Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/YSP_3MGidnBRXT2AMhpfe3oxCFc.roa
File: YSP_3MGidnBRXT2AMhpfe3oxCFc.roa (raw, json)
Hash identifier: T/6duUiygXPrNsGZETNd9Rc7BWEeYmwZphwuboG1858=
Subject key identifier: 61:23:FF:DC:C1:A2:76:70:51:5D:3D:80:32:1A:5F:7B:7A:31:08:57
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 0187AEA1A48B9B0D573D537925999FC73FD8
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/YSP_3MGidnBRXT2AMhpfe3oxCFc.roa
Signing time: Sun 23 Apr 2023 15:00:41 +0000
ROA not before: Sun 23 Apr 2023 15:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2
IP address blocks: 188.124.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ae:a1:a4:8b:9b:0d:57:3d:53:79:25:99:9f:c7:3f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Apr 23 15:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6123ffdcc1a27670515d3d80321a5f7b7a310857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3e:88:0e:ea:42:e2:56:fc:ec:69:0d:6b:2f:
78:22:1d:f4:5a:cf:fd:af:34:72:71:a1:ae:b3:0d:
04:9d:ab:02:37:ad:be:6d:68:e4:3e:ce:a3:06:4d:
47:3e:18:37:9e:64:b6:03:ab:22:2c:92:f7:7e:7a:
22:b5:07:99:31:05:3d:33:41:fb:3c:04:0b:91:36:
52:ab:c9:10:4a:6b:00:86:52:da:92:e5:af:45:4e:
53:19:61:24:a5:fb:17:8c:d7:68:ea:34:dc:5b:1d:
bb:8d:96:16:58:d2:f6:12:16:87:8a:6f:44:67:21:
9d:3a:71:4c:3c:06:ba:01:56:35:d5:ac:11:1b:0c:
31:b6:b8:a9:d8:02:bf:18:29:d9:fe:69:60:6a:8a:
c6:36:41:81:14:36:99:17:9a:76:25:2c:42:bd:10:
2c:ec:1d:71:3d:5f:6b:1d:e7:02:f4:8d:38:0b:2b:
c9:ea:24:01:8d:b1:a6:9f:5a:7b:d4:25:c3:2e:38:
a1:81:83:b0:7d:4a:c3:3a:ec:fe:64:c9:e3:b3:b7:
ad:61:f8:85:db:5d:46:4b:6e:7f:d0:0d:5a:04:67:
f1:a1:5b:78:24:7a:94:06:88:7d:12:cf:13:2d:31:
d5:3d:35:01:ad:7a:9b:4f:4a:b8:cc:72:e8:90:33:
b2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:23:FF:DC:C1:A2:76:70:51:5D:3D:80:32:1A:5F:7B:7A:31:08:57
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/YSP_3MGidnBRXT2AMhpfe3oxCFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.124.5.0/24
Signature Algorithm: sha256WithRSAEncryption
15:92:33:7e:6e:a4:79:52:c8:0e:24:71:32:ec:1b:6f:f7:67:
06:c8:a9:78:bd:12:4b:78:85:10:c4:02:ce:98:dd:ca:85:57:
53:13:f6:85:46:bf:8e:08:c4:bb:ac:22:b0:ad:1d:ce:68:f6:
0b:ff:58:3d:e9:5b:22:80:67:1e:18:5f:4f:df:85:c2:d0:dc:
6a:6c:95:f5:05:9a:8f:7d:e8:a5:c3:91:16:1e:8e:63:33:87:
a6:95:80:dc:ee:e9:92:1b:b2:cd:d0:97:39:52:f3:2d:66:44:
b7:57:cc:8a:c8:c6:df:15:23:ad:fc:a4:58:94:e7:05:ea:25:
d8:f9:d4:e9:82:4b:b8:b7:48:ff:3b:99:94:8d:99:11:b7:2b:
e2:12:42:f9:6a:8c:fe:02:a1:c9:66:59:b5:8d:94:15:51:db:
ad:27:f0:36:0e:89:9f:45:8b:5e:40:8d:05:db:22:9b:c3:ee:
ef:43:50:9a:2c:3c:50:4c:1c:a8:ef:a7:ef:0d:8d:0b:b2:e3:
0e:d3:0d:a9:bd:54:55:b3:6b:45:2c:6e:92:16:16:93:ec:99:
e5:5d:78:25:43:43:f8:0f:7f:22:0b:af:fc:c3:95:6f:a5:36:
d4:48:48:78:4e:17:3e:58:c9:1b:1b:fa:4b:fa:54:0b:ed:57:
83:a9:6f:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeuoaSLmw1XPVN5JZmfxz/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjMwNDIzMTUwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIzZmZkY2MxYTI3NjcwNTE1ZDNkODAzMjFhNWY3YjdhMzEwODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT6IDupC4lb87GkNay94Ih30Ws/9
rzRycaGusw0EnasCN62+bWjkPs6jBk1HPhg3nmS2A6siLJL3fnoitQeZMQU9M0H7
PAQLkTZSq8kQSmsAhlLakuWvRU5TGWEkpfsXjNdo6jTcWx27jZYWWNL2EhaHim9E
ZyGdOnFMPAa6AVY11awRGwwxtrip2AK/GCnZ/mlgaorGNkGBFDaZF5p2JSxCvRAs
7B1xPV9rHecC9I04CyvJ6iQBjbGmn1p71CXDLjihgYOwfUrDOuz+ZMnjs7etYfiF
211GS25/0A1aBGfxoVt4JHqUBoh9Es8TLTHVPTUBrXqbT0q4zHLokDOyYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEj/9zBonZwUV09gDIaX3t6MQhXMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvWVNQXzNNR2lkbkJSWFQyQU1ocGZlM294Q0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHwFMA0G
CSqGSIb3DQEBCwUAA4IBAQAVkjN+bqR5UsgOJHEy7Btv92cGyKl4vRJLeIUQxALO
mN3KhVdTE/aFRr+OCMS7rCKwrR3OaPYL/1g96VsigGceGF9P34XC0NxqbJX1BZqP
feilw5EWHo5jM4emlYDc7umSG7LN0Jc5UvMtZkS3V8yKyMbfFSOt/KRYlOcF6iXY
+dTpgku4t0j/O5mUjZkRtyviEkL5aoz+AqHJZlm1jZQVUdutJ/A2DomfRYteQI0F
2yKbw+7vQ1CaLDxQTByo76fvDY0LsuMO0w2pvVRVs2tFLG6SFhaT7JnlXXglQ0P4
D38iC6/8w5VvpTbUSEh4Thc+WMkbG/pL+lQL7VeDqW9v
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:37:25 2025 by rpki-client