Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/yvpfrWlDsRtmW6pV4AfbXLXrX-w.roa
File: yvpfrWlDsRtmW6pV4AfbXLXrX-w.roa (raw, json)
Hash identifier: yv25XjgNwGHH8ek3BrZjP0YB2xNGnQOsGudnEsxgS2U=
Subject key identifier: CA:FA:5F:AD:69:43:B1:1B:66:5B:AA:55:E0:07:DB:5C:B5:EB:5F:EC
Certificate issuer: /CN=87e64170f9d82c51670b9a44f329b20613a8082d
Certificate serial: 07E8DF92
Authority key identifier: 87:E6:41:70:F9:D8:2C:51:67:0B:9A:44:F3:29:B2:06:13:A8:08:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/yvpfrWlDsRtmW6pV4AfbXLXrX-w.roa
Signing time: Sat 01 Jan 2022 04:58:02 +0000
ROA not before: Sat 01 Jan 2022 04:58:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41887
IP address blocks: 195.72.120.0/23 maxlen: 24
2001:678:56c::/48 maxlen: 49
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132702098 (0x7e8df92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e64170f9d82c51670b9a44f329b20613a8082d
Validity
Not Before: Jan 1 04:58:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cafa5fad6943b11b665baa55e007db5cb5eb5fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:70:f0:24:e1:fd:4a:b4:31:a4:69:5a:68:
04:ad:c2:f5:07:a3:5a:b5:5b:46:04:ed:5f:6b:98:
b0:97:c7:6c:75:d8:48:99:c5:d9:7c:13:b4:59:a2:
1b:45:c5:c4:c3:63:bb:b7:c1:22:7c:57:12:7b:1d:
c0:f3:b5:77:83:82:8f:28:17:77:6a:bc:bb:2c:de:
55:74:3f:ea:b9:94:41:13:36:4f:2b:e7:57:0e:6f:
da:9c:d0:a3:34:69:62:52:f3:94:cf:4c:b3:e5:21:
80:e2:d6:75:d5:6c:cd:59:5b:96:4e:c0:d7:f9:49:
35:ec:43:b0:71:57:0e:69:d2:4c:73:7d:9b:5b:35:
f9:44:f1:b4:0f:d5:bf:63:38:03:c5:ce:37:e2:99:
d1:f5:23:29:13:fa:27:20:73:78:1f:8b:eb:fb:09:
14:03:48:ee:15:13:1f:e3:36:21:7f:dd:72:b9:f2:
db:eb:9c:84:f2:37:fe:5f:73:eb:cc:5b:6f:f8:c1:
86:12:4a:42:a2:04:3b:9b:48:94:53:f1:55:04:65:
8d:4e:a8:b1:60:26:dd:3b:7d:4f:dc:e8:0d:29:9a:
02:11:69:c5:e1:f9:91:c4:64:bb:d0:db:24:3b:cb:
90:a4:b8:04:9e:ca:a5:70:52:66:5b:c7:49:05:66:
20:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FA:5F:AD:69:43:B1:1B:66:5B:AA:55:E0:07:DB:5C:B5:EB:5F:EC
X509v3 Authority Key Identifier:
keyid:87:E6:41:70:F9:D8:2C:51:67:0B:9A:44:F3:29:B2:06:13:A8:08:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/yvpfrWlDsRtmW6pV4AfbXLXrX-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.72.120.0/23
IPv6:
2001:678:56c::/48
Signature Algorithm: sha256WithRSAEncryption
a8:02:4b:4b:97:e6:a8:6a:6f:fc:6e:00:1e:10:8e:7c:2d:6b:
42:81:ce:1b:a8:61:ce:eb:75:39:27:51:b5:dd:8d:be:ba:5f:
