Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/RYml68T3UQMTzrrlcYhdiIIb9Ck.roa
File: RYml68T3UQMTzrrlcYhdiIIb9Ck.roa (raw, json)
Hash identifier: QXQT9zfnhuh/SiAmEYQ/zFWB8f9/g9r9LeSYzVUsKFg=
Subject key identifier: 45:89:A5:EB:C4:F7:51:03:13:CE:BA:E5:71:88:5D:88:82:1B:F4:29
Certificate issuer: /CN=412ac83a27ca8723c61b1446c3e678110c650689
Certificate serial: 09EA52D3
Authority key identifier: 41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/RYml68T3UQMTzrrlcYhdiIIb9Ck.roa
Signing time: Sat 01 Jan 2022 12:01:22 +0000
ROA not before: Sat 01 Jan 2022 12:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44207
IP address blocks: 193.111.112.0/23 maxlen: 23
193.111.108.0/22 maxlen: 22
194.9.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166351571 (0x9ea52d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412ac83a27ca8723c61b1446c3e678110c650689
Validity
Not Before: Jan 1 12:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4589a5ebc4f7510313cebae571885d88821bf429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f1:85:0f:af:70:ce:9a:b7:6f:de:b8:79:7b:
cf:c4:74:f8:3d:4b:a5:46:8c:53:f8:c2:f2:56:e3:
f8:ae:89:64:4b:e5:49:c2:52:02:e6:38:68:a9:3d:
56:24:3c:21:88:63:d5:2c:0f:13:5f:62:2e:a1:b5:
6b:bd:05:4a:02:1b:38:9a:fe:59:b1:33:e6:6b:82:
e0:02:68:25:74:c4:d7:aa:cc:4e:87:5b:93:6f:8d:
a1:e3:a4:ad:19:81:1e:0a:61:c6:42:94:8f:c3:b9:
79:d0:3f:af:74:10:88:c1:ba:bb:54:c8:cc:9d:d9:
1a:b0:cd:c9:d0:16:67:64:00:55:06:3a:ce:8e:a2:
bd:5f:a9:99:3a:fc:c0:7a:00:4c:7b:2d:79:15:35:
30:6c:b0:9f:20:5b:01:a5:44:c6:2f:de:0e:9f:7c:
7d:9f:5e:78:72:90:82:02:38:50:39:75:5f:8a:97:
2f:6d:98:ca:c1:ed:0c:4b:48:be:7f:ce:7b:7d:05:
fe:71:b3:f2:ae:c8:05:d4:48:53:23:41:f3:c2:71:
18:c7:6e:48:46:92:73:d0:c6:3e:19:8d:e1:d5:2c:
b0:f2:d9:73:90:f7:7c:09:89:4c:85:e0:27:ac:4b:
55:7b:41:3a:e4:01:b6:7f:c3:2a:d1:2e:8b:f7:cd:
6c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:89:A5:EB:C4:F7:51:03:13:CE:BA:E5:71:88:5D:88:82:1B:F4:29
X509v3 Authority Key Identifier:
keyid:41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/RYml68T3UQMTzrrlcYhdiIIb9Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.108.0-193.111.113.255
194.9.168.0/23
Signature Algorithm: sha256WithRSAEncryption
53:fb:ba:35:1c:a4:d7:ca:5a:61:ca:3e:ed:6c:30:0b:5f:81:
5c:17:3c:c6:a7:61:80:18:a2:10:ea:6f:96:b0:5e:f8:c0:7e:
e7:2b:a6:24:bb:bd:95:ae:87:ee:8e:6a:0a:d3:97:fb:3f:f6:
