Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/YndVARk13O4ScdJRuJ4deYv12q0.roa
File: YndVARk13O4ScdJRuJ4deYv12q0.roa (raw, json)
Hash identifier: 4J1HBsQpVZvpHJO6VaNmswqwwlP5AyyJdTYLJQCeYSQ=
Subject key identifier: 62:77:55:01:19:35:DC:EE:12:71:D2:51:B8:9E:1D:79:8B:F5:DA:AD
Certificate issuer: /CN=29590774e77a8994a4283128c35921d037b06f21
Certificate serial: 01856FD502150BABC4603DFB42D3AAB08457
Authority key identifier: 29:59:07:74:E7:7A:89:94:A4:28:31:28:C3:59:21:D0:37:B0:6F:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVkHdOd6iZSkKDEow1kh0DewbyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/YndVARk13O4ScdJRuJ4deYv12q0.roa
Signing time: Mon 02 Jan 2023 00:15:08 +0000
ROA not before: Mon 02 Jan 2023 00:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210198
IP address blocks: 185.137.128.0/22 maxlen: 24
2a0c:a980::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:02:15:0b:ab:c4:60:3d:fb:42:d3:aa:b0:84:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29590774e77a8994a4283128c35921d037b06f21
Validity
Not Before: Jan 2 00:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=627755011935dcee1271d251b89e1d798bf5daad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:00:e5:36:ee:ad:ca:68:92:60:1c:fd:03:45:
7c:c2:d2:99:95:29:71:0f:ab:90:b3:57:b3:62:f9:
cc:1e:b0:7d:39:3a:3c:b0:43:28:41:56:5e:bf:69:
ba:df:9d:c3:e6:06:5a:94:d4:ac:23:f0:0e:9d:36:
65:c5:9c:bf:95:0b:66:b4:4c:95:d7:5b:31:77:00:
93:ea:13:f8:dd:17:e5:4e:9c:0c:ac:17:06:8d:a8:
d9:c2:5f:a6:a6:b7:42:b8:29:8f:45:f0:f5:1e:85:
57:95:c8:1f:62:7e:57:29:ff:86:0d:13:dc:22:73:
7d:5a:d3:cc:e1:95:dc:74:c3:e8:eb:c3:a2:82:57:
df:fa:3e:28:cb:6f:69:a8:b2:82:d4:af:b7:cc:70:
0b:37:22:d5:47:d2:da:73:0f:88:08:3e:0f:4e:73:
42:0e:6b:c3:74:84:d1:4d:5e:85:9c:d4:5e:67:71:
8b:9e:98:12:23:c5:4b:42:6f:ba:ba:32:f7:02:bf:
e8:f9:ba:ae:77:7c:dc:bb:0a:c3:22:9f:3e:6f:19:
bb:79:37:00:5f:3c:26:1f:72:16:e1:91:1a:1a:58:
41:76:da:a5:29:67:83:d6:16:f8:8d:b4:cf:4e:d9:
80:4d:1b:71:c0:f1:f0:6a:f7:f2:41:fd:27:3c:32:
76:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:77:55:01:19:35:DC:EE:12:71:D2:51:B8:9E:1D:79:8B:F5:DA:AD
X509v3 Authority Key Identifier:
keyid:29:59:07:74:E7:7A:89:94:A4:28:31:28:C3:59:21:D0:37:B0:6F:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVkHdOd6iZSkKDEow1kh0DewbyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/YndVARk13O4ScdJRuJ4deYv12q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/KVkHdOd6iZSkKDEow1kh0DewbyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.128.0/22
IPv6:
2a0c:a980::/29
