Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/yrf1LXCv06U8K4upz_KtPcdYqCw.roa
File: yrf1LXCv06U8K4upz_KtPcdYqCw.roa (raw, json)
Hash identifier: bDXpLOm38XUILQmF0/bX14UTH8bydzEjrcGtmGOVo2E=
Subject key identifier: CA:B7:F5:2D:70:AF:D3:A5:3C:2B:8B:A9:CF:F2:AD:3D:C7:58:A8:2C
Certificate issuer: /CN=327b3420c25013795e822a2ae50d38dc1d382793
Certificate serial: 06560430
Authority key identifier: 32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/yrf1LXCv06U8K4upz_KtPcdYqCw.roa
Signing time: Sat 01 Jan 2022 05:01:11 +0000
ROA not before: Sat 01 Jan 2022 05:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207582
IP address blocks: 91.205.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106300464 (0x6560430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=327b3420c25013795e822a2ae50d38dc1d382793
Validity
Not Before: Jan 1 05:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cab7f52d70afd3a53c2b8ba9cff2ad3dc758a82c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:e8:3e:6d:4d:2a:41:9f:e4:28:c2:98:c5:
43:9a:c2:b6:17:0b:46:a8:cb:48:c1:d4:ab:2d:8a:
36:17:06:e8:7b:28:1e:31:d3:6f:d8:97:9a:e2:40:
3e:ab:da:6d:2d:5e:2c:de:71:0d:26:18:2c:51:a4:
eb:4d:d0:e9:db:b5:80:76:33:97:13:3b:0a:8d:89:
b1:4a:3e:46:c8:8f:4a:2e:16:32:ab:fb:16:47:80:
a0:01:e8:f1:99:42:e4:cc:7e:48:59:99:34:9e:c3:
37:97:51:df:40:09:ea:10:4e:51:e1:1d:58:db:8d:
52:83:04:55:e6:c6:06:77:94:34:a9:c0:24:b2:25:
b0:dc:fd:bb:b9:90:01:18:06:62:49:ce:4e:42:9d:
8b:bf:1d:e1:bc:84:83:74:82:fc:02:6c:0a:89:9a:
aa:d4:e5:8c:1c:60:ca:5b:bc:bc:cd:5d:fd:af:0e:
b5:b2:cf:0a:09:ed:4c:75:33:44:c3:c5:b1:e0:03:
be:92:13:ad:e7:73:c1:c9:db:4c:56:58:ac:31:53:
59:a9:c0:20:bf:28:e8:73:47:52:90:7e:dc:f0:de:
33:21:0b:67:eb:80:ee:5b:30:41:61:6e:e4:6c:b8:
e9:cb:bd:51:2b:79:97:6a:c7:e2:94:95:d2:01:f4:
e6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B7:F5:2D:70:AF:D3:A5:3C:2B:8B:A9:CF:F2:AD:3D:C7:58:A8:2C
X509v3 Authority Key Identifier:
keyid:32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/yrf1LXCv06U8K4upz_KtPcdYqCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.41.0/24
Signature Algorithm: sha256WithRSAEncryption
86:33:88:30:50:8b:2f:e6:7a:4c:21:19:8d:ed:75:3c:32:fd:
ac:2d:05:55:c2:6e:d6:d2:60:46:e5:0b:ea:dc:51:16:b7:45:
d4:51:13:61:46:4d:95:6d:97:7c:bd:e5:17:b8:6f:43:14:3f:
7f:a5:f6:16:1b:ad:e2:de:20:76:e3:44:08:0b:ab:b8:dd:07:
c0:95:fc:80:fc:54:d5:af:1a:ab:68:8d:2c:58:0d:dd:d1:3b:
da:8f:49:2c:1c:aa:91:82:32:73:a0:d0:33:2c:04:73:9f:16:
9a:35:82:f1:d4:34:4e:89:8c:63:10:6b:1d:ed:6b:8b:5b:12:
02:19:88:37:72:91:22:eb:f6:82:20:fd:9f:e0:43:4f:1c:53:
7c:03:87:ae:2f:e3:7e:ee:38:8b:5a:14:65:d0:78:7a:43:ed:
8c:5d:07:7d:39:eb:3a:48:ba:ea:7e:3b:c1:1d:fe:b1:1d:06:
5c:4c:02:df:86:f3:8f:5b:a2:e8:c8:38:4a:d6:62:03:16:0e:
ec:e2:43:4f:cc:15:00:1d:e3:44:17:99:64:c3:bb:c1:24:9b:
27:3b:4f:ad:c8:d4:f4:6a:26:e4:79:9e:44:04:0d:2d:94:2c:
dd:ea:31:47:b1:0c:f7:a6:a6:08:78:c3:08:0f:a0:44:66:c5:
c2:fe:89:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBlYEMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjdiMzQyMGMyNTAxMzc5NWU4MjJhMmFlNTBkMzhkYzFkMzgyNzkzMB4XDTIyMDEw
MTA1MDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FiN2Y1MmQ3MGFm
ZDNhNTNjMmI4YmE5Y2ZmMmFkM2RjNzU4YTgyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3i6D5tTSpBn+QowpjFQ5rCthcLRqjLSMHUqy2KNhcG6Hso
HjHTb9iXmuJAPqvabS1eLN5xDSYYLFGk603Q6du1gHYzlxM7Co2JsUo+RsiPSi4W
Mqv7FkeAoAHo8ZlC5Mx+SFmZNJ7DN5dR30AJ6hBOUeEdWNuNUoMEVebGBneUNKnA
JLIlsNz9u7mQARgGYknOTkKdi78d4byEg3SC/AJsComaqtTljBxgylu8vM1d/a8O
tbLPCgntTHUzRMPFseADvpITredzwcnbTFZYrDFTWanAIL8o6HNHUpB+3PDeMyEL
Z+uA7lswQWFu5Gy46cu9USt5l2rH4pSV0gH05ikCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTKt/UtcK/TpTwri6nP8q09x1ioLDAfBgNVHSMEGDAWgBQyezQgwlATeV6C
KirlDTjcHTgnkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01uczBJTUpRRTNsZWdpb3E1UTA0M0IwNEo1TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvMzYzMWUwLTU2ZDctNGMyOS05NWM0LTY2ODJiMDdmYTk0Ny8x
L3lyZjFMWEN2MDZVOEs0dXB6X0t0UGNkWXFDdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
MzYzMWUwLTU2ZDctNGMyOS05NWM0LTY2ODJiMDdmYTk0Ny8xL01uczBJTUpRRTNs
ZWdpb3E1UTA0M0IwNEo1TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvNKTANBgkqhkiG9w0BAQsFAAOC
AQEAhjOIMFCLL+Z6TCEZje11PDL9rC0FVcJu1tJgRuUL6txRFrdF1FETYUZNlW2X
fL3lF7hvQxQ/f6X2Fhut4t4gduNECAuruN0HwJX8gPxU1a8aq2iNLFgN3dE72o9J
LByqkYIyc6DQMywEc58WmjWC8dQ0TomMYxBrHe1ri1sSAhmIN3KRIuv2giD9n+BD
TxxTfAOHri/jfu44i1oUZdB4ekPtjF0HfTnrOki66n47wR3+sR0GXEwC34bzj1ui
6Mg4StZiAxYO7OJDT8wVAB3jRBeZZMO7wSSbJztPrcjU9Gom5HmeRAQNLZQs3eox
R7EM96amCHjDCA+gRGbFwv6Jbw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:00:22 2025 by rpki-client