Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/ylO11vOEeRGAR70SyBV04-4EpXM.roa
File: ylO11vOEeRGAR70SyBV04-4EpXM.roa (raw, json)
Hash identifier: QXulB9u3noNIhhPUSdiO9g1MzuyoX7NuJGBBLzL0c/w=
Subject key identifier: CA:53:B5:D6:F3:84:79:11:80:47:BD:12:C8:15:74:E3:EE:04:A5:73
Certificate issuer: /CN=00933848021d3888860dadf7188094d792af6ae6
Certificate serial: 018571D7D033EF0E8ED884D46A3BFA15E752
Authority key identifier: 00:93:38:48:02:1D:38:88:86:0D:AD:F7:18:80:94:D7:92:AF:6A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJM4SAIdOIiGDa33GICU15KvauY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/ylO11vOEeRGAR70SyBV04-4EpXM.roa
Signing time: Mon 02 Jan 2023 09:37:26 +0000
ROA not before: Mon 02 Jan 2023 09:37:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201897
IP address blocks: 185.59.254.0/24 maxlen: 24
185.59.255.0/24 maxlen: 24
185.59.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d0:33:ef:0e:8e:d8:84:d4:6a:3b:fa:15:e7:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00933848021d3888860dadf7188094d792af6ae6
Validity
Not Before: Jan 2 09:37:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca53b5d6f38479118047bd12c81574e3ee04a573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:17:0a:8a:f7:d4:46:50:46:fe:8e:cc:e2:a1:
78:eb:07:4c:3b:be:8f:14:bd:72:df:e4:4b:96:40:
a2:e5:51:67:00:6f:bd:c4:22:c6:0c:48:d4:2a:43:
c3:4e:00:3d:17:c3:9f:e2:dc:ca:2c:df:11:c0:f6:
36:fb:cd:db:68:8f:06:06:55:db:b5:60:ad:05:0b:
dc:1f:08:05:b6:f5:f4:9d:91:04:82:48:f9:8a:18:
03:0a:6a:95:57:63:a7:12:e1:a0:ab:3f:7e:07:25:
d9:7b:51:07:dd:94:54:c0:0e:95:62:b9:a9:7e:f5:
6d:42:dd:22:2b:b2:e8:43:95:35:d9:6a:d3:81:1b:
5e:69:8a:28:eb:a1:1b:3e:81:17:5e:0b:49:f2:15:
97:14:d2:63:31:19:a1:38:9a:a8:23:d0:43:13:0c:
2b:2e:8b:88:c4:2e:96:3c:eb:7e:8a:49:31:74:74:
90:5c:84:77:07:02:c5:3c:cf:b0:15:2b:84:02:fd:
9d:d9:e0:65:06:f9:0c:77:15:49:dc:36:00:d3:26:
d9:72:fb:67:b4:c6:a6:04:db:88:09:48:9a:b2:a4:
19:96:15:c9:1c:21:ba:a0:5d:1a:35:34:ff:f8:b2:
d3:6a:d8:ad:ad:2f:39:e3:86:ec:aa:b3:71:a5:b6:
bd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:53:B5:D6:F3:84:79:11:80:47:BD:12:C8:15:74:E3:EE:04:A5:73
X509v3 Authority Key Identifier:
keyid:00:93:38:48:02:1D:38:88:86:0D:AD:F7:18:80:94:D7:92:AF:6A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJM4SAIdOIiGDa33GICU15KvauY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/ylO11vOEeRGAR70SyBV04-4EpXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/AJM4SAIdOIiGDa33GICU15KvauY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.252.0/22
