Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/yLAiQQBtbLTc6FwcMKyiG8rjomc.roa
File: yLAiQQBtbLTc6FwcMKyiG8rjomc.roa (raw, json)
Hash identifier: aYowNUwnI1OyNzKF33sZ9PuG9FEaA8aQu4z9NfeNVS4=
Subject key identifier: C8:B0:22:41:00:6D:6C:B4:DC:E8:5C:1C:30:AC:A2:1B:CA:E3:A2:67
Certificate issuer: /CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Certificate serial: 018570429834EC35439A51B5CDFD8F2ED366
Authority key identifier: B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/yLAiQQBtbLTc6FwcMKyiG8rjomc.roa
Signing time: Mon 02 Jan 2023 02:14:50 +0000
ROA not before: Mon 02 Jan 2023 02:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39931
IP address blocks: 185.172.12.0/22 maxlen: 22
77.245.128.0/20 maxlen: 20
77.245.136.0/23 maxlen: 23
77.245.136.0/22 maxlen: 22
77.245.140.0/22 maxlen: 22
2a00:4fc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:98:34:ec:35:43:9a:51:b5:cd:fd:8f:2e:d3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Validity
Not Before: Jan 2 02:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8b02241006d6cb4dce85c1c30aca21bcae3a267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:d5:c2:e3:69:d5:6e:ca:95:ec:48:b8:67:
3f:b3:01:bd:44:3a:a1:6d:31:4a:a3:34:c2:78:a5:
92:c7:ef:32:3e:13:07:ee:3e:61:6e:b7:23:45:18:
11:6e:6f:37:da:57:28:c2:64:40:c2:9c:51:3c:dc:
6d:42:73:70:92:e5:3a:5e:5e:13:10:8d:eb:fb:c8:
12:ed:47:65:e9:2a:24:7d:3e:3d:f7:5e:ba:da:9f:
56:bc:0a:b8:f6:85:46:85:31:59:e0:a6:12:89:7a:
76:c1:42:af:9f:b2:de:f5:dc:3f:5a:75:1a:34:74:
b3:07:f4:e2:35:37:26:bf:7b:e7:b3:2f:04:50:96:
d7:8b:8a:1e:45:51:a6:0a:d1:4b:04:ca:fb:0b:b2:
3c:95:50:85:c6:41:b6:93:8f:9e:e1:7c:92:42:65:
42:e0:15:d0:98:17:a5:51:4d:9d:20:27:31:37:70:
70:8b:25:f7:d0:8b:d2:e7:94:80:ee:f6:1e:b5:8b:
e9:43:15:4f:95:ae:4e:03:d8:b5:fd:4f:af:19:a2:
55:58:98:74:73:1a:f3:0e:c8:f2:71:05:d6:f2:4a:
dd:bc:e3:60:73:c2:18:2a:cb:4c:0f:92:4f:7c:a0:
ae:ef:d7:db:4c:d3:82:a3:0c:9a:d1:11:31:c1:b8:
75:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B0:22:41:00:6D:6C:B4:DC:E8:5C:1C:30:AC:A2:1B:CA:E3:A2:67
X509v3 Authority Key Identifier:
keyid:B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/yLAiQQBtbLTc6FwcMKyiG8rjomc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.128.0/20
185.172.12.0/22
IPv6:
2a00:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
74:d5:db:d2:3b:4c:d5:48:b9:77:ca:c8:8f:2a:1e:b5:29:f8:
ff:88:78:dc:de:a0:d4:1b:a5:2b:8e:e7:44:87:2b:6c:d5:1d:
8c:c9:0a:89:95:de:0c:ec:7a:74:22:bf:f0:66:3b:b7:8c:d4:
b2:4b:48:aa:2d:f4:5e:75:22:d7:74:c6:52:30:85:94:36:9b:
b5:4f:af:47:7d:e2:0a:7c:66:25:77:46:e6:3a:3d:b1:02:26:
82:80:2e:4d:dc:c6:34:19:e3:e9:40:12:d5:9a:0f:b6:d8:7b:
71:21:e1:7b:c5:18:2b:20:a7:f0:d8:5b:09:69:7e:20:35:4d:
e2:71:37:56:f3:24:af:ad:ed:4b:c3:e6:2f:ad:e2:ec:5a:0b:
fe:cb:38:03:77:e3:ca:bb:3d:5c:3a:39:22:78:59:83:d3:46:
82:0d:37:24:51:86:df:82:f4:13:78:e3:45:f5:53:fb:ee:59:
37:36:12:e7:72:e2:68:3f:fc:0b:60:b6:e2:88:22:1d:94:53:
7c:9e:07:d0:13:13:bb:26:40:dc:ef:1f:77:f9:18:3f:aa:2b:
2a:3a:22:3d:8b:f4:76:51:21:ac:e4:b9:3d:f6:66:4b:d9:6b:
71:8d:6e:fb:83:e4:ff:d5:ae:63:c4:85:cf:1b:3a:49:bc:1e:
5a:14:68:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwQpg07DVDmlG1zf2PLtNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTg4MmY3MTcxYWY2ZGNkY2NjOWNkNzlmOThkZWM2NzU3
ZmUxODkwHhcNMjMwMTAyMDIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGIwMjI0MTAwNmQ2Y2I0ZGNlODVjMWMzMGFjYTIxYmNhZTNhMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQTVwuNp1W7KlexIuGc/swG9RDqh
bTFKozTCeKWSx+8yPhMH7j5hbrcjRRgRbm832lcowmRAwpxRPNxtQnNwkuU6Xl4T
EI3r+8gS7Udl6SokfT4991662p9WvAq49oVGhTFZ4KYSiXp2wUKvn7Le9dw/WnUa
NHSzB/TiNTcmv3vnsy8EUJbXi4oeRVGmCtFLBMr7C7I8lVCFxkG2k4+e4XySQmVC
4BXQmBelUU2dICcxN3BwiyX30IvS55SA7vYetYvpQxVPla5OA9i1/U+vGaJVWJh0
cxrzDsjycQXW8krdvONgc8IYKstMD5JPfKCu79fbTNOCowya0RExwbh1JQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMiwIkEAbWy03OhcHDCsohvK46JnMB8GA1UdIwQY
MBaAFLTogvcXGvbc3Myc15+Y3sZ1f+GJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAt
ZmVmZThlMzQwMDZjLzEveUxBaVFRQnRiTFRjNkZ3Y01LeWlHOHJqb21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAtZmVmZThlMzQwMDZj
LzEvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfWAAwQC
uawMMA0EAgACMAcDBQAqAE/AMA0GCSqGSIb3DQEBCwUAA4IBAQB01dvSO0zVSLl3
ysiPKh61Kfj/iHjc3qDUG6UrjudEhyts1R2MyQqJld4M7Hp0Ir/wZju3jNSyS0iq
LfRedSLXdMZSMIWUNpu1T69HfeIKfGYld0bmOj2xAiaCgC5N3MY0GePpQBLVmg+2
2HtxIeF7xRgrIKfw2FsJaX4gNU3icTdW8ySvre1Lw+YvreLsWgv+yzgDd+PKuz1c
OjkieFmD00aCDTckUYbfgvQTeONF9VP77lk3NhLncuJoP/wLYLbiiCIdlFN8ngfQ
ExO7JkDc7x93+Rg/qisqOiI9i/R2USGs5Lk99mZL2WtxjW77g+T/1a5jxIXPGzpJ
vB5aFGgC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:13 2025 by rpki-client