Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/yv-xSadfoqnysfuvD6P9cyisqvU.roa
File: yv-xSadfoqnysfuvD6P9cyisqvU.roa (raw, json)
Hash identifier: +qFKxmUXe2rtH2vSN8O6SwTbtDpvZP2a7e/DbN6usQg=
Subject key identifier: CA:FF:B1:49:A7:5F:A2:A9:F2:B1:FB:AF:0F:A3:FD:73:28:AC:AA:F5
Certificate issuer: /CN=22f35c611c29234bf4b40b35990ddfa293a537f9
Certificate serial: 0186DFEDEFFD68EAB7C94A4F97F5055B6F38
Authority key identifier: 22:F3:5C:61:1C:29:23:4B:F4:B4:0B:35:99:0D:DF:A2:93:A5:37:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNcYRwpI0v0tAs1mQ3fopOlN_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/yv-xSadfoqnysfuvD6P9cyisqvU.roa
Signing time: Tue 14 Mar 2023 11:42:37 +0000
ROA not before: Tue 14 Mar 2023 11:42:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48492
IP address blocks: 185.75.224.0/22 maxlen: 24
2a0d:4f00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:ed:ef:fd:68:ea:b7:c9:4a:4f:97:f5:05:5b:6f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f35c611c29234bf4b40b35990ddfa293a537f9
Validity
Not Before: Mar 14 11:42:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caffb149a75fa2a9f2b1fbaf0fa3fd7328acaaf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:80:74:31:8f:37:04:71:fc:2f:d8:57:56:77:
65:c9:c3:f2:ce:f6:fe:ea:73:04:fe:d7:89:20:a5:
63:50:ac:3c:f7:e3:b7:bb:7f:00:8a:d8:04:c7:21:
f3:76:9b:06:6b:c2:e4:ac:03:c6:d0:7e:16:42:b6:
75:75:ce:96:6e:e4:ca:c2:85:81:3d:23:bf:ce:ab:
48:06:25:15:67:50:f5:4d:a6:c8:e7:ce:88:88:86:
20:3e:1a:e0:4d:76:49:8f:45:66:54:17:2e:9f:5a:
c8:62:7b:45:2e:ec:c6:76:42:e8:77:57:5e:9e:9b:
d9:62:09:5e:d6:a1:d2:e4:40:fd:f9:01:60:45:3d:
c0:48:7c:95:0d:12:fb:e9:33:b2:c9:c1:73:00:42:
2e:3f:ab:de:fe:08:4d:1f:ef:32:55:29:72:ad:2c:
c2:b1:63:5f:7c:46:aa:1f:2c:8c:19:19:99:ba:fa:
8e:f4:8c:9b:8f:9a:ae:3f:7a:a3:20:78:ae:b2:e4:
9d:08:c5:46:e7:08:f4:80:bb:54:ef:ce:cd:0b:56:
0d:43:cd:d4:13:77:24:fa:b9:fa:de:a0:e6:77:59:
97:e8:a1:1a:5f:ba:49:3e:85:88:ed:99:ee:04:fb:
66:00:6b:4a:f9:48:cc:64:95:86:bf:cc:73:d1:60:
54:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FF:B1:49:A7:5F:A2:A9:F2:B1:FB:AF:0F:A3:FD:73:28:AC:AA:F5
X509v3 Authority Key Identifier:
keyid:22:F3:5C:61:1C:29:23:4B:F4:B4:0B:35:99:0D:DF:A2:93:A5:37:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNcYRwpI0v0tAs1mQ3fopOlN_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/yv-xSadfoqnysfuvD6P9cyisqvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/IvNcYRwpI0v0tAs1mQ3fopOlN_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.224.0/22
IPv6:
2a0d:4f00::/29