Signature Algorithm: sha256WithRSAEncryption
79:cf:77:89:48:13:24:2c:98:49:1a:66:68:d6:c5:de:6e:e7:
4f:2d:e0:23:f2:40:2a:0e:41:23:0d:e8:58:40:78:e0:c3:74:
04:e9:32:62:6a:45:38:c8:95:ea:55:c4:92:55:d3:61:64:78:
57:ec:97:6e:e1:8d:5e:71:4a:94:1b:1a:5d:aa:30:eb:d3:f7:
b0:f0:04:fc:c1:17:a4:88:70:0f:ac:7a:6d:76:8b:80:f2:0f:
6d:87:b5:05:09:18:7f:1d:b5:c7:87:16:96:7d:15:f9:e9:c1:
3a:35:d5:7f:4c:8d:07:f3:15:f9:71:7c:b6:1d:7e:a3:b6:32:
a0:db:a7:9b:65:73:e0:c6:48:b2:87:df:ba:91:e5:cd:58:71:
55:65:b9:98:26:dd:de:40:9a:77:ab:4c:93:cb:46:ac:40:c9:
d2:53:7e:2d:d3:6b:2e:26:d5:36:34:50:3c:bf:a7:d5:a0:53:
1b:94:27:d1:07:61:d0:40:78:8c:09:f2:9e:a4:22:2d:03:5f:
17:a0:85:7f:25:9a:d6:a9:6a:b0:0a:13:bd:b0:0d:6d:a7:0a:
bf:11:33:a3:56:4f:8d:3f:fe:92:06:be:18:1f:50:c0:37:40:
c8:d7:82:f6:b0:3c:e6:8f:51:4d:c2:9d:55:58:c4:99:05:6e:
29:95:48:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1QIVC6vEYD37QtOqsIRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTkwNzc0ZTc3YTg5OTRhNDI4MzEyOGMzNTkyMWQwMzdi
MDZmMjEwHhcNMjMwMTAyMDAxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc3NTUwMTE5MzVkY2VlMTI3MWQyNTFiODllMWQ3OThiZjVkYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQDlNu6tymiSYBz9A0V8wtKZlSlx
D6uQs1ezYvnMHrB9OTo8sEMoQVZev2m6353D5gZalNSsI/AOnTZlxZy/lQtmtEyV
11sxdwCT6hP43RflTpwMrBcGjajZwl+mprdCuCmPRfD1HoVXlcgfYn5XKf+GDRPc
InN9WtPM4ZXcdMPo68Oiglff+j4oy29pqLKC1K+3zHALNyLVR9Lacw+ICD4PTnNC
DmvDdITRTV6FnNReZ3GLnpgSI8VLQm+6ujL3Ar/o+bqud3zcuwrDIp8+bxm7eTcA
XzwmH3IW4ZEaGlhBdtqlKWeD1hb4jbTPTtmATRtxwPHwavfyQf0nPDJ22wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGJ3VQEZNdzuEnHSUbieHXmL9dqtMB8GA1UdIwQY
MBaAFClZB3TneomUpCgxKMNZIdA3sG8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZrSGRPZDZpWlNrS0RFb3cxa2gwRGV3YnlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NzQ1ZmUtZTQ3NS00YzU4LWEzMWUt
ZjJjMGRhNjFhYzEzLzEvWW5kVkFSazEzTzRTY2RKUnVKNGRlWXYxMnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NzQ1ZmUtZTQ3NS00YzU4LWEzMWUtZjJjMGRhNjFhYzEz
LzEvS1ZrSGRPZDZpWlNrS0RFb3cxa2gwRGV3YnlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYmAMA0E
AgACMAcDBQMqDKmAMA0GCSqGSIb3DQEBCwUAA4IBAQB5z3eJSBMkLJhJGmZo1sXe
budPLeAj8kAqDkEjDehYQHjgw3QE6TJiakU4yJXqVcSSVdNhZHhX7Jdu4Y1ecUqU
GxpdqjDr0/ew8AT8wRekiHAPrHptdouA8g9th7UFCRh/HbXHhxaWfRX56cE6NdV/
TI0H8xX5cXy2HX6jtjKg26ebZXPgxkiyh9+6keXNWHFVZbmYJt3eQJp3q0yTy0as
QMnSU34t02suJtU2NFA8v6fVoFMblCfRB2HQQHiMCfKepCItA18XoIV/JZrWqWqw
ChO9sA1tpwq/ETOjVk+NP/6SBr4YH1DAN0DI14L2sDzmj1FNwp1VWMSZBW4plUh2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:06 2025 by rpki-client