Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/ysZfTUGgEi5TDeUFcWyRBrRsNh0.roa
File: ysZfTUGgEi5TDeUFcWyRBrRsNh0.roa (raw, json)
Hash identifier: +qdMDqb1ySQxhx0CXHo923hiRE+jvzpgp08BbifOotg=
Subject key identifier: CA:C6:5F:4D:41:A0:12:2E:53:0D:E5:05:71:6C:91:06:B4:6C:36:1D
Certificate issuer: /CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Certificate serial: 0AE97E32
Authority key identifier: D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/ysZfTUGgEi5TDeUFcWyRBrRsNh0.roa
Signing time: Mon 13 Jun 2022 14:52:44 +0000
ROA not before: Mon 13 Jun 2022 14:52:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48135
IP address blocks: 151.89.128.0/17 maxlen: 17
94.127.84.0/22 maxlen: 22
94.127.83.0/24 maxlen: 24
94.127.80.0/22 maxlen: 22
94.127.81.0/24 maxlen: 24
94.127.86.0/24 maxlen: 24
94.127.86.0/23 maxlen: 23
94.127.87.0/24 maxlen: 24
151.89.232.0/22 maxlen: 22
151.89.55.0/24 maxlen: 24
151.89.54.0/24 maxlen: 24
151.89.0.0/17 maxlen: 17
151.89.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183074354 (0xae97e32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Validity
Not Before: Jun 13 14:52:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cac65f4d41a0122e530de505716c9106b46c361d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:49:75:64:ce:38:ea:0e:8f:dd:70:54:ff:60:
e6:b5:04:84:33:2a:13:d1:a2:ce:51:79:68:1f:e7:
d4:97:60:66:87:92:da:2d:5e:7a:e2:2b:08:af:5f:
85:3e:89:b9:8b:6d:30:8f:1d:82:60:0a:14:e4:6f:
18:74:10:da:e3:6a:e5:8a:1d:5f:23:b3:29:4d:ce:
63:b8:c7:f0:69:c3:5b:3f:5a:f1:0f:c7:85:b9:8f:
78:e2:92:36:08:bd:54:da:36:12:7f:af:70:ec:f7:
f8:72:f4:ba:2a:96:34:f6:df:0e:59:a9:8b:0c:b3:
f1:b0:65:65:f0:80:11:c2:40:07:fa:d1:7a:35:16:
df:55:28:6c:5a:00:2e:91:c4:1d:1e:ac:b2:4d:7f:
9d:df:9b:d8:ef:c1:e2:29:f7:7a:2c:b8:a5:51:7e:
42:3c:c9:d1:04:38:3c:6d:5e:72:62:ea:74:3b:f2:
f8:d0:3d:38:0f:57:3e:ef:8e:ab:2b:24:1e:85:05:
32:cd:d3:9f:66:70:d6:9d:28:e4:7a:d4:a4:9f:0e:
3f:da:cf:58:28:a1:7f:89:bd:00:ce:5c:07:3a:07:
15:de:79:10:bf:5f:08:81:6d:68:70:5e:fa:0c:c0:
6d:98:48:7e:f9:fd:26:42:3e:77:4b:d0:69:20:c6:
59:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C6:5F:4D:41:A0:12:2E:53:0D:E5:05:71:6C:91:06:B4:6C:36:1D
X509v3 Authority Key Identifier:
keyid:D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/ysZfTUGgEi5TDeUFcWyRBrRsNh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/12b8bxuOK2BPf7c8Kf1daJoOqB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.80.0/21