Signature Algorithm: sha256WithRSAEncryption
85:ef:78:f3:28:92:5f:a1:c7:9e:8d:44:cb:1b:7e:23:d6:8e:
78:eb:91:f9:13:ed:ab:ca:7a:5b:e2:1c:cf:fd:d1:b1:51:40:
5d:7d:77:c9:95:b4:33:1a:87:71:d3:11:b7:ba:1f:c1:a1:a7:
bf:05:3a:49:dc:71:58:e5:1a:65:b1:a6:37:77:03:5a:64:6e:
1e:a7:8c:75:f9:1a:c0:97:f1:65:f6:ca:85:d7:1c:7c:8f:5b:
d5:d2:85:bd:62:61:d7:0e:ed:1b:c4:b4:a7:00:76:84:d4:e9:
1d:86:d6:dd:fe:ac:04:f0:cd:1f:90:7d:bd:bc:d6:43:c5:6b:
f0:99:b3:25:1c:9d:33:c7:a3:4b:44:3b:b3:97:88:ba:51:eb:
9c:70:43:45:63:45:f8:94:23:c7:39:a5:5a:d5:d6:e0:12:d1:
8c:f8:33:32:03:6c:26:e2:2f:c3:2f:94:ba:39:34:7a:0e:cc:
7d:92:41:f4:80:03:6a:3a:69:e3:a9:84:aa:ae:4f:2f:04:e6:
8b:a9:95:72:6f:8c:12:a5:08:df:18:e4:64:ce:3a:3a:9a:f0:
ac:7a:3d:da:a1:a0:cc:cc:b1:ed:36:eb:a2:88:dd:ad:70:40:
8e:ce:26:8e:86:e3:f6:b4:26:51:a1:47:f4:38:3c:4c:20:fd:
4a:5f:ed:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbf7e/9aOq3yUpPl/UFW284MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM1YzYxMWMyOTIzNGJmNGI0MGIzNTk5MGRkZmEyOTNh
NTM3ZjkwHhcNMjMwMzE0MTE0MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZmYjE0OWE3NWZhMmE5ZjJiMWZiYWYwZmEzZmQ3MzI4YWNhYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYB0MY83BHH8L9hXVndlycPyzvb+
6nME/teJIKVjUKw89+O3u38AitgExyHzdpsGa8LkrAPG0H4WQrZ1dc6WbuTKwoWB
PSO/zqtIBiUVZ1D1TabI586IiIYgPhrgTXZJj0VmVBcun1rIYntFLuzGdkLod1de
npvZYgle1qHS5ED9+QFgRT3ASHyVDRL76TOyycFzAEIuP6ve/ghNH+8yVSlyrSzC
sWNffEaqHyyMGRmZuvqO9Iybj5quP3qjIHiusuSdCMVG5wj0gLtU787NC1YNQ83U
E3ck+rn63qDmd1mX6KEaX7pJPoWI7ZnuBPtmAGtK+UjMZJWGv8xz0WBU2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMr/sUmnX6Kp8rH7rw+j/XMorKr1MB8GA1UdIwQY
MBaAFCLzXGEcKSNL9LQLNZkN36KTpTf5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZOY1lSd3BJMHYwdEFzMW1RM2ZvcE9sTl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mOGNkYTQtYzgxOC00ZGMwLWI2MDUt
MTYzMjQ3ZWIwZTA3LzEveXYteFNhZGZvcW55c2Z1dkQ2UDljeWlzcXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mOGNkYTQtYzgxOC00ZGMwLWI2MDUtMTYzMjQ3ZWIwZTA3
LzEvSXZOY1lSd3BJMHYwdEFzMW1RM2ZvcE9sTl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUvgMA0E
AgACMAcDBQMqDU8AMA0GCSqGSIb3DQEBCwUAA4IBAQCF73jzKJJfoceejUTLG34j
1o5465H5E+2rynpb4hzP/dGxUUBdfXfJlbQzGodx0xG3uh/Boae/BTpJ3HFY5Rpl
saY3dwNaZG4ep4x1+RrAl/Fl9sqF1xx8j1vV0oW9YmHXDu0bxLSnAHaE1Okdhtbd
/qwE8M0fkH29vNZDxWvwmbMlHJ0zx6NLRDuzl4i6UeuccENFY0X4lCPHOaVa1dbg
EtGM+DMyA2wm4i/DL5S6OTR6Dsx9kkH0gANqOmnjqYSqrk8vBOaLqZVyb4wSpQjf
GORkzjo6mvCsej3aoaDMzLHtNuuiiN2tcECOziaOhuP2tCZRoUf0ODxMIP1KX+3j
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:39:48 2025 by rpki-client