Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/yPM1KXPlPnzY84hCLrAGwOTfAEg.roa
File: yPM1KXPlPnzY84hCLrAGwOTfAEg.roa (raw, json)
Hash identifier: He4n3ay0MT5TqnWhyv/jRPGUJ9bi8twk1mCiaO5ehds=
Subject key identifier: C8:F3:35:29:73:E5:3E:7C:D8:F3:88:42:2E:B0:06:C0:E4:DF:00:48
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 01864FB1B14E539D06AB0E481AC0D4902DAF
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/yPM1KXPlPnzY84hCLrAGwOTfAEg.roa
Signing time: Tue 14 Feb 2023 11:31:30 +0000
ROA not before: Tue 14 Feb 2023 11:31:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203905
IP address blocks: 185.33.169.0/24 maxlen: 24
185.33.170.0/24 maxlen: 24
2a00:6ba0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:b1:b1:4e:53:9d:06:ab:0e:48:1a:c0:d4:90:2d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Feb 14 11:31:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8f3352973e53e7cd8f388422eb006c0e4df0048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:65:56:ca:c9:61:c5:24:c7:d7:da:7f:14:36:
45:c5:4b:24:4c:9c:27:17:c5:e8:28:74:67:cf:e9:
3a:d9:a6:4c:11:20:9d:25:7d:97:58:3d:cc:a7:65:
4a:da:c1:32:c6:95:c8:0d:ad:fe:38:e4:fa:7b:61:
3c:5f:25:b3:48:c3:ea:ce:77:0a:d8:c6:2c:b7:c5:
19:a2:08:2b:40:28:96:10:a3:b3:46:df:4e:34:fb:
2f:24:ae:d8:10:7f:40:64:44:4d:cd:ad:84:66:7d:
56:7b:21:28:03:16:31:f6:b2:fc:6f:28:d0:ff:9e:
c9:f3:68:bd:b8:26:fb:b8:9e:0f:dc:62:b0:46:01:
16:b9:7f:bd:1e:f7:4a:a5:bb:14:aa:bc:d4:19:3a:
8e:92:5f:76:3f:f4:0b:af:22:2e:c9:20:65:a1:d6:
06:be:87:e2:a9:09:b8:56:d2:c0:47:2a:b5:7a:ba:
d1:4a:cd:0d:fc:bc:fd:ed:ba:f9:17:e5:c0:60:d3:
08:01:33:1c:ca:4a:f7:6b:a6:72:c0:d9:85:e3:4b:
7c:31:b5:aa:5a:71:9d:6c:ee:86:a7:dc:39:30:01:
31:ff:6f:f8:19:4e:56:9b:c3:1f:74:ee:11:e1:66:
5a:c9:01:6f:4b:65:39:9c:91:d5:77:fb:71:1a:93:
65:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F3:35:29:73:E5:3E:7C:D8:F3:88:42:2E:B0:06:C0:E4:DF:00:48
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/yPM1KXPlPnzY84hCLrAGwOTfAEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.169.0-185.33.170.255
IPv6:
2a00:6ba0::/32
Signature Algorithm: sha256WithRSAEncryption
99:53:0f:82:a5:c8:05:94:df:c5:e5:45:28:8a:9f:ee:8a:29:
4b:87:19:bd:1e:af:61:26:5f:3c:96:b3:df:33:4b:1c:0a:5d:
2e:b1:77:eb:66:a6:c0:e2:90:ac:73:3f:23:a3:1d:b3:a4:61:
ed:44:b3:2d:d6:2e:05:7f:e1:ef:4f:a4:73:a8:11:ad:8d:1a:
bb:6b:cb:6f:d7:bd:f1:25:a8:94:78:8e:75:31:18:d2:0e:78:
4c:32:9b:f1:c0:b9:b4:e7:16:d4:5c:12:b4:b2:8d:11:a4:55:
ee:03:7e:a8:d1:18:8c:9f:0a:20:91:e6:a7:56:ce:13:83:18:
d4:f7:02:b8:6e:5f:0b:d1:ff:88:71:c1:7a:48:ad:1e:4d:0e:
fb:e4:ec:ad:af:b9:01:14:d0:9a:39:a1:4e:c9:6d:ab:d5:22:
fa:5f:39:84:95:0a:49:76:b8:25:f8:38:dc:f5:e0:13:e8:7a:
1d:44:3c:8f:2c:e0:d4:06:38:cf:4c:6c:dd:e6:97:5a:be:59:
a7:63:98:5b:bc:55:4a:8c:59:93:69:bc:2a:58:19:29:14:62:
94:2f:c1:13:36:47:7a:b9:ea:11:0a:e2:46:1c:53:c0:14:79:
f7:76:a6:ae:c8:76:3f:48:a8:cd:52:5a:51:fa:22:f9:86:74:
f3:aa:a8:27
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYZPsbFOU50Gqw5IGsDUkC2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMjE0MTEzMTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYzMzUyOTczZTUzZTdjZDhmMzg4NDIyZWIwMDZjMGU0ZGYwMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2VWyslhxSTH19p/FDZFxUskTJwn
F8XoKHRnz+k62aZMESCdJX2XWD3Mp2VK2sEyxpXIDa3+OOT6e2E8XyWzSMPqzncK
2MYst8UZoggrQCiWEKOzRt9ONPsvJK7YEH9AZERNza2EZn1WeyEoAxYx9rL8byjQ
/57J82i9uCb7uJ4P3GKwRgEWuX+9HvdKpbsUqrzUGTqOkl92P/QLryIuySBlodYG
vofiqQm4VtLARyq1errRSs0N/Lz97br5F+XAYNMIATMcykr3a6ZywNmF40t8MbWq
WnGdbO6Gp9w5MAEx/2/4GU5Wm8MfdO4R4WZayQFvS2U5nJHVd/txGpNlJQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMjzNSlz5T582POIQi6wBsDk3wBIMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEveVBNMUtYUGxQbnpZODRoQ0xyQUd3T1RmQUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5IakD
BAC5IaowDQQCAAIwBwMFACoAa6AwDQYJKoZIhvcNAQELBQADggEBAJlTD4KlyAWU
38XlRSiKn+6KKUuHGb0er2EmXzyWs98zSxwKXS6xd+tmpsDikKxzPyOjHbOkYe1E
sy3WLgV/4e9PpHOoEa2NGrtry2/XvfElqJR4jnUxGNIOeEwym/HAubTnFtRcErSy
jRGkVe4DfqjRGIyfCiCR5qdWzhODGNT3ArhuXwvR/4hxwXpIrR5NDvvk7K2vuQEU
0Jo5oU7JbavVIvpfOYSVCkl2uCX4ONz14BPoeh1EPI8s4NQGOM9MbN3ml1q+Wadj
mFu8VUqMWZNpvCpYGSkUYpQvwRM2R3q56hEK4kYcU8AUefd2pq7Idj9IqM1SWlH6
IvmGdPOqqCc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:31 2025 by rpki-client