Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/YvJBaOrmAY2k5UI3K7fDBoCeFhM.roa
File: YvJBaOrmAY2k5UI3K7fDBoCeFhM.roa (raw, json)
Hash identifier: uYzbWTQsY9kIdCjcoZjHnYrGrLZW6+jd94qH1OUpxo0=
Subject key identifier: 62:F2:41:68:EA:E6:01:8D:A4:E5:42:37:2B:B7:C3:06:80:9E:16:13
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018A83152A5418C29ACD0AFD169B84EDEC9F
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/YvJBaOrmAY2k5UI3K7fDBoCeFhM.roa
Signing time: Mon 11 Sep 2023 07:11:56 +0000
ROA not before: Mon 11 Sep 2023 07:11:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:15:2a:54:18:c2:9a:cd:0a:fd:16:9b:84:ed:ec:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Sep 11 07:11:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62f24168eae6018da4e542372bb7c306809e1613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:0c:70:8b:62:c4:27:c7:76:d2:59:e4:ca:
aa:6f:74:40:90:f6:8b:39:25:bc:bd:48:b6:b2:6f:
79:de:aa:28:b5:6b:54:11:00:73:26:bc:d0:f4:a6:
0f:4d:a6:c7:05:35:d6:88:06:41:f2:1e:eb:6e:27:
5a:b7:81:77:e7:22:2c:f6:25:67:40:20:fc:65:c6:
52:07:f9:67:a9:c0:4b:6a:6e:7b:7e:83:61:f6:7d:
bf:ef:db:e0:42:e8:57:4d:8f:44:04:f5:f9:32:7f:
db:0e:b0:ac:dd:4b:f1:70:39:43:0e:b3:ee:7b:cf:
7b:01:c9:c4:af:98:49:9f:78:f8:44:03:2c:09:94:
f2:2c:aa:79:58:0c:c1:f0:7b:5f:b4:9d:c6:c0:5c:
df:d1:fb:05:5a:77:9b:73:49:b3:d5:3a:71:7a:91:
f2:bd:19:dd:63:54:bb:04:3c:0b:fe:e1:b6:84:c6:
b0:ed:20:9b:a6:45:ac:1b:a7:1c:01:71:8e:69:17:
e1:d1:c3:73:9d:b7:74:9d:74:f1:37:90:b3:5f:39:
06:da:8b:4c:62:c2:28:4f:2f:52:8c:85:32:6d:9d:
77:95:1f:48:fb:72:98:2c:d7:fc:e3:be:12:1c:3e:
88:cb:e7:ec:97:49:16:27:0e:73:d7:17:a6:5f:4e:
de:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F2:41:68:EA:E6:01:8D:A4:E5:42:37:2B:B7:C3:06:80:9E:16:13
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/YvJBaOrmAY2k5UI3K7fDBoCeFhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.195.0/24
185.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
51:06:53:fb:9b:43:04:dc:38:1d:79:9e:93:81:89:54:00:a2:
28:d5:6c:64:ae:a9:e2:5d:8e:4a:1c:ff:33:b5:41:81:b9:9e:
32:e5:86:67:29:65:e1:9b:08:07:25:90:90:73:ce:16:9e:13:
cb:55:2e:42:ab:35:fb:c5:6b:c2:d3:c9:64:ef:15:f5:6e:5e:
02:4a:db:d5:fb:23:66:ff:ac:0e:02:84:73:f3:be:da:60:8a:
72:6d:41:03:69:0a:37:12:79:3e:88:0d:1c:55:2f:95:4b:3e:
2d:47:a0:29:b2:53:67:4d:e2:15:6d:8c:2d:ae:f2:8d:10:05:
bd:be:30:ba:ca:5f:2e:80:fd:c9:33:1b:f5:ae:58:01:7e:58:
b6:28:6b:ac:91:2a:b5:62:eb:08:49:4d:d4:57:f5:f7:29:99:
9e:3e:f7:35:d9:3a:8c:ed:5a:f5:e0:a9:74:7f:49:23:97:5f:
cb:6a:14:6a:7e:bd:39:2d:ee:75:5e:26:dd:78:46:54:27:95:
80:1d:af:53:07:19:00:c1:f1:52:66:4b:1f:6d:d1:6c:25:48:
86:c1:d0:75:4f:2c:42:77:4c:73:d7:aa:24:75:4b:61:56:1b:
f7:14:68:cc:43:aa:2b:4f:10:7d:c5:2a:e0:b6:f8:b6:13:85:
84:b0:b5:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqDFSpUGMKazQr9FpuE7eyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwOTExMDcxMTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYyNDE2OGVhZTYwMThkYTRlNTQyMzcyYmI3YzMwNjgwOWUxNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIIMcItixCfHdtJZ5Mqqb3RAkPaL
OSW8vUi2sm953qootWtUEQBzJrzQ9KYPTabHBTXWiAZB8h7rbidat4F35yIs9iVn
QCD8ZcZSB/lnqcBLam57foNh9n2/79vgQuhXTY9EBPX5Mn/bDrCs3UvxcDlDDrPu
e897AcnEr5hJn3j4RAMsCZTyLKp5WAzB8HtftJ3GwFzf0fsFWnebc0mz1TpxepHy
vRndY1S7BDwL/uG2hMaw7SCbpkWsG6ccAXGOaRfh0cNznbd0nXTxN5CzXzkG2otM
YsIoTy9SjIUybZ13lR9I+3KYLNf8474SHD6Iy+fsl0kWJw5z1xemX07emwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGLyQWjq5gGNpOVCNyu3wwaAnhYTMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvWXZKQmFPcm1BWTJrNVVJM0s3ZkRCb0NlRmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaDDAwQA
uancMA0GCSqGSIb3DQEBCwUAA4IBAQBRBlP7m0ME3DgdeZ6TgYlUAKIo1Wxkrqni
XY5KHP8ztUGBuZ4y5YZnKWXhmwgHJZCQc84WnhPLVS5CqzX7xWvC08lk7xX1bl4C
StvV+yNm/6wOAoRz877aYIpybUEDaQo3Enk+iA0cVS+VSz4tR6ApslNnTeIVbYwt
rvKNEAW9vjC6yl8ugP3JMxv1rlgBfli2KGuskSq1YusISU3UV/X3KZmePvc12TqM
7Vr14Kl0f0kjl1/LahRqfr05Le51XibdeEZUJ5WAHa9TBxkAwfFSZksfbdFsJUiG
wdB1TyxCd0xz16okdUthVhv3FGjMQ6orTxB9xSrgtvi2E4WEsLXu
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:08:23 2025 by rpki-client