Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/yg216nh2jx2X2Ni3Jb67o-Ix6VA.roa
File: yg216nh2jx2X2Ni3Jb67o-Ix6VA.roa (raw, json)
Hash identifier: /QHNMfDiwJIl1FjaOTkZN3IECS8YPF4cdSP4HUpdZ9Y=
Subject key identifier: CA:0D:B5:EA:78:76:8F:1D:97:D8:D8:B7:25:BE:BB:A3:E2:31:E9:50
Certificate issuer: /CN=59dda539feb8f8a3725342600670c0c154e4baaa
Certificate serial: 018269074FEFE5561CA37FD1B878B67A3658
Authority key identifier: 59:DD:A5:39:FE:B8:F8:A3:72:53:42:60:06:70:C0:C1:54:E4:BA:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2lOf64-KNyU0JgBnDAwVTkuqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/yg216nh2jx2X2Ni3Jb67o-Ix6VA.roa
Signing time: Thu 04 Aug 2022 13:24:23 +0000
ROA not before: Thu 04 Aug 2022 13:24:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49847
IP address blocks: 185.42.225.0/24 maxlen: 24
185.42.224.0/24 maxlen: 24
185.42.226.0/24 maxlen: 24
185.42.227.0/24 maxlen: 24
45.132.172.0/24 maxlen: 24
45.132.175.0/24 maxlen: 24
45.132.174.0/24 maxlen: 24
45.132.173.0/24 maxlen: 24
2a04:9240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:69:07:4f:ef:e5:56:1c:a3:7f:d1:b8:78:b6:7a:36:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda539feb8f8a3725342600670c0c154e4baaa
Validity
Not Before: Aug 4 13:24:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca0db5ea78768f1d97d8d8b725bebba3e231e950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:37:70:1e:37:cb:49:9a:85:5d:7f:8c:52:a1:
cd:f9:6a:ef:89:59:3f:df:24:d5:e8:ff:75:ec:c3:
57:40:78:55:55:88:34:ab:93:b6:b1:34:03:f2:da:
a0:99:67:80:21:2d:fc:1f:56:85:86:75:20:03:de:
de:98:b4:c1:ae:59:d9:c9:a9:17:88:06:b1:22:bb:
d2:00:6a:d4:b0:b3:94:d2:c9:9a:f8:e1:64:f1:c2:
18:32:a1:c7:e9:b8:be:70:19:29:91:22:e2:69:27:
50:19:f1:1f:2b:8b:00:e8:2f:95:79:e1:35:75:50:
53:c3:e1:80:9b:b1:d2:f8:37:4a:ab:c8:fb:f4:7d:
83:60:78:a7:10:a4:10:a8:9b:9a:83:32:fa:22:f9:
ef:2c:73:a5:56:4d:d5:aa:90:ce:09:1b:7f:06:36:
a5:77:0e:a7:c6:74:a7:77:63:a5:50:dd:a6:f0:55:
bc:73:8c:dd:cc:35:a6:83:bb:6e:69:5d:37:af:0f:
15:97:59:d8:a3:46:de:31:0c:03:14:f0:95:a9:d3:
fc:e1:c7:a5:3d:7e:66:e5:ab:12:1a:c1:fb:b5:da:
d4:c5:71:45:f3:68:f9:12:41:68:dd:63:2a:d7:bc:
94:3d:e8:9b:6b:c9:dd:ef:f2:e8:df:5c:58:dd:7a:
11:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0D:B5:EA:78:76:8F:1D:97:D8:D8:B7:25:BE:BB:A3:E2:31:E9:50
X509v3 Authority Key Identifier:
keyid:59:DD:A5:39:FE:B8:F8:A3:72:53:42:60:06:70:C0:C1:54:E4:BA:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2lOf64-KNyU0JgBnDAwVTkuqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/yg216nh2jx2X2Ni3Jb67o-Ix6VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/Wd2lOf64-KNyU0JgBnDAwVTkuqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.172.0/22
