Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/YChIzMP3tlRRbs-I-1mvzGDmUQU.roa
File: YChIzMP3tlRRbs-I-1mvzGDmUQU.roa (raw, json)
Hash identifier: 84PlxZljrTSgUOX+Uyn4T/NP2NId3uQ3G1qzeArsqZ0=
Subject key identifier: 60:28:48:CC:C3:F7:B6:54:51:6E:CF:88:FB:59:AF:CC:60:E6:51:05
Certificate issuer: /CN=630213aba1ea928b9ed32491de9ba10464b0636c
Certificate serial: 01856F0B58B051407EE4606FE9092B1542D9
Authority key identifier: 63:02:13:AB:A1:EA:92:8B:9E:D3:24:91:DE:9B:A1:04:64:B0:63:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwITq6Hqkoue0ySR3puhBGSwY2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/YChIzMP3tlRRbs-I-1mvzGDmUQU.roa
Signing time: Sun 01 Jan 2023 20:34:52 +0000
ROA not before: Sun 01 Jan 2023 20:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203136
IP address blocks: 185.143.176.0/24 maxlen: 24
185.143.176.0/22 maxlen: 22
185.143.179.0/24 maxlen: 24
185.143.178.0/24 maxlen: 24
185.143.177.0/24 maxlen: 24
2a0e:2702::/32 maxlen: 32
2a0e:2700::/32 maxlen: 32
2a0e:2703::/32 maxlen: 32
2a0e:2701::/32 maxlen: 32
2a0e:2700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:58:b0:51:40:7e:e4:60:6f:e9:09:2b:15:42:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=630213aba1ea928b9ed32491de9ba10464b0636c
Validity
Not Before: Jan 1 20:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=602848ccc3f7b654516ecf88fb59afcc60e65105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:80:01:14:8e:2c:bd:d9:50:2b:2f:3f:42:28:
39:e3:9e:5c:c5:cc:78:88:f3:90:65:f0:68:3f:96:
5d:38:1d:2e:ab:94:56:a8:55:05:44:af:fa:71:1d:
05:f5:72:85:09:3a:cf:93:26:2c:7a:c5:e0:e7:62:
7a:9f:4a:89:28:83:f8:b4:3e:34:7a:43:9d:6c:5e:
cc:f0:92:ac:cf:36:c0:2e:74:0d:5a:3c:81:52:c3:
fc:48:ee:27:69:ef:83:58:de:99:d7:41:25:ce:16:
ab:bb:db:6a:af:33:56:41:e2:80:5c:18:e2:4b:68:
05:e1:e4:96:22:f2:48:3e:c0:19:1b:06:12:a9:9c:
2f:98:04:22:ca:e4:ab:bb:fd:09:c4:f4:8d:d9:38:
c2:a1:b6:4f:60:1f:cd:79:a0:55:d3:85:19:51:65:
b8:0c:f4:5d:6c:4d:4f:74:31:5c:fe:c6:3c:13:e8:
02:03:4b:50:be:83:4e:36:5e:bc:3a:11:ad:60:b7:
37:7e:25:3f:27:d2:df:ac:d0:17:52:c2:f0:49:49:
5b:90:22:de:28:e1:b0:6d:5b:43:3d:9d:6f:7f:07:
c8:c8:94:f2:cb:1e:ff:63:a2:0c:43:94:d2:a5:54:
a2:17:bd:d5:cb:2c:92:b6:69:41:8b:79:c1:a9:5e:
36:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:28:48:CC:C3:F7:B6:54:51:6E:CF:88:FB:59:AF:CC:60:E6:51:05
X509v3 Authority Key Identifier:
keyid:63:02:13:AB:A1:EA:92:8B:9E:D3:24:91:DE:9B:A1:04:64:B0:63:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwITq6Hqkoue0ySR3puhBGSwY2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/YChIzMP3tlRRbs-I-1mvzGDmUQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/YwITq6Hqkoue0ySR3puhBGSwY2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.176.0/22
