Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/yhhlvxa1pS7T_ZBVZCRV403IixI.roa
File: yhhlvxa1pS7T_ZBVZCRV403IixI.roa (raw, json)
Hash identifier: uPhYBoB8JcydYmIaJ1WZXJihf8PZtOnCS9DhqTsLMnE=
Subject key identifier: CA:18:65:BF:16:B5:A5:2E:D3:FD:90:55:64:24:55:E3:4D:C8:8B:12
Certificate issuer: /CN=45ad6f1f1b730c7a016b562c12b31becc4b3e1fa
Certificate serial: 018A7386949D2BB137C8D4116044CA7C16DB
Authority key identifier: 45:AD:6F:1F:1B:73:0C:7A:01:6B:56:2C:12:B3:1B:EC:C4:B3:E1:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ra1vHxtzDHoBa1YsErMb7MSz4fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/yhhlvxa1pS7T_ZBVZCRV403IixI.roa
Signing time: Fri 08 Sep 2023 06:41:54 +0000
ROA not before: Fri 08 Sep 2023 06:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30981
IP address blocks: 82.205.202.0/23 maxlen: 24
82.205.204.0/22 maxlen: 24
82.205.208.0/20 maxlen: 24
82.205.224.0/19 maxlen: 24
82.205.128.0/22 maxlen: 24
82.205.132.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:86:94:9d:2b:b1:37:c8:d4:11:60:44:ca:7c:16:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45ad6f1f1b730c7a016b562c12b31becc4b3e1fa
Validity
Not Before: Sep 8 06:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca1865bf16b5a52ed3fd9055642455e34dc88b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9d:00:c9:7a:dc:78:21:d5:62:d8:f2:af:c3:
08:8f:61:ca:cf:bd:b0:63:20:f4:d0:1c:74:fe:4f:
cf:d8:83:27:81:a1:97:40:60:c5:11:36:cc:bb:68:
b0:38:51:cd:f7:1d:f4:da:fd:1a:83:20:5f:3f:9d:
29:d8:e1:0a:d4:85:f7:42:2f:9a:f2:aa:35:71:fe:
72:6a:5d:2d:29:f7:f7:87:ef:94:33:31:5e:b7:ac:
6e:36:d1:25:a1:ff:59:f5:d8:ae:e6:95:62:cd:6d:
73:89:23:d0:6d:98:7d:e3:89:2c:cb:d9:87:88:d0:
10:bc:32:31:01:c9:c7:44:93:bc:2b:fd:fe:ff:fb:
82:3e:f3:0a:78:dd:f2:d1:28:32:ae:7b:14:7d:35:
05:5c:a5:3c:5b:78:56:fb:d4:5e:25:cc:57:f0:0e:
ef:b6:26:9e:28:35:68:d5:02:cc:03:66:f7:86:e7:
cf:66:80:7a:48:4e:b6:ee:ca:a6:f0:02:cf:9a:21:
bf:f9:18:ae:33:d7:1b:20:42:5b:6a:8f:09:d6:27:
47:12:54:0c:c5:b5:a8:84:6d:df:09:b4:be:3c:93:
e5:cd:11:8f:08:72:61:d1:9a:55:a8:4e:88:bc:47:
56:d4:f7:c2:8c:9a:a1:03:98:56:0e:f3:3e:d0:22:
59:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:18:65:BF:16:B5:A5:2E:D3:FD:90:55:64:24:55:E3:4D:C8:8B:12
X509v3 Authority Key Identifier:
keyid:45:AD:6F:1F:1B:73:0C:7A:01:6B:56:2C:12:B3:1B:EC:C4:B3:E1:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ra1vHxtzDHoBa1YsErMb7MSz4fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/yhhlvxa1pS7T_ZBVZCRV403IixI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/Ra1vHxtzDHoBa1YsErMb7MSz4fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.205.128.0-82.205.133.255