cd:3b:af:37:28:91:01:48:ee:bb:8d:cb:29:04:cb:bf:78:5e:
d6:84:5a:3b:81:38:d4:96:e1:04:12:10:a9:bf:ff:c7:31:32:
e6:30:c5:bc:53:d5:f5:8b:c8:50:7b:46:ef:24:9c:e1:a1:f8:
9b:4a:f5:41:a4:7e:41:7b:eb:1a:43:c6:e5:cb:cc:09:3b:16:
89:a2:73:bc:03:3d:a5:77:2d:fc:3b:41:2b:55:d0:e7:34:ac:
fa:9b:59:b3:84:70:0c:2a:23:bd:24:c7:59:fa:74:ec:4f:4c:
51:70:1c:78:62:15:8f:35:96:4e:5f:da:90:4f:0e:91:79:e4:
7f:31:e8:ad:bd:96:c1:63:43:d0:35:bc:5b:2d:f6:f2:13:83:
22:61:cb:51:d0:ea:6a:8e:2d:ad:a8:2b:04:e1:2a:47:52:78:
6f:5e:c4:f7:51:a3:29:92:1b:0d:28:be:d1:85:9c:03:12:5e:
d8:f1:e4:6b:5a:20:af:84:48:0b:c6:b0:6e:08:ef:45:23:77:
19:21:99:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECepS0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTJhYzgzYTI3Y2E4NzIzYzYxYjE0NDZjM2U2NzgxMTBjNjUwNjg5MB4XDTIyMDEw
MTEyMDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDU4OWE1ZWJjNGY3
NTEwMzEzY2ViYWU1NzE4ODVkODg4MjFiZjQyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvxhQ+vcM6at2/euHl7z8R0+D1LpUaMU/jC8lbj+K6JZEvl
ScJSAuY4aKk9ViQ8IYhj1SwPE19iLqG1a70FSgIbOJr+WbEz5muC4AJoJXTE16rM
Todbk2+NoeOkrRmBHgphxkKUj8O5edA/r3QQiMG6u1TIzJ3ZGrDNydAWZ2QAVQY6
zo6ivV+pmTr8wHoATHsteRU1MGywnyBbAaVExi/eDp98fZ9eeHKQggI4UDl1X4qX
L22YysHtDEtIvn/Oe30F/nGz8q7IBdRIUyNB88JxGMduSEaSc9DGPhmN4dUssPLZ
c5D3fAmJTIXgJ6xLVXtBOuQBtn/DKtEui/fNbEMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRFiaXrxPdRAxPOuuVxiF2Ighv0KTAfBgNVHSMEGDAWgBRBKsg6J8qHI8Yb
FEbD5ngRDGUGiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FTcklPaWZLaHlQR0d4Ukd3LVo0RVF4bEJvay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvMzIxYzBkLTM2NzEtNDkyNy04OTM3LTFmODU2YzA5M2FlOC8x
L1JZbWw2OFQzVVFNVHpycmxjWWhkaUlJYjlDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
MzIxYzBkLTM2NzEtNDkyNy04OTM3LTFmODU2YzA5M2FlOC8xL1FTcklPaWZLaHlQ
R0d4Ukd3LVo0RVF4bEJvay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQCwW9sAwQBwW9wAwQBwgmoMA0G
CSqGSIb3DQEBCwUAA4IBAQBT+7o1HKTXylphyj7tbDALX4FcFzzGp2GAGKIQ6m+W
sF74wH7nK6Yku72VrofujmoK05f7P/bNO683KJEBSO67jcspBMu/eF7WhFo7gTjU
luEEEhCpv//HMTLmMMW8U9X1i8hQe0bvJJzhofibSvVBpH5Be+saQ8bly8wJOxaJ
onO8Az2ldy38O0ErVdDnNKz6m1mzhHAMKiO9JMdZ+nTsT0xRcBx4YhWPNZZOX9qQ
Tw6ReeR/MeitvZbBY0PQNbxbLfbyE4MiYctR0Opqji2tqCsE4SpHUnhvXsT3UaMp
khsNKL7RhZwDEl7Y8eRrWiCvhEgLxrBuCO9FI3cZIZlD
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:44:12 2025 by rpki-client