Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/yjMZmoFwwE9VIY18m0U2twmzwEc.roa
File: yjMZmoFwwE9VIY18m0U2twmzwEc.roa (raw, json)
Hash identifier: pw88obgkCq2FBDs+9kMdpyLWFEwN//E5MWortzjTq5Q=
Subject key identifier: CA:33:19:9A:81:70:C0:4F:55:21:8D:7C:9B:45:36:B7:09:B3:C0:47
Certificate issuer: /CN=d695cb86586cbfd2462afa052c96a25c162830a8
Certificate serial: 0185704BB28A7B648594AE11DE59544756EB
Authority key identifier: D6:95:CB:86:58:6C:BF:D2:46:2A:FA:05:2C:96:A2:5C:16:28:30:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1pXLhlhsv9JGKvoFLJaiXBYoMKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/yjMZmoFwwE9VIY18m0U2twmzwEc.roa
Signing time: Mon 02 Jan 2023 02:24:47 +0000
ROA not before: Mon 02 Jan 2023 02:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208374
IP address blocks: 185.215.69.0/24 maxlen: 24
185.215.68.0/24 maxlen: 24
2a0b:880:f000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:b2:8a:7b:64:85:94:ae:11:de:59:54:47:56:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d695cb86586cbfd2462afa052c96a25c162830a8
Validity
Not Before: Jan 2 02:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca33199a8170c04f55218d7c9b4536b709b3c047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:97:7c:b6:68:b7:a1:36:45:28:d2:b5:b9:18:
96:82:16:14:15:01:37:d8:f5:e9:18:09:a8:b5:b6:
28:31:fd:1e:13:51:71:91:46:5a:ee:e7:84:9d:7b:
bb:b0:4a:fb:56:d5:ae:83:cf:ef:cc:d6:23:04:17:
a2:b0:26:4c:79:0a:08:16:da:4f:0b:47:d9:0f:39:
ae:a0:7e:15:d8:2c:67:9d:0e:e8:43:c3:45:68:ad:
42:04:d7:eb:c8:b5:0a:57:61:ee:14:11:1d:17:25:
3c:55:f6:ee:49:b7:b5:38:0f:0d:9c:2e:c5:15:9a:
ef:4d:56:15:39:0a:fb:2d:51:fc:08:e9:1d:4b:20:
04:18:06:2c:d5:84:3e:64:f5:1a:3a:25:88:e4:ae:
10:bc:58:65:d9:5b:9e:e9:db:88:ae:97:c5:3c:bd:
7a:9b:28:bd:25:2b:e5:a7:2f:6b:e3:0d:38:fb:d4:
cb:dc:76:2c:8a:b3:f0:6f:97:0b:ee:53:f8:c0:24:
25:a0:e1:08:df:30:37:64:1d:9f:30:dc:5d:ba:df:
68:f5:46:d9:5a:d7:77:91:ee:62:79:1a:df:a9:2f:
97:77:d5:30:eb:e4:5c:b5:6c:48:24:c8:e8:d4:8c:
b1:68:1d:7b:17:f1:c0:a1:00:ad:65:99:14:12:57:
e9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:33:19:9A:81:70:C0:4F:55:21:8D:7C:9B:45:36:B7:09:B3:C0:47
X509v3 Authority Key Identifier:
keyid:D6:95:CB:86:58:6C:BF:D2:46:2A:FA:05:2C:96:A2:5C:16:28:30:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1pXLhlhsv9JGKvoFLJaiXBYoMKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/yjMZmoFwwE9VIY18m0U2twmzwEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/1pXLhlhsv9JGKvoFLJaiXBYoMKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.68.0/23
IPv6:
2a0b:880:f000::/36
