c2:6e:
7f:12:5b:89:54:9c:05:c1:98:83:34:fc:d9:dd:77:
ac:68:b1:33:ec:4e:ce:a3:81:4d:c2:7a:8f:1b:97:
e2:49:98:48:e1:d5:c3:a0:b9:93:53:96:67:bc:61:
5d:2f:2a:d5:60:8e:29:37:dd:cb:93:33:09:05:bc:
2a:5f:f2:ab:38:4e:dd:c9:c4:ce:c9:fd:93:5d:d7:
a6:40:6f:d2:28:4c:1e:91:64:36:af:da:9c:a0:ee:
8e:11:6f:fb:c8:a4:06:8d:65:15:6e:d0:77:0e:50:
06:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CA:4B:E7:86:32:92:93:E2:BB:E5:01:E6:F0:05:D9:5C:99:88:BF
X509v3 Authority Key Identifier:
keyid:FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/yMpL54YykpPiu-UB5vAF2VyZiL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.80.0/20
IPv6:
2a02:28a8::/32
Signature Algorithm: sha256WithRSAEncryption
17:6a:c0:d6:8e:49:45:b7:7b:15:66:35:75:35:69:1e:81:13:
af:0b:61:fe:df:89:cb:f8:3f:2d:b8:13:52:b6:08:9d:c1:03:
2f:c4:a8:68:9d:69:10:c9:89:d0:e2:5e:67:57:d1:7e:bb:27:
98:de:72:b3:40:f0:93:b1:29:79:4a:3b:63:15:f5:72:c3:73:
16:74:52:e1:98:ba:cd:bc:a8:76:32:26:df:53:fa:a6:62:89:
df:3f:18:5d:67:1a:71:74:75:f4:bd:ce:48:68:76:d3:bc:9a:
9e:28:d3:d4:ff:d5:96:14:db:d0:3f:41:69:42:2c:b6:ae:44:
b6:ac:74:6c:6d:1f:26:69:56:6e:14:68:41:a2:b2:55:75:6f:
f0:c4:f1:cf:d2:cd:23:6f:7d:8a:e0:3a:43:c8:79:ed:ea:ad:
d5:ed:76:a6:ec:e7:94:70:90:6b:8f:18:45:85:a4:e4:f1:42:
65:19:54:97:2e:50:45:08:d5:6a:96:ac:1e:10:22:ec:a4:40:
8a:12:e4:ff:37:69:ac:2b:0a:be:cf:4c:24:9b:98:5f:07:ea:
67:2c:d1:9d:68:17:69:f7:89:94:21:c2:6c:79:db:2f:70:62:
e2:69:10:bf:70:03:ee:76:1f:d1:89:dd:4b:2e:ae:8a:b3:0d:
29:e9:f8:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxDAtejRjshGMXSrnVHK7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYmY0ZDU5Y2JkOTc4YWUxMTI3YzY3ZmQyMmYwNGM2MmZm
ODM3Y2YwHhcNMjMwMTAyMDU1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGNhNGJlNzg2MzI5MjkzZTJiYmU1MDFlNmYwMDVkOTVjOTk4OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve6y+05J0tBxQYdaxzeEHg+ggOK3
w/jND8HREYZR6JASFTLvbl3pts5qv3BpYK/Yid5uvGpd2qzhrdLEEGMMHIpXGSB1
DuV759ZpkQd4V99dtptnx+RBAQwh6Fc7tK/69wA4OVaan6uzVGA7tWz3a34oFlI9
tJBmP189NqgNWytFWVvm6p1q3IBCc0hPx3ftR1ZSwm5/EluJVJwFwZiDNPzZ3Xes
aLEz7E7Oo4FNwnqPG5fiSZhI4dXDoLmTU5ZnvGFdLyrVYI4pN93LkzMJBbwqX/Kr
OE7dycTOyf2TXdemQG/SKEwekWQ2r9qcoO6OEW/7yKQGjWUVbtB3DlAG8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMjKS+eGMpKT4rvlAebwBdlcmYi/MB8GA1UdIwQY
MBaAFPu/TVnL2XiuESfGf9IvBMYv+DfPMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS03OU5XY3ZaZUs0Uko4Wl8waThFeGlfNE44OC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvODhjOTk1LWVkZTAtNGNjNC1hNjZk
LTI1YmFhODIzMGZjYi8xL3lNcEw1NFl5a3BQaXUtVUI1dkFGMlZ5WmlMOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvODhjOTk1LWVkZTAtNGNjNC1hNjZkLTI1YmFhODIzMGZj
Yi8xLzEtNzlOV2N2WmVLNFJKOFpfMGk4RXhpXzROODguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBATZHFAw
DQQCAAIwBwMFACoCKKgwDQYJKoZIhvcNAQELBQADggEBABdqwNaOSUW3exVmNXU1
aR6BE68LYf7ficv4Py24E1K2CJ3BAy/EqGidaRDJidDiXmdX0X67J5jecrNA8JOx
KXlKO2MV9XLDcxZ0UuGYus28qHYyJt9T+qZiid8/GF1nGnF0dfS9zkhodtO8mp4o
09T/1ZYU29A/QWlCLLauRLasdGxtHyZpVm4UaEGislV1b/DE8c/SzSNvfYrgOkPI
ee3qrdXtdqbs55RwkGuPGEWFpOTxQmUZVJcuUEUI1WqWrB4QIuykQIoS5P83aawr
Cr7PTCSbmF8H6mcs0Z1oF2n3iZQhwmx52y9wYuJpEL9wA+52H9GJ3UsuroqzDSnp
+Lw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:43 2025 by rpki-client