Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/HYrUlGUOYudFVvtWXrkw8WY_Mh8.roa
File: HYrUlGUOYudFVvtWXrkw8WY_Mh8.roa (raw, json)
Hash identifier: pac2L76FjDSH515zadQVFdOgZDDpwBNqArFMeu1/pLE=
Subject key identifier: 1D:8A:D4:94:65:0E:62:E7:45:56:FB:56:5E:B9:30:F1:66:3F:32:1F
Certificate issuer: /CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Certificate serial: 01856DD40610AB2B651F9329DE2AD8CC9503
Authority key identifier: CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/HYrUlGUOYudFVvtWXrkw8WY_Mh8.roa
Signing time: Sun 01 Jan 2023 14:54:49 +0000
ROA not before: Sun 01 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 217.147.192.0/22 maxlen: 22
217.147.196.0/22 maxlen: 22
217.147.200.0/22 maxlen: 22
217.147.200.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:06:10:ab:2b:65:1f:93:29:de:2a:d8:cc:95:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Validity
Not Before: Jan 1 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d8ad494650e62e74556fb565eb930f1663f321f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:2a:8c:6e:91:9f:7e:ad:e7:2b:ff:3f:24:
63:83:be:a0:ae:24:3a:55:7e:3f:ea:43:d0:47:14:
a7:5c:be:b9:a3:da:83:89:a9:18:fa:9e:17:59:70:
08:1c:74:42:ca:f4:60:0d:88:e4:4f:04:9f:69:df:
93:d9:2e:50:39:fe:98:19:22:47:34:a7:d6:27:c4:
df:e1:ba:e2:8b:88:e4:35:38:48:91:fc:cf:cb:38:
04:0c:ca:01:7d:04:16:6d:3d:f3:2f:45:10:be:c5:
96:bb:5d:35:9a:36:6b:7a:f3:e4:be:18:85:6a:22:
f3:3b:99:7a:9e:bf:5b:60:9f:b2:4e:61:cd:0e:21:
68:58:0a:59:2f:ea:31:59:02:34:4e:1d:78:8d:78:
18:20:e9:5b:94:14:df:51:c4:7a:33:60:42:69:2f:
d6:dd:74:27:72:3a:4a:49:4a:4c:5c:f6:47:6e:fa:
34:53:30:5b:74:1a:10:2a:7c:8a:c5:1d:d2:08:8a:
08:03:94:af:32:f0:68:a7:e8:f4:4d:b4:43:54:f4:
c7:04:86:fe:c6:b6:61:f3:a2:b5:d2:21:6b:f5:82:
f3:4b:b1:33:95:b5:9e:3e:24:1b:40:be:93:3b:94:
d2:79:04:2e:7d:73:a8:fc:84:56:59:5d:e4:ea:28:
5f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8A:D4:94:65:0E:62:E7:45:56:FB:56:5E:B9:30:F1:66:3F:32:1F
X509v3 Authority Key Identifier:
keyid:CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/HYrUlGUOYudFVvtWXrkw8WY_Mh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/ypHELfpq-8EeeO6d4ueF-KILUEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.192.0-217.147.203.255
Signature Algorithm: sha256WithRSAEncryption
55:c5:c7:17:2e:6e:53:23:fa:b1:a4:a5:1a:01:05:43:28:7b:
9c:e8:55:74:9c:1b:89:47:ca:d1:88:4b:dd:fc:17:1f:ad:b6:
