Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/pYkndR-8n5bsVYT0WV4OX1Au2lQ.roa
File: pYkndR-8n5bsVYT0WV4OX1Au2lQ.roa (raw, json)
Hash identifier: yaD7zAruvGFN5pkGr5AVdyUMtcWsdjNkKnyBKIbBebs=
Subject key identifier: A5:89:27:75:1F:BC:9F:96:EC:55:84:F4:59:5E:0E:5F:50:2E:DA:54
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0183E4D39BF411BC9E4C12458B64775DBF2C
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/pYkndR-8n5bsVYT0WV4OX1Au2lQ.roa
Signing time: Mon 17 Oct 2022 07:23:36 +0000
ROA not before: Mon 17 Oct 2022 07:23:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 176.221.16.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:d3:9b:f4:11:bc:9e:4c:12:45:8b:64:77:5d:bf:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 17 07:23:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a58927751fbc9f96ec5584f4595e0e5f502eda54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:bd:12:0e:eb:f5:75:cd:3a:13:2d:9b:7c:a7:
fd:ce:7a:b2:e4:f6:2a:ad:d8:88:b0:c9:e8:7b:e3:
61:e5:34:a1:27:67:7e:da:13:1d:37:4e:32:a7:07:
5b:3b:5d:05:a5:f8:2c:07:61:40:fd:1e:97:c4:80:
a6:c6:f0:1a:3f:ad:7f:48:79:c4:e9:7e:5c:91:1f:
c9:5e:be:44:6a:ef:a5:c9:0f:6c:08:72:3e:6d:34:
4e:81:44:f0:37:78:42:1d:b3:ed:98:e1:1b:d1:98:
50:9b:04:2a:1a:94:44:07:9d:02:1d:4e:24:ea:6c:
9f:ab:33:5c:0a:f7:83:a7:05:47:81:ad:8c:f7:c0:
cb:28:9c:fc:22:bc:16:21:33:7b:20:53:16:13:64:
6f:8a:7b:4c:8a:cb:83:4e:a8:94:80:f6:17:97:26:
ed:26:73:ec:05:21:41:ee:69:8d:14:c6:90:a4:9e:
22:00:b0:68:97:f0:8a:18:6a:d5:63:9c:16:d6:b3:
59:03:af:e4:c7:8d:b2:23:77:a3:51:6f:bd:5d:92:
d7:b0:f4:73:06:f1:d1:04:05:c4:69:0a:cd:6a:50:
a7:75:46:7e:70:66:17:85:c5:35:d1:9e:b0:ad:dc:
20:16:1a:2a:91:99:50:f4:e0:73:7f:0b:e1:07:0d:
66:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:89:27:75:1F:BC:9F:96:EC:55:84:F4:59:5E:0E:5F:50:2E:DA:54
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/pYkndR-8n5bsVYT0WV4OX1Au2lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.16.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:29:6a:c4:f6:ff:dd:e8:5e:95:16:a0:88:b5:55:80:d5:e3:
2f:0e:56:a7:99:55:1c:d0:c0:c9:5a:8a:f8:10:d3:2b:e6:69:
31:5e:ab:84:9c:5b:0e:93:9c:27:1f:fd:c7:d3:ff:a4:63:a7:
f1:0e:a4:40:19:9b:a7:63:2a:01:cd:54:3b:cc:20:25:69:bf:
a7:a7:22:6c:73:82:e5:85:00:b3:54:56:e6:d2:1d:8d:38:53:
26:8f:02:9c:96:43:f5:84:ff:d9:5c:cb:89:35:1f:49:54:4a:
3e:41:1e:a6:54:8f:0b:eb:1b:1e:26:6b:29:d9:15:9f:78:e6:
de:ed:8c:b1:49:4a:91:e9:6b:97:91:fb:ee:ba:cd:08:0f:66:
30:e2:7b:24:b5:dd:0f:33:0b:29:cf:b7:ed:83:ad:c7:fc:82:
0d:28:45:b6:1e:79:2f:04:39:27:7d:60:86:a2:bd:c2:c2:84:
cb:fd:ad:f2:61:b6:98:5a:3b:1d:52:84:e5:e5:f3:9c:dd:99:
55:9c:81:e4:40:81:00:cf:51:41:0f:f5:0e:b4:a6:0e:be:77:
ab:63:cc:8a:ec:c3:cb:5d:28:39:dc:39:00:eb:2a:db:8f:44:
b0:e8:f8:04:c2:49:b4:98:40:ab:bc:c8:58:54:0a:4a:9e:ce:
64:e8:0c:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPk05v0EbyeTBJFi2R3Xb8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjIxMDE3MDcyMzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg5Mjc3NTFmYmM5Zjk2ZWM1NTg0ZjQ1OTVlMGU1ZjUwMmVkYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb0SDuv1dc06Ey2bfKf9znqy5PYq
rdiIsMnoe+Nh5TShJ2d+2hMdN04ypwdbO10FpfgsB2FA/R6XxICmxvAaP61/SHnE
6X5ckR/JXr5Eau+lyQ9sCHI+bTROgUTwN3hCHbPtmOEb0ZhQmwQqGpREB50CHU4k
6myfqzNcCveDpwVHga2M98DLKJz8IrwWITN7IFMWE2RvintMisuDTqiUgPYXlybt
JnPsBSFB7mmNFMaQpJ4iALBol/CKGGrVY5wW1rNZA6/kx42yI3ejUW+9XZLXsPRz
BvHRBAXEaQrNalCndUZ+cGYXhcU10Z6wrdwgFhoqkZlQ9OBzfwvhBw1mMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWJJ3UfvJ+W7FWE9FleDl9QLtpUMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvcFlrbmRSLThuNWJzVllUMFdWNE9YMUF1MmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsN0QMA0G
CSqGSIb3DQEBCwUAA4IBAQB9KWrE9v/d6F6VFqCItVWA1eMvDlanmVUc0MDJWor4
ENMr5mkxXquEnFsOk5wnH/3H0/+kY6fxDqRAGZunYyoBzVQ7zCAlab+npyJsc4Ll
hQCzVFbm0h2NOFMmjwKclkP1hP/ZXMuJNR9JVEo+QR6mVI8L6xseJmsp2RWfeObe
7YyxSUqR6WuXkfvuus0ID2Yw4nsktd0PMwspz7ftg63H/IINKEW2HnkvBDknfWCG
or3CwoTL/a3yYbaYWjsdUoTl5fOc3ZlVnIHkQIEAz1FBD/UOtKYOvnerY8yK7MPL
XSg53DkA6yrbj0Sw6PgEwkm0mECrvMhYVApKns5k6AzC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:31 2025 by rpki-client