Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/y2g__n2LVt94xWNVL_9KzY7YMF4.roa
File: y2g__n2LVt94xWNVL_9KzY7YMF4.roa (raw, json)
Hash identifier: 4uyofwFp+WUHvKDYMLdMBlWJX96/Bc/eKYyUjuLzMLc=
Subject key identifier: CB:68:3F:FE:7D:8B:56:DF:78:C5:63:55:2F:FF:4A:CD:8E:D8:30:5E
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 0185087091CB62C250FDCD92FA73B12DB7AA
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/y2g__n2LVt94xWNVL_9KzY7YMF4.roa
Signing time: Mon 12 Dec 2022 22:24:33 +0000
ROA not before: Mon 12 Dec 2022 22:24:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25098
IP address blocks: 85.116.10.0/24 maxlen: 24
85.116.8.0/24 maxlen: 24
85.116.12.0/23 maxlen: 23
46.248.100.0/24 maxlen: 24
82.136.7.0/24 maxlen: 24
82.136.16.0/22 maxlen: 22
82.136.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:70:91:cb:62:c2:50:fd:cd:92:fa:73:b1:2d:b7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Dec 12 22:24:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb683ffe7d8b56df78c563552fff4acd8ed8305e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:85:eb:5a:bf:ca:c5:84:5f:82:ca:59:24:e0:
1b:3d:af:51:04:2b:dc:bc:68:e6:57:fc:b9:94:b5:
b5:f5:21:33:16:20:83:48:08:66:dd:5f:a1:2d:0d:
95:35:51:47:84:c3:ce:32:15:eb:42:79:1a:73:05:
6f:84:de:3d:a1:61:79:4b:e4:82:44:a2:bf:b2:47:
c9:a3:f8:10:d8:1e:23:38:ca:1f:8b:7a:16:27:2d:
ea:25:8f:97:50:ed:f5:b7:29:ab:82:dc:0e:b3:6b:
f6:58:f3:90:f0:44:09:ad:4d:af:d3:0e:97:62:4a:
68:85:aa:5b:ba:cc:b4:5f:81:12:70:5f:76:fd:62:
c2:15:df:a8:0f:24:10:b0:2c:ca:67:1f:19:d5:ea:
2f:f0:a3:6f:bb:d5:7c:67:52:56:1b:bd:6f:6b:9c:
55:df:58:bf:4a:7e:bb:c3:fd:ea:4b:6d:3f:c5:38:
fd:50:8c:44:37:76:9c:5c:66:90:cc:64:2b:bc:bb:
da:d0:79:3f:0c:e0:b7:62:bd:d8:4c:52:71:dc:07:
4c:f3:e8:9b:7e:55:7d:dc:bd:50:9d:ab:02:f3:0b:
8b:bd:3b:92:af:f9:fe:a2:32:bd:26:f2:ec:14:44:
45:f9:a5:da:6a:e2:e6:8f:71:96:db:9a:93:50:8f:
65:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:68:3F:FE:7D:8B:56:DF:78:C5:63:55:2F:FF:4A:CD:8E:D8:30:5E
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/y2g__n2LVt94xWNVL_9KzY7YMF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.100.0/24
82.136.7.0/24
82.136.12.0-82.136.19.255
85.116.8.0/24
85.116.10.0/24
85.116.12.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:1c:a7:ae:d7:a2:42:04:ac:9d:be:60:22:5f:26:e1:cf:ea:
d0:4a:4c:07:e6:38:bb:ba:86:75:31:ca:3d:02:6f:fb:7b:8e:
78:2e:50:d9:20:40:05:98:cc:c1:82:60:1b:a6:35:9f:66:bc:
4e:b9:b7:f3:bd:1b:58:85:bf:4a:a9:28:05:34:e7:09:ea:25:
e2:a0:4f:b9:b4:eb:a6:3f:ce:52:97:d2:92:9b:30:b6:4c:69:
f6:ae:8c:f7:9e:81:90:ea:49:7a:15:c2:fd:c0:ed:61:81:65:
25:6d:e0:8e:fb:ce:14:b4:3e:66:4d:c9:d8:2c:be:d8:7e:11:
54:ab:23:79:89:64:95:d2:45:8a:3e:76:a1:54:71:a0:70:66:
84:46:b9:31:ed:a9:54:70:68:0c:ac:1e:5a:0b:0d:bd:f1:c7:
61:be:01:74:29:3d:57:b3:12:62:3c:27:79:5a:64:bc:cd:c2:
a7:86:0c:d7:fc:8b:d6:d1:22:db:c3:cb:c5:c0:5d:b2:7e:f5:
b7:2d:a6:5f:97:73:10:b6:6b:00:cf:a5:0a:32:79:43:4c:9d:
b8:65:2a:da:5f:57:1f:c2:b8:a6:dc:1a:ec:d1:09:23:e3:ad:
5d:bd:cf:51:ae:63:98:2a:ad:e2:0f:14:34:61:d8:42:9a:52:
c1:29:ff:1f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYUIcJHLYsJQ/c2S+nOxLbeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjIxMjEyMjIyNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY4M2ZmZTdkOGI1NmRmNzhjNTYzNTUyZmZmNGFjZDhlZDgzMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4XrWr/KxYRfgