Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/yrAWMm-FJfPT5px1siZ5XQmzDCk.roa
File: yrAWMm-FJfPT5px1siZ5XQmzDCk.roa (raw, json)
Hash identifier: 8oipu+CVOhAVCmME/YxntW4VBpKPQu40qFs8+4VdLV0=
Subject key identifier: CA:B0:16:32:6F:85:25:F3:D3:E6:9C:75:B2:26:79:5D:09:B3:0C:29
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 01856F0B5BE44BC111165286978673A0F36C
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/yrAWMm-FJfPT5px1siZ5XQmzDCk.roa
Signing time: Sun 01 Jan 2023 20:34:53 +0000
ROA not before: Sun 01 Jan 2023 20:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21034
IP address blocks: 212.43.96.0/19 maxlen: 20
185.179.103.0/24 maxlen: 24
185.2.146.0/23 maxlen: 23
212.43.112.0/20 maxlen: 20
2a00:1be0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:5b:e4:4b:c1:11:16:52:86:97:86:73:a0:f3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Jan 1 20:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cab016326f8525f3d3e69c75b226795d09b30c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:87:13:5f:73:49:1c:1e:ed:4b:d2:f1:e1:f9:
71:3a:73:5f:6b:d9:41:11:62:80:1f:b7:57:ed:c9:
cb:6c:b2:04:c1:bb:55:20:13:35:5a:89:a0:32:40:
a1:ed:5a:4a:60:7c:76:56:0d:1a:5d:00:20:fe:54:
46:da:c4:5a:69:d4:c2:d4:1f:d5:f0:2c:37:d7:fa:
69:c2:c5:f6:c0:7f:9a:27:d0:a7:ad:b5:54:95:e9:
28:c6:63:b6:62:4a:8f:db:45:47:b0:4c:8c:4c:02:
a2:2c:e7:41:37:e2:a9:7a:86:5f:b1:77:1b:a6:64:
b4:6c:7d:e7:bf:02:b7:3e:8f:bf:5b:54:ee:a7:34:
b6:2e:30:34:ea:d4:d1:bb:8c:1f:ec:ad:69:a9:a2:
8d:4a:c9:38:31:ec:2c:1c:ee:15:cd:78:7d:14:07:
22:62:d5:9f:f4:3f:97:98:fd:b3:6a:f7:2a:39:35:
2e:b3:39:f5:03:5c:22:3c:8d:64:d8:c8:cf:a2:ed:
bf:91:82:1d:38:cc:2e:89:b1:5c:01:64:c4:28:30:
fc:f0:b4:34:bb:00:3c:e7:c0:2a:0e:5e:f0:76:f4:
39:97:68:76:b3:89:02:fb:4b:0a:a8:25:34:22:e8:
da:c6:3a:b7:19:f1:2d:f9:5d:ef:32:5a:c5:73:0b:
de:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B0:16:32:6F:85:25:F3:D3:E6:9C:75:B2:26:79:5D:09:B3:0C:29
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/yrAWMm-FJfPT5px1siZ5XQmzDCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.146.0/23
185.179.103.0/24
212.43.96.0/19
IPv6:
2a00:1be0::/32
Signature Algorithm: sha256WithRSAEncryption
4c:73:fc:c0:4c:99:53:db:17:83:ed:1f:e2:70:7e:b4:08:0d:
36:3e:4a:42:fc:93:b8:4e:a9:d0:ec:19:37:b5:93:0c:a0:2e:
30:ff:bd:d4:38:c9:33:84:e0:f9:0a:b7:08:4d:fe:c9:66:0c:
de:3a:1f:d8:0e:98:e7:23:a8:07:12:99:c4:3a:6b:90:34:9c:
f2:32:c1:c2:2d:2d:6f:75:42:fa:0d:0a:f3:20:35:e1:97:aa:
e6:39:ec:d0:66:a4:f5:90:71:fa:62:f9:c6:5d:28:e6:65:41:
c7:e0:c1:6b:d7:03:e7:75:88:2f:60:f9:10:ae:78:e6:ec:82:
58:77:42:95:77:a5:71:7e:28:0a:80:23:d5:ad:ed:32:74:f0:
58:8d:a1:a3:af:f0:22:ff:52:6e:c0:b4:d5:4a:e0:65:68:57:
ce:05:d8:84:61:80:a5:2a:42:4d:6e:a3:f9:57:6c:cc:4e:06:
c8:db:c5:ef:4c:2f:91:da:33:08:dc:d9:9a:62:79:94:c2:e4:
7e:28:5c:be:32:53:70:d5:37:b2:58:38:81:b9:a0:10:e2:1a:
52:b0:c4:a9:5c:4d:e9:a5:8b:3f:63:da:d9:ec:ab:af:72:40:
9e:13:75:53:78:3b:b0:54:d6:33:a0:66:06:d7:cb:86:2f:64:
63:d0:d1:76
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvC1vkS8ERFlKGl4ZzoPNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjMwMTAxMjAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIwMTYzMjZmODUyNWYzZDNlNjljNzViMjI2Nzk1ZDA5YjMwYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiocTX3NJHB7tS9Lx4flxOnNfa9lB
EWKAH7dX7cnLbLIEwbtVIBM1WomgMkCh7VpKYHx2Vg0aXQAg/lRG2sRaadTC1B/V
8Cw31/ppwsX2wH+aJ9CnrbVUlekoxmO2YkqP20VHsEyMTAKiLOdBN+KpeoZfsXcb
pmS0bH3nvwK3Po+/W1TupzS2LjA06tTRu4wf7K1pqaKNSsk4MewsHO4VzXh9FAci
YtWf9D+XmP2zavcqOTUuszn1A1wiPI1k2MjPou2/kYIdOMwuibFcAWTEKDD88LQ0
uwA858AqDl7wdvQ5l2h2s4kC+0sKqCU0Iujaxjq3GfEt+V3vMlrFcwveRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMqwFjJvhSXz0+acdbImeV0JswwpMB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEveXJBV01tLUZKZlBUNXB4MXNpWjVYUW16RENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuQKSAwQA
ubNnAwQF1CtgMA0EAgACMAcDBQAqABvgMA0GCSqGSIb3DQEBCwUAA4IBAQBMc/zA
TJlT2xeD7R/icH60CA02PkpC/JO4TqnQ7Bk3tZMMoC4w/73UOMkzhOD5CrcITf7J
ZgzeOh/YDpjnI6gHEpnEOmuQNJzyMsHCLS1vdUL6DQrzIDXhl6rmOezQZqT1kHH6
YvnGXSjmZUHH4MFr1wPndYgvYPkQrnjm7IJYd0KVd6VxfigKgCPVre0ydPBYjaGj
r/Ai/1JuwLTVSuBlaFfOBdiEYYClKkJNbqP5V2zMTgbI28XvTC+R2jMI3NmaYnmU
wuR+KFy+MlNw1TeyWDiBuaAQ4hpSsMSpXE3ppYs/Y9rZ7KuvckCeE3VTeDuwVNYz
oGYG18uGL2Rj0NF2
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:00:57 2025 by rpki-client