b2:84:39:03:da:b6:4c:a5:56:5e:cb:ad:61:14:9d:7e:92:c5:
b7:bb:1e:cf:4f:af:94:b6:4f:0c:0b:fb:82:48:a9:c1:7f:01:
91:9b:71:4f:69:e2:2c:8e:49:be:7f:70:e8:5d:b5:78:69:0a:
1b:f4:3b:d3:81:98:64:e4:dd:14:38:d9:75:eb:cc:79:d2:62:
ff:50:ec:6c:97:04:b5:91:7b:ec:05:b9:ef:86:c6:3d:6d:3c:
cc:ad:6d:bf:9c:db:65:34:af:6f:fa:e7:2c:17:a8:a5:f2:66:
75:97:25:c6:80:11:ca:dd:9a:c3:6d:68:e7:98:b9:9a:4f:48:
72:10:4f:b3:47:cb:fb:55:c7:c2:a3:f4:8b:74:4e:3d:bb:5d:
73:cd:b9:58:81:9c:dc:f0:2a:d4:62:e3:b4:3f:8b:0b:00:21:
02:5f:64:29:b0:6b:74:fb:98:97:3f:78:f3:7c:b0:a8:db:6c:
26:9f:1f:09:d9:b1:7c:8a:67:68:76:0d:8a:6b:10:8e:e8:4f:
63:2d:17:40:0a:39:3b:d0:d5:a8:0f:14:65:78:31:a5:c5:4b:
2d:cb:94:30
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVt1AYQqytlH5Mp3irYzJUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTFjNDJkZmE2YWZiYzExZTc4ZWU5ZGUyZTc4NWY4YTIw
YjUwNDMwHhcNMjMwMTAxMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhhZDQ5NDY1MGU2MmU3NDU1NmZiNTY1ZWI5MzBmMTY2M2YzMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzYqjG6Rn36t5yv/PyRjg76griQ6
VX4/6kPQRxSnXL65o9qDiakY+p4XWXAIHHRCyvRgDYjkTwSfad+T2S5QOf6YGSJH
NKfWJ8Tf4brii4jkNThIkfzPyzgEDMoBfQQWbT3zL0UQvsWWu101mjZrevPkvhiF
aiLzO5l6nr9bYJ+yTmHNDiFoWApZL+oxWQI0Th14jXgYIOlblBTfUcR6M2BCaS/W
3XQncjpKSUpMXPZHbvo0UzBbdBoQKnyKxR3SCIoIA5SvMvBop+j0TbRDVPTHBIb+
xrZh86K10iFr9YLzS7EzlbWePiQbQL6TO5TSeQQufXOo/IRWWV3k6ihfaQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB2K1JRlDmLnRVb7Vl65MPFmPzIfMB8GA1UdIwQY
MBaAFMqRxC36avvBHnjuneLnhfiiC1BDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBIRUxmcHEtOEVlZU82ZDR1ZUYtS0lMVUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NTFlODQtMmYxYS00Yzc3LWIxZjIt
ZDU4NjUwNDFhMTRmLzEvSFlyVWxHVU9ZdWRGVnZ0V1hya3c4V1lfTWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NTFlODQtMmYxYS00Yzc3LWIxZjItZDU4NjUwNDFhMTRm
LzEveXBIRUxmcHEtOEVlZU82ZDR1ZUYtS0lMVUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAbZk8AD
BALZk8gwDQYJKoZIhvcNAQELBQADggEBAFXFxxcublMj+rGkpRoBBUMoe5zoVXSc
G4lHytGIS938Fx+ttrKEOQPatkylVl7LrWEUnX6Sxbe7Hs9Pr5S2TwwL+4JIqcF/
AZGbcU9p4iyOSb5/cOhdtXhpChv0O9OBmGTk3RQ42XXrzHnSYv9Q7GyXBLWRe+wF
ue+Gxj1tPMytbb+c22U0r2/65ywXqKXyZnWXJcaAEcrdmsNtaOeYuZpPSHIQT7NH
y/tVx8Kj9It0Tj27XXPNuViBnNzwKtRi47Q/iwsAIQJfZCmwa3T7mJc/ePN8sKjb
bCafHwnZsXyKZ2h2DYprEI7oT2MtF0AKOTvQ1agPFGV4MaXFSy3LlDA=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:29:51 2025 by rpki-client