185.42.224.0/22
IPv6:
2a04:9240::/29
Signature Algorithm: sha256WithRSAEncryption
18:5f:58:7f:42:e2:ec:54:16:74:cc:94:72:ea:bf:3e:25:38:
10:cb:39:9d:8c:af:f8:f1:52:e8:81:d4:e4:91:47:ad:21:09:
fc:c3:02:e2:7c:b3:e1:12:36:7a:b8:f9:22:74:92:8b:c4:03:
a2:40:a0:d9:a1:03:99:da:d2:70:3b:09:69:18:06:5e:23:34:
2e:e4:f6:d2:66:de:41:d6:16:27:40:31:f6:e8:33:25:ae:cf:
c2:d8:73:c3:40:df:fb:38:a3:3f:a1:e1:7b:41:e6:dd:ca:ea:
8c:7f:d6:97:5c:3c:c2:f8:f6:c5:5c:d5:01:54:8d:e6:b8:88:
f5:07:61:2d:d4:28:86:ce:61:f5:eb:09:20:88:76:a8:21:15:
76:d0:90:e5:7c:b7:60:51:58:5f:62:e9:df:e3:6f:93:29:26:
8e:09:24:fa:ad:e0:14:e9:b6:bc:24:a2:8f:d2:2c:c2:14:b1:
49:4d:43:20:1c:44:c7:fe:10:d7:f7:4b:79:ab:59:85:f8:08:
f7:81:eb:37:4e:19:65:bd:8f:bd:09:26:f9:a4:10:6a:6e:2b:
a2:19:16:46:ee:90:3c:00:e6:4e:8e:49:37:64:23:30:64:28:
6f:4a:ec:42:c7:29:c5:d0:6c:a0:e7:11:23:d7:05:90:2b:1c:
21:35:93:32
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYJpB0/v5VYco3/RuHi2ejZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGRhNTM5ZmViOGY4YTM3MjUzNDI2MDA2NzBjMGMxNTRl
NGJhYWEwHhcNMjIwODA0MTMyNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBkYjVlYTc4NzY4ZjFkOTdkOGQ4YjcyNWJlYmJhM2UyMzFlOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTdwHjfLSZqFXX+MUqHN+WrviVk/
3yTV6P917MNXQHhVVYg0q5O2sTQD8tqgmWeAIS38H1aFhnUgA97emLTBrlnZyakX
iAaxIrvSAGrUsLOU0sma+OFk8cIYMqHH6bi+cBkpkSLiaSdQGfEfK4sA6C+VeeE1
dVBTw+GAm7HS+DdKq8j79H2DYHinEKQQqJuagzL6IvnvLHOlVk3VqpDOCRt/Bjal
dw6nxnSnd2OlUN2m8FW8c4zdzDWmg7tuaV03rw8Vl1nYo0beMQwDFPCVqdP84cel
PX5m5asSGsH7tdrUxXFF82j5EkFo3WMq17yUPeiba8nd7/Lo31xY3XoRvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMoNtep4do8dl9jYtyW+u6PiMelQMB8GA1UdIwQY
MBaAFFndpTn+uPijclNCYAZwwMFU5LqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QybE9mNjQtS055VTBKZ0JuREF3VlRrdXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iZjJiYTUtZjI4MC00OWU1LTlhMzQt
ZmVjMjVkMmU5MThkLzEveWcyMTZuaDJqeDJYMk5pM0piNjdvLUl4NlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iZjJiYTUtZjI4MC00OWU1LTlhMzQtZmVjMjVkMmU5MThk
LzEvV2QybE9mNjQtS055VTBKZ0JuREF3VlRrdXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYSsAwQC
uSrgMA0EAgACMAcDBQMqBJJAMA0GCSqGSIb3DQEBCwUAA4IBAQAYX1h/QuLsVBZ0
zJRy6r8+JTgQyzmdjK/48VLogdTkkUetIQn8wwLifLPhEjZ6uPkidJKLxAOiQKDZ
oQOZ2tJwOwlpGAZeIzQu5PbSZt5B1hYnQDH26DMlrs/C2HPDQN/7OKM/oeF7Qebd
yuqMf9aXXDzC+PbFXNUBVI3muIj1B2Et1CiGzmH16wkgiHaoIRV20JDlfLdgUVhf
Yunf42+TKSaOCST6reAU6ba8JKKP0izCFLFJTUMgHETH/hDX90t5q1mF+Aj3ges3
ThllvY+9CSb5pBBqbiuiGRZG7pA8AOZOjkk3ZCMwZChvSuxCxynF0Gyg5xEj1wWQ
KxwhNZMy
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:30:00 2025 by rpki-client