82.205.202.0-82.205.255.255
Signature Algorithm: sha256WithRSAEncryption
53:39:14:33:c1:2d:39:96:6e:2f:f0:e9:46:15:32:49:28:60:
a0:6a:5e:b4:31:c1:08:a0:d6:ff:68:c3:51:1a:bd:4c:07:f2:
b8:69:78:0e:d7:28:9a:a1:3e:66:71:a9:08:2e:33:25:23:26:
ac:16:d9:aa:56:13:cb:f1:09:48:25:ef:a3:6d:be:f5:32:8b:
7c:43:34:3a:a8:16:14:e9:fb:35:fa:ed:31:f5:4c:e4:ea:e6:
5e:06:a4:ad:8c:e3:1f:dd:95:4b:86:51:a5:84:10:ae:5d:12:
59:c9:13:e7:95:8c:70:d7:34:50:c7:ea:50:cf:48:ca:6c:b2:
9e:08:8c:dd:dd:62:97:0c:28:2e:7d:d3:93:cb:eb:5e:05:57:
dd:ac:8c:c8:d0:a6:be:fd:3f:a0:45:cb:72:cb:d2:a2:b2:48:
46:46:06:a7:b1:5e:1e:49:ff:0d:d5:c5:b3:09:e2:ad:44:81:
da:f7:eb:0b:66:0a:06:9c:5e:23:69:d7:0a:d2:83:bc:b7:c8:
ba:d2:35:ef:3e:40:1b:ff:a8:a0:b1:90:f1:01:b7:78:9b:2c:
c6:d5:79:88:7c:20:7d:90:dc:8e:f1:34:80:fb:e5:70:14:0d:
74:83:cb:3d:27:5b:32:ad:ae:5a:a3:68:e5:32:f8:e6:e2:8e:
4d:d8:52:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpzhpSdK7E3yNQRYETKfBbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YWQ2ZjFmMWI3MzBjN2EwMTZiNTYyYzEyYjMxYmVjYzRi
M2UxZmEwHhcNMjMwOTA4MDY0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE4NjViZjE2YjVhNTJlZDNmZDkwNTU2NDI0NTVlMzRkYzg4YjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ0AyXrceCHVYtjyr8MIj2HKz72w
YyD00Bx0/k/P2IMngaGXQGDFETbMu2iwOFHN9x302v0agyBfP50p2OEK1IX3Qi+a
8qo1cf5yal0tKff3h++UMzFet6xuNtElof9Z9diu5pVizW1ziSPQbZh944ksy9mH
iNAQvDIxAcnHRJO8K/3+//uCPvMKeN3y0SgyrnsUfTUFXKU8W3hW+9ReJcxX8A7v
tiaeKDVo1QLMA2b3hufPZoB6SE627sqm8ALPmiG/+RiuM9cbIEJbao8J1idHElQM
xbWohG3fCbS+PJPlzRGPCHJh0ZpVqE6IvEdW1PfCjJqhA5hWDvM+0CJZgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMoYZb8WtaUu0/2QVWQkVeNNyIsSMB8GA1UdIwQY
MBaAFEWtbx8bcwx6AWtWLBKzG+zEs+H6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmExdkh4dHpESG9CYTFZc0VyTWI3TVN6NGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wMGMwM2MtZDIwNy00ZWMxLTlkZDkt
MzI0NDljZTZjZjg5LzEveWhobHZ4YTFwUzdUX1pCVlpDUlY0MDNJaXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8wMGMwM2MtZDIwNy00ZWMxLTlkZDktMzI0NDljZTZjZjg5
LzEvUmExdkh4dHpESG9CYTFZc0VyTWI3TVN6NGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAwDBAdSzYAD
BAFSzYQwCwMEAVLNygMDAVLMMA0GCSqGSIb3DQEBCwUAA4IBAQBTORQzwS05lm4v
8OlGFTJJKGCgal60McEIoNb/aMNRGr1MB/K4aXgO1yiaoT5mcakILjMlIyasFtmq
VhPL8QlIJe+jbb71Mot8QzQ6qBYU6fs1+u0x9Uzk6uZeBqStjOMf3ZVLhlGlhBCu
XRJZyRPnlYxw1zRQx+pQz0jKbLKeCIzd3WKXDCgufdOTy+teBVfdrIzI0Ka+/T+g
Rctyy9KiskhGRgansV4eSf8N1cWzCeKtRIHa9+sLZgoGnF4jadcK0oO8t8i60jXv
PkAb/6igsZDxAbd4myzG1XmIfCB9kNyO8TSA++VwFA10g8s9J1syra5ao2jlMvjm
4o5N2FJR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:28 2025 by rpki-client