151.89.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:7f:a9:8e:a2:d0:8d:f9:2d:43:c5:7f:b9:a2:22:21:0a:dc:
59:21:9d:00:c5:9d:3c:2e:af:68:5c:ef:15:40:8f:37:93:3b:
25:ab:89:6e:38:94:40:c4:2e:1d:f1:81:66:9f:22:1b:d2:08:
2a:23:d3:cd:1e:42:fc:ad:7c:94:6a:3d:e3:53:e1:2a:5d:bc:
1a:a3:05:8c:3f:bd:cc:94:72:8a:07:8c:bc:78:94:46:e9:bb:
1b:15:16:61:92:d5:c3:9d:91:02:94:b2:73:42:3d:93:a8:d5:
af:55:75:dd:5a:ca:f8:dd:14:80:c0:69:f7:1a:70:6c:31:4a:
7e:d4:70:53:06:73:3b:66:9e:3a:b2:23:2d:79:d2:b0:d2:97:
a7:95:25:1b:d8:22:b0:d2:da:e7:96:9a:5b:14:9a:ec:2e:81:
ed:50:72:7b:d8:86:ee:b5:84:aa:e2:08:fb:ae:ae:ee:92:93:
6a:bb:d6:e5:9f:96:e9:51:ab:41:0e:55:29:bb:06:e4:95:d1:
46:ed:19:7a:44:16:1f:f9:d2:4d:70:a8:56:53:24:01:bb:3f:
12:9f:c3:0a:39:43:a2:cc:65:43:e4:aa:50:f3:18:ff:58:91:
46:53:39:f0:c0:b1:e6:cc:ba:a1:bd:ef:04:92:ce:c3:ca:90:
f2:68:9f:6a
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIECul+MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzY2ZmM2ZjFiOGUyYjYwNGY3ZmI3M2MyOWZkNWQ2ODlhMGVhODFkMB4XDTIyMDYx
MzE0NTI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FjNjVmNGQ0MWEw
MTIyZTUzMGRlNTA1NzE2YzkxMDZiNDZjMzYxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtJdWTOOOoOj91wVP9g5rUEhDMqE9GizlF5aB/n1JdgZoeS
2i1eeuIrCK9fhT6JuYttMI8dgmAKFORvGHQQ2uNq5YodXyOzKU3OY7jH8GnDWz9a
8Q/HhbmPeOKSNgi9VNo2En+vcOz3+HL0uiqWNPbfDlmpiwyz8bBlZfCAEcJAB/rR
ejUW31UobFoALpHEHR6ssk1/nd+b2O/B4in3eiy4pVF+QjzJ0QQ4PG1ecmLqdDvy
+NA9OA9XPu+OqyskHoUFMs3Tn2Zw1p0o5HrUpJ8OP9rPWCihf4m9AM5cBzoHFd55
EL9fCIFtaHBe+gzAbZhIfvn9JkI+d0vQaSDGWfECAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBTKxl9NQaASLlMN5QVxbJEGtGw2HTAfBgNVHSMEGDAWgBTXZvxvG44rYE9/
tzwp/V1omg6oHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEyYjhieHVPSzJCUGY3YzhLZjFkYUpvT3FCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvZjM4MjlhLTk1MjctNDQ0Yi1iZDcyLTNlZjNmZDk2OTk1Ny8x
L3lzWmZUVUdnRWk1VERlVUZjV3lSQnJSc05oMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
ZjM4MjlhLTk1MjctNDQ0Yi1iZDcyLTNlZjNmZDk2OTk1Ny8xLzEyYjhieHVPSzJC
UGY3YzhLZjFkYUpvT3FCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMEA15/UAMDAJdZMA0GCSqGSIb3DQEB
CwUAA4IBAQBIf6mOotCN+S1DxX+5oiIhCtxZIZ0AxZ08Lq9oXO8VQI83kzslq4lu
OJRAxC4d8YFmnyIb0ggqI9PNHkL8rXyUaj3jU+EqXbwaowWMP73MlHKKB4y8eJRG
6bsbFRZhktXDnZEClLJzQj2TqNWvVXXdWsr43RSAwGn3GnBsMUp+1HBTBnM7Zp46
siMtedKw0penlSUb2CKw0trnlppbFJrsLoHtUHJ72IbutYSq4gj7rq7ukpNqu9bl
n5bpUatBDlUpuwbkldFG7Rl6RBYf+dJNcKhWUyQBuz8Sn8MKOUOizGVD5KpQ8xj/
WJFGUznwwLHmzLqhve8Eks7DypDyaJ9q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:30 2025 by rpki-client