IPv6:
2a0e:2700::/29
Signature Algorithm: sha256WithRSAEncryption
71:0c:40:51:5c:9a:ac:d8:94:10:06:9e:7a:34:cf:12:de:e2:
4e:83:dc:cb:8c:3e:ff:e3:3c:9f:c0:cb:30:43:15:4d:cd:db:
65:71:c9:0c:e5:00:7b:d9:27:e8:d9:3b:a2:a4:21:9a:8e:55:
ce:7b:85:4d:ae:46:04:52:57:c4:2f:78:ac:30:80:52:b0:7f:
42:2a:75:fe:62:b0:5f:ea:11:d2:2e:a7:83:d7:9f:f0:22:82:
e2:f1:71:66:9e:78:d1:dc:fa:3e:c2:8c:30:79:48:8b:f0:cb:
17:fe:e6:42:ed:41:d2:0a:3b:38:35:27:90:cc:95:cb:3d:00:
19:de:bb:33:4e:91:fa:d8:f0:a8:67:08:09:58:55:bd:d8:a8:
0a:48:e3:ed:8d:9d:4b:7c:da:f1:1e:d8:c1:03:89:66:ca:66:
08:02:11:3d:23:08:e1:c8:3b:55:e1:0d:a4:0b:da:85:65:63:
eb:4a:a7:60:23:12:22:ba:b2:fd:78:14:3d:29:d6:d5:9e:b1:
f0:c4:0b:6d:5d:b5:4b:63:8f:ee:95:a3:4a:9a:68:a8:ed:97:
a5:5b:fb:93:d3:0c:64:6a:41:61:24:c7:8a:36:f6:16:c6:dc:
b8:6e:e7:04:29:2a:13:de:a9:81:9e:38:f5:b1:54:55:73:82:
97:f7:a5:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC1iwUUB+5GBv6QkrFULZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDIxM2FiYTFlYTkyOGI5ZWQzMjQ5MWRlOWJhMTA0NjRi
MDYzNmMwHhcNMjMwMTAxMjAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI4NDhjY2MzZjdiNjU0NTE2ZWNmODhmYjU5YWZjYzYwZTY1MTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroABFI4svdlQKy8/Qig5455cxcx4
iPOQZfBoP5ZdOB0uq5RWqFUFRK/6cR0F9XKFCTrPkyYsesXg52J6n0qJKIP4tD40
ekOdbF7M8JKszzbALnQNWjyBUsP8SO4nae+DWN6Z10Elzharu9tqrzNWQeKAXBji
S2gF4eSWIvJIPsAZGwYSqZwvmAQiyuSru/0JxPSN2TjCobZPYB/NeaBV04UZUWW4
DPRdbE1PdDFc/sY8E+gCA0tQvoNONl68OhGtYLc3fiU/J9LfrNAXUsLwSUlbkCLe
KOGwbVtDPZ1vfwfIyJTyyx7/Y6IMQ5TSpVSiF73VyyyStmlBi3nBqV42JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGAoSMzD97ZUUW7PiPtZr8xg5lEFMB8GA1UdIwQY
MBaAFGMCE6uh6pKLntMkkd6boQRksGNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdJVHE2SHFrb3VlMHlTUjNwdWhCR1N3WTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9hY2NjNzYtZTEyMy00NWIxLTk2YjQt
OGY0YzU5ZWMyMGJlLzEvWUNoSXpNUDN0bFJSYnMtSS0xbXZ6R0RtVVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9hY2NjNzYtZTEyMy00NWIxLTk2YjQtOGY0YzU5ZWMyMGJl
LzEvWXdJVHE2SHFrb3VlMHlTUjNwdWhCR1N3WTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY+wMA0E
AgACMAcDBQMqDicAMA0GCSqGSIb3DQEBCwUAA4IBAQBxDEBRXJqs2JQQBp56NM8S
3uJOg9zLjD7/4zyfwMswQxVNzdtlcckM5QB72Sfo2TuipCGajlXOe4VNrkYEUlfE
L3isMIBSsH9CKnX+YrBf6hHSLqeD15/wIoLi8XFmnnjR3Po+wowweUiL8MsX/uZC
7UHSCjs4NSeQzJXLPQAZ3rszTpH62PCoZwgJWFW92KgKSOPtjZ1LfNrxHtjBA4lm
ymYIAhE9IwjhyDtV4Q2kC9qFZWPrSqdgIxIiurL9eBQ9KdbVnrHwxAttXbVLY4/u
laNKmmio7ZelW/uT0wxkakFhJMeKNvYWxty4bucEKSoT3qmBnjj1sVRVc4KX96XA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:31 2025 by rpki-client