Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/Y_sk7fxsFLCqocOix1vCuaVe5yA.roa
File: Y_sk7fxsFLCqocOix1vCuaVe5yA.roa (raw, json)
Hash identifier: ZNx+O6PG7IqO1vvrVXZ1qzyXCNMQsTvxJL32QnxOc/M=
Subject key identifier: 63:FB:24:ED:FC:6C:14:B0:AA:A1:C3:A2:C7:5B:C2:B9:A5:5E:E7:20
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 04693676
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/Y_sk7fxsFLCqocOix1vCuaVe5yA.roa
Signing time: Sat 01 Jan 2022 11:56:45 +0000
ROA not before: Sat 01 Jan 2022 11:56:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21034
IP address blocks: 212.43.96.0/19 maxlen: 20
185.179.103.0/24 maxlen: 24
212.43.112.0/20 maxlen: 20
2a00:1be0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74004086 (0x4693676)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Jan 1 11:56:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63fb24edfc6c14b0aaa1c3a2c75bc2b9a55ee720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d8:0a:51:1b:5d:71:e9:a9:41:f9:7b:08:59:
56:18:d9:a0:e8:c2:2b:6d:db:6e:b9:d6:9a:3b:7f:
fc:5c:68:64:0a:1a:c0:ce:c3:47:3a:3c:92:e6:ef:
6c:c0:95:98:b8:74:5f:4f:15:f4:2e:3c:f3:12:20:
d4:39:23:b3:3c:f3:f8:8e:50:0d:4e:a1:a2:f4:0f:
f9:be:53:83:9b:85:fc:b0:64:6c:25:c7:0d:1a:e4:
58:33:2d:97:8b:ea:d9:6e:eb:90:62:7e:08:73:e6:
10:8e:46:49:50:d5:73:68:47:38:98:57:b0:1d:50:
e7:38:9c:14:c4:b0:c5:c0:d4:bf:69:4b:50:d5:d6:
5c:40:06:29:fb:10:94:e8:38:c3:bc:2b:6a:13:10:
47:48:61:e5:2f:a2:36:f9:67:00:bc:a3:8c:1c:05:
91:cb:a4:0b:61:d4:92:7f:97:31:ee:3c:6e:96:ec:
9b:10:2c:6f:5e:9d:fe:be:65:2a:a3:7c:85:90:2d:
7f:3e:3a:ad:9e:7a:b6:4f:7f:86:d1:78:71:d1:aa:
a9:c8:63:a9:0b:99:d6:4a:89:87:ae:e2:e6:4a:af:
a2:e4:23:b7:86:32:08:10:1f:4c:95:62:c4:06:d3:
c5:97:4b:60:b9:46:13:d8:d5:0c:68:fe:00:ed:00:
53:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FB:24:ED:FC:6C:14:B0:AA:A1:C3:A2:C7:5B:C2:B9:A5:5E:E7:20
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/Y_sk7fxsFLCqocOix1vCuaVe5yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.103.0/24
212.43.96.0/19
IPv6:
2a00:1be0::/32
Signature Algorithm: sha256WithRSAEncryption
56:3c:4b:de:52:bf:b3:fe:4f:d5:d5:2e:af:00:56:b6:7e:d3:
12:0e:fb:3c:b1:86:02:5c:de:e7:01:54:fc:c6:da:d8:bf:45:
fc:d6:b1:c7:d5:12:0b:a5:59:20:ec:04:62:9c:6d:be:23:24:
39:c9:f2:9f:24:4a:65:60:93:a6:6e:ee:c6:0c:da:a2:97:9e:
6f:b9:5e:23:17:9f:04:eb:d9:0c:3e:3c:4e:67:d3:f1:b3:a1:
70:9f:46:40:e3:ec:b4:3c:59:0c:1d:e3:1a:72:47:8e:18:f1:
13:41:29:8e:fd:84:6a:b0:2e:6f:70:9c:79:0c:77:54:87:4a:
81:79:88:fb:c2:e6:8c:94:f1:96:81:d7:de:12:3e:67:99:f7:
79:ec:cc:be:13:47:d7:a4:43:4f:63:21:bb:ef:68:aa:47:f1:
89:cb:f1:16:b8:8a:f5:5e:9b:32:c2:c4:d1:74:19:7e:52:36:
78:07:3d:66:93:db:61:d8:51:b0:3b:e8:55:04:18:3e:e5:4b:
e3:56:0f:8c:72:f1:d9:fb:c8:4e:b6:16:87:dd:d7:f1:74:a7:
d6:d2:f4:0c:a4:8e:86:b6:c7:45:24:9a:7c:23:e5:47:13:ef:
40:c6:a7:05:3c:94:0a:24:ca:6e:86:0c:3c:86:b4:a3:0b:5d:
d4:32:42:c4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBGk2djANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGYyYjlhNzU5MzU3NjgyYWM0MTliNWMwMjExY2MwZTQyMDI1MmJhMB4XDTIyMDEw
MTExNTY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNmYjI0ZWRmYzZj
MTRiMGFhYTFjM2EyYzc1YmMyYjlhNTVlZTcyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPfYClEbXXHpqUH5ewhZVhjZoOjCK23bbrnWmjt//FxoZAoa
wM7DRzo8kubvbMCVmLh0X08V9C488xIg1Dkjszzz+I5QDU6hovQP+b5Tg5uF/LBk
bCXHDRrkWDMtl4vq2W7rkGJ+CHPmEI5GSVDVc2hHOJhXsB1Q5zicFMSwxcDUv2lL
UNXWXEAGKfsQlOg4w7wrahMQR0hh5S+iNvlnALyjjBwFkcukC2HUkn+XMe48bpbs
mxAsb16d/r5lKqN8hZAtfz46rZ56tk9/htF4cdGqqchjqQuZ1kqJh67i5kqvouQj
t4YyCBAfTJVixAbTxZdLYLlGE9jVDGj+AO0AU0cCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRj+yTt/GwUsKqhw6LHW8K5pV7nIDAfBgNVHSMEGDAWgBRU8rmnWTV2gqxB
m1wCEcwOQgJSujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZQSzVwMWsxZG9Lc1FadGNBaEhNRGtJQ1Vyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMDc0ODlhLTgwNWUtNDMzOS1iNDNhLTUzOWRhNjk3NzRjOC8x
L1lfc2s3ZnhzRkxDcW9jT2l4MXZDdWFWZTV5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MDc0ODlhLTgwNWUtNDMzOS1iNDNhLTUzOWRhNjk3NzRjOC8xL1ZQSzVwMWsxZG9L
c1FadGNBaEhNRGtJQ1Vyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEALmzZwMEBdQrYDANBAIAAjAHAwUA
KgAb4DANBgkqhkiG9w0BAQsFAAOCAQEAVjxL3lK/s/5P1dUurwBWtn7TEg77PLGG
Alze5wFU/Mba2L9F/Naxx9USC6VZIOwEYpxtviMkOcnynyRKZWCTpm7uxgzaopee
b7leIxefBOvZDD48TmfT8bOhcJ9GQOPstDxZDB3jGnJHjhjxE0Epjv2EarAub3Cc
eQx3VIdKgXmI+8LmjJTxloHX3hI+Z5n3eezMvhNH16RDT2Mhu+9oqkfxicvxFriK
9V6bMsLE0XQZflI2eAc9ZpPbYdhRsDvoVQQYPuVL41YPjHLx2fvITrYWh93X8XSn
1tL0DKSOhrbHRSSafCPlRxPvQManBTyUCiTKboYMPIa0owtd1DJCxA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:01:13 2025 by rpki-client