Signature Algorithm: sha256WithRSAEncryption
b8:83:be:57:a8:20:1e:07:c3:db:80:20:e4:52:48:09:8a:2a:
da:f8:43:29:12:08:c4:6a:7c:d7:f9:41:9d:fd:87:3b:b7:32:
11:c4:f6:73:30:01:0a:77:c9:15:ad:a6:71:b5:a8:d6:8f:75:
21:e3:5c:65:db:a0:08:95:18:c1:bc:40:18:b3:66:c1:ba:92:
75:40:62:bd:62:50:45:f1:85:29:91:de:04:90:18:98:f0:d4:
90:fb:ff:b1:c8:95:c9:73:32:01:8c:08:b9:1f:37:4e:46:b7:
5e:ce:0e:50:fa:8c:43:33:a9:e2:8e:a9:16:5f:8e:70:59:88:
60:57:18:6c:65:d2:e0:66:a3:37:02:27:0c:f0:a1:15:42:2e:
4f:59:69:20:2f:63:0d:e9:0f:76:92:99:40:5a:8f:b4:92:bf:
32:20:99:9b:22:94:82:0a:39:03:8a:02:f0:dc:d9:45:fc:c1:
c1:18:96:fa:a7:ec:21:92:f5:e5:1c:6e:77:d4:ec:5f:00:4a:
a3:bd:33:09:9b:b1:ac:7b:99:e8:a6:fa:65:b2:73:7e:12:2e:
e9:25:29:83:53:04:a6:d5:70:27:2a:bb:8b:b9:62:1c:57:91:
63:9b:68:c9:bb:55:65:ea:fb:a7:87:35:be:7e:f5:db:d4:91:
ae:ba:6a:11
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVwS7KKe2SFlK4R3llUR1brMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OTVjYjg2NTg2Y2JmZDI0NjJhZmEwNTJjOTZhMjVjMTYy
ODMwYTgwHhcNMjMwMTAyMDIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTMzMTk5YTgxNzBjMDRmNTUyMThkN2M5YjQ1MzZiNzA5YjNjMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJd8tmi3oTZFKNK1uRiWghYUFQE3
2PXpGAmotbYoMf0eE1FxkUZa7ueEnXu7sEr7VtWug8/vzNYjBBeisCZMeQoIFtpP
C0fZDzmuoH4V2CxnnQ7oQ8NFaK1CBNfryLUKV2HuFBEdFyU8VfbuSbe1OA8NnC7F
FZrvTVYVOQr7LVH8COkdSyAEGAYs1YQ+ZPUaOiWI5K4QvFhl2Vue6duIrpfFPL16
myi9JSvlpy9r4w04+9TL3HYsirPwb5cL7lP4wCQloOEI3zA3ZB2fMNxdut9o9UbZ
Wtd3ke5ieRrfqS+Xd9Uw6+RctWxIJMjo1IyxaB17F/HAoQCtZZkUElfpRQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMozGZqBcMBPVSGNfJtFNrcJs8BHMB8GA1UdIwQY
MBaAFNaVy4ZYbL/SRir6BSyWolwWKDCoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXBYTGhsaHN2OUpHS3ZvRkxKYWlYQllvTUtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zZGJmZWItYjJlMi00ODE2LTliYTkt
YTVjZDgxYjVlMDBiLzEveWpNWm1vRnd3RTlWSVkxOG0wVTJ0d216d0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zZGJmZWItYjJlMi00ODE2LTliYTktYTVjZDgxYjVlMDBi
LzEvMXBYTGhsaHN2OUpHS3ZvRkxKYWlYQllvTUtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuddEMA4E
AgACMAgDBgQqCwiA8DANBgkqhkiG9w0BAQsFAAOCAQEAuIO+V6ggHgfD24Ag5FJI
CYoq2vhDKRIIxGp81/lBnf2HO7cyEcT2czABCnfJFa2mcbWo1o91IeNcZdugCJUY
wbxAGLNmwbqSdUBivWJQRfGFKZHeBJAYmPDUkPv/sciVyXMyAYwIuR83Tka3Xs4O
UPqMQzOp4o6pFl+OcFmIYFcYbGXS4GajNwInDPChFUIuT1lpIC9jDekPdpKZQFqP
tJK/MiCZmyKUggo5A4oC8NzZRfzBwRiW+qfsIZL15Rxud9TsXwBKo70zCZuxrHuZ
6Kb6ZbJzfhIu6SUpg1MEptVwJyq7i7liHFeRY5toybtVZer7p4c1vn7129SRrrpq
EQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:44 2025 by rpki-client