16:73:9e:af:47:6b:28:44:5b:9d:f8:6f:e5:09:39:5f:17:b3:
4b:93:59:7d:07:56:9a:98:ac:91:38:f3:e0:6b:63:75:d2:86:
93:ae:24:20:57:07:91:21:bc:f4:4a:32:8b:d1:79:66:2f:f0:
63:77:77:00:98:ee:f8:f3:13:49:7f:4b:8b:e8:23:55:7e:8c:
66:1f:33:7a:f7:c7:84:cb:8c:5d:53:7e:33:05:06:be:5e:35:
95:00:24:bf:d4:ac:e2:7f:6c:9d:9c:ca:36:b3:01:a5:77:87:
cc:72:5c:cf:c6:f2:11:d4:0e:23:d9:10:79:5a:16:31:c0:f2:
d9:6f:49:b2:85:0c:00:6a:af:16:ec:a6:2c:69:d5:3c:e5:bd:
3c:42:6d:de:27:50:c5:93:58:e8:a0:5f:ff:ce:40:db:20:9a:
86:d2:48:55:35:98:53:8c:ef:16:42:9e:c5:25:ea:be:33:47:
3e:a4:9c:ec:90:9c:f5:0c:d9:f8:e7:4b:9d:d2:86:f3:39:68:
1d:f4:7a:6c:f2:e2:1f:c5:fb:03:64:09:40:c6:8b:03:93:dd:
7b:16:b8:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEB+jfkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2U2NDE3MGY5ZDgyYzUxNjcwYjlhNDRmMzI5YjIwNjEzYTgwODJkMB4XDTIyMDEw
MTA0NTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FmYTVmYWQ2OTQz
YjExYjY2NWJhYTU1ZTAwN2RiNWNiNWViNWZlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxQcPAk4f1KtDGkaVpoBK3C9QejWrVbRgTtX2uYsJfHbHXY
SJnF2XwTtFmiG0XFxMNju7fBInxXEnsdwPO1d4OCjygXd2q8uyzeVXQ/6rmUQRM2
TyvnVw5v2pzQozRpYlLzlM9Ms+UhgOLWddVszVlblk7A1/lJNexDsHFXDmnSTHN9
m1s1+UTxtA/Vv2M4A8XON+KZ0fUjKRP6JyBzeB+L6/sJFANI7hUTH+M2IX/dcrny
2+uchPI3/l9z68xbb/jBhhJKQqIEO5tIlFPxVQRljU6osWAm3Tt9T9zoDSmaAhFp
xeH5kcRku9DbJDvLkKS4BJ7KpXBSZlvHSQVmIPMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTK+l+taUOxG2ZbqlXgB9tctetf7DAfBgNVHSMEGDAWgBSH5kFw+dgsUWcL
mkTzKbIGE6gILTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gtWkJjUG5ZTEZGbkM1cEU4eW15QmhPb0NDMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvYmViMjlkLWYwZWUtNDA3YS05NzAyLTZlMTNjY2JmNDkwNi8x
L3l2cGZyV2xEc1J0bVc2cFY0QWZiWExYclgtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
YmViMjlkLWYwZWUtNDA3YS05NzAyLTZlMTNjY2JmNDkwNi8xL2gtWkJjUG5ZTEZG
bkM1cEU4eW15QmhPb0NDMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcNIeDAPBAIAAjAJAwcAIAEGeAVs
MA0GCSqGSIb3DQEBCwUAA4IBAQCoAktLl+aoam/8bgAeEI58LWtCgc4bqGHO63U5
J1G13Y2+ul8Wc56vR2soRFud+G/lCTlfF7NLk1l9B1aamKyROPPga2N10oaTriQg
VweRIbz0SjKL0XlmL/Bjd3cAmO748xNJf0uL6CNVfoxmHzN698eEy4xdU34zBQa+
XjWVACS/1Kzif2ydnMo2swGld4fMclzPxvIR1A4j2RB5WhYxwPLZb0myhQwAaq8W
7KYsadU85b08Qm3eJ1DFk1jooF//zkDbIJqG0khVNZhTjO8WQp7FJeq+M0c+pJzs
kJz1DNn450ud0obzOWgd9Hps8uIfxfsDZAlAxosDk917Frjs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:39 2025 by rpki-client