Signature Algorithm: sha256WithRSAEncryption
28:ae:9e:85:1e:24:d3:f7:ad:56:02:a4:a9:e1:08:e4:ea:ae:
eb:2b:bc:41:b9:4d:c4:61:4c:60:80:86:65:95:e1:3a:9b:67:
a4:0a:1c:6a:63:24:e3:42:6a:2c:56:05:bc:ad:73:f2:26:bc:
a7:aa:61:13:b1:e2:48:e2:4b:4e:61:74:33:4a:e2:49:8a:57:
88:7e:b5:92:4b:80:f8:bb:b5:24:9d:72:64:47:67:a3:ed:01:
fa:ea:9f:ad:64:38:09:65:e3:0a:0f:cd:f7:ea:ca:b2:50:2d:
ec:69:41:d3:1c:92:ff:39:f6:25:cf:44:9d:ca:ba:82:6a:43:
d2:b9:d3:f4:a3:00:d9:10:3f:25:af:80:c6:b2:64:f2:88:02:
3e:e2:40:c8:dc:7c:9a:d8:89:ca:3f:ed:58:de:76:02:c8:87:
03:ee:b9:80:92:e5:c6:10:85:72:ac:e6:70:cd:ee:f5:2c:5a:
65:24:59:e4:8e:09:08:7e:c7:85:01:e3:58:20:c7:de:14:82:
6a:09:cf:da:93:36:cc:ad:a4:63:26:9b:34:5a:c3:08:e4:9a:
70:fa:ad:e9:b2:22:65:d6:f1:3b:de:cc:3e:fb:87:43:3f:75:
7a:6f:20:3e:83:2e:8e:5a:db:da:a1:b2:d7:35:72:db:0e:d3:
76:01:0a:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx19Az7w6O2ITUajv6FedSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOTMzODQ4MDIxZDM4ODg4NjBkYWRmNzE4ODA5NGQ3OTJh
ZjZhZTYwHhcNMjMwMTAyMDkzNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTUzYjVkNmYzODQ3OTExODA0N2JkMTJjODE1NzRlM2VlMDRhNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixcKivfURlBG/o7M4qF46wdMO76P
FL1y3+RLlkCi5VFnAG+9xCLGDEjUKkPDTgA9F8Of4tzKLN8RwPY2+83baI8GBlXb
tWCtBQvcHwgFtvX0nZEEgkj5ihgDCmqVV2OnEuGgqz9+ByXZe1EH3ZRUwA6VYrmp
fvVtQt0iK7LoQ5U12WrTgRteaYoo66EbPoEXXgtJ8hWXFNJjMRmhOJqoI9BDEwwr
LouIxC6WPOt+ikkxdHSQXIR3BwLFPM+wFSuEAv2d2eBlBvkMdxVJ3DYA0ybZcvtn
tMamBNuICUiasqQZlhXJHCG6oF0aNTT/+LLTatitrS8544bsqrNxpba9DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpTtdbzhHkRgEe9EsgVdOPuBKVzMB8GA1UdIwQY
MBaAFACTOEgCHTiIhg2t9xiAlNeSr2rmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpNNFNBSWRPSWlHRGEzM0dJQ1UxNUt2YXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My84Njc2MmItYWE2MS00ODRhLWIxNTkt
OTdmMzliYjEzMzJkLzEveWxPMTF2T0VlUkdBUjcwU3lCVjA0LTRFcFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My84Njc2MmItYWE2MS00ODRhLWIxNTktOTdmMzliYjEzMzJk
LzEvQUpNNFNBSWRPSWlHRGEzM0dJQ1UxNUt2YXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTv8MA0G
CSqGSIb3DQEBCwUAA4IBAQAorp6FHiTT961WAqSp4Qjk6q7rK7xBuU3EYUxggIZl
leE6m2ekChxqYyTjQmosVgW8rXPyJrynqmETseJI4ktOYXQzSuJJileIfrWSS4D4
u7UknXJkR2ej7QH66p+tZDgJZeMKD8336sqyUC3saUHTHJL/OfYlz0SdyrqCakPS
udP0owDZED8lr4DGsmTyiAI+4kDI3Hya2InKP+1Y3nYCyIcD7rmAkuXGEIVyrOZw
ze71LFplJFnkjgkIfseFAeNYIMfeFIJqCc/akzbMraRjJps0WsMI5Jpw+q3psiJl
1vE73sw++4dDP3V6byA+gy6OWtvaobLXNXLbDtN2AQoZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:58 2025 by rpki-client