Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YMxDvHgbRmfmgZsM1YchxRhmeXM.roa
File: YMxDvHgbRmfmgZsM1YchxRhmeXM.roa (raw, json)
Hash identifier: PIKpX3NC3Yt5lLTNNMdXwo+V5+kEisRYTMOD6f7SgcY=
Subject key identifier: 60:CC:43:BC:78:1B:46:67:E6:81:9B:0C:D5:87:21:C5:18:66:79:73
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570957E7D74C6551D7D2FAB8FC99C9EEE
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YMxDvHgbRmfmgZsM1YchxRhmeXM.roa
Signing time: Mon 02 Jan 2023 03:45:23 +0000
ROA not before: Mon 02 Jan 2023 03:45:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62083
IP address blocks: 92.38.6.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:7e:7d:74:c6:55:1d:7d:2f:ab:8f:c9:9c:9e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60cc43bc781b4667e6819b0cd58721c518667973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:da:f6:06:cf:7a:e3:8e:7c:a9:f6:14:fd:73:
57:54:23:20:71:3d:5c:db:e0:64:f9:aa:01:2e:aa:
0b:c9:e5:fa:98:26:41:c7:1e:b8:df:11:25:7c:b8:
d1:82:fc:50:12:50:9f:e9:9c:a3:4f:dc:92:80:a8:
45:38:3a:9c:23:fe:a6:c1:fa:24:bf:50:4c:21:a8:
55:d2:5e:0f:c4:3b:5b:bd:80:0d:2b:1a:59:3c:e0:
fd:87:d7:b4:a2:fe:fd:16:b1:ca:6f:bd:b9:19:c5:
b9:00:00:6b:8d:4c:33:fb:72:ea:5a:49:53:45:af:
93:d7:05:33:c5:fa:03:c7:88:4f:61:79:86:a0:11:
42:ab:86:bd:17:a8:6e:52:c8:09:69:a9:60:ae:6a:
13:1e:12:74:69:f3:cc:6b:08:76:5e:b5:2b:75:5f:
65:ef:4c:6b:25:db:26:07:07:e5:d2:32:36:63:b0:
95:52:70:b6:e5:61:24:6c:d4:85:86:6a:26:36:2a:
77:ce:64:9b:52:8a:37:de:da:46:30:d7:51:d9:01:
a0:99:8c:2e:53:a2:9b:47:c0:a1:1f:8f:62:87:87:
7b:89:99:e3:d2:cf:20:1b:82:11:f1:d1:72:2a:38:
d8:43:b7:7d:b5:1e:43:40:60:38:ac:c7:ea:a6:90:
03:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CC:43:BC:78:1B:46:67:E6:81:9B:0C:D5:87:21:C5:18:66:79:73
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YMxDvHgbRmfmgZsM1YchxRhmeXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.6.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:47:63:2b:9d:78:7c:7d:16:e3:88:f4:2b:1d:cd:ce:6f:54:
33:ac:c0:46:69:84:3e:9a:47:5a:73:9e:0d:72:42:fa:5a:8a:
d1:88:c7:4a:1e:c2:a5:6e:4b:50:6d:35:aa:22:47:0b:0a:64:
87:53:88:d7:2a:b9:79:e0:e7:8a:eb:fa:1d:10:d6:33:9c:cb:
af:d4:00:2c:5f:cf:ae:7c:44:95:28:0e:70:fe:28:6a:ca:0c:
4b:62:24:9a:38:15:88:db:44:42:ab:77:7c:7e:3c:94:ee:58:
c7:79:54:15:3b:19:73:a0:54:f4:b3:6f:47:24:5b:53:68:c2:
95:36:fc:05:bb:3d:0a:a1:cd:e4:1a:0e:cc:14:02:44:0d:7d:
d7:2b:d3:29:c4:6f:21:f2:ff:d6:ea:84:53:01:e2:ef:8d:cc:
b5:f6:4f:8d:55:94:10:6c:fc:f4:7a:5a:68:ca:32:e9:32:60:
17:37:40:0d:97:ab:1a:43:cb:fb:4e:65:f1:43:06:14:bd:8a:
ee:d5:c6:d9:a8:35:f9:eb:c0:94:81:95:6f:4d:18:9e:d1:cc:
16:82:ed:4c:6a:9d:19:c3:45:02:6b:01:ee:dd:9a:e7:45:5a:
ca:4b:d1:de:80:1d:b1:b6:45:5d:61:1d:6c:3c:83:47:b8:78:
43:f8:25:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlX59dMZVHX0vq4/JnJ7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNjNDNiYzc4MWI0NjY3ZTY4MTliMGNkNTg3MjFjNTE4NjY3OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtr2Bs964458qfYU/XNXVCMgcT1c
2+Bk+aoBLqoLyeX6mCZBxx643xElfLjRgvxQElCf6ZyjT9ySgKhFODqcI/6mwfok
v1BMIahV0l4PxDtbvYANKxpZPOD9h9e0ov79FrHKb725GcW5AABrjUwz+3LqWklT
Ra+T1wUzxfoDx4hPYXmGoBFCq4a9F6huUsgJaalgrmoTHhJ0afPMawh2XrUrdV9l
70xrJdsmBwfl0jI2Y7CVUnC25WEkbNSFhmomNip3zmSbUoo33tpGMNdR2QGgmYwu
U6KbR8ChH49ih4d7iZnj0s8gG4IR8dFyKjjYQ7d9tR5DQGA4rMfqppADGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDMQ7x4G0Zn5oGbDNWHIcUYZnlzMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWU14RHZIZ2JSbWZtZ1pzTTFZY2h4UmhtZVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXCYGMA0G
CSqGSIb3DQEBCwUAA4IBAQA/R2MrnXh8fRbjiPQrHc3Ob1QzrMBGaYQ+mkdac54N
ckL6WorRiMdKHsKlbktQbTWqIkcLCmSHU4jXKrl54OeK6/odENYznMuv1AAsX8+u
fESVKA5w/ihqygxLYiSaOBWI20RCq3d8fjyU7ljHeVQVOxlzoFT0s29HJFtTaMKV
NvwFuz0Koc3kGg7MFAJEDX3XK9MpxG8h8v/W6oRTAeLvjcy19k+NVZQQbPz0elpo
yjLpMmAXN0ANl6saQ8v7TmXxQwYUvYru1cbZqDX568CUgZVvTRie0cwWgu1Map0Z
w0UCawHu3ZrnRVrKS9HegB2xtkVdYR1sPINHuHhD+CWm
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:19 2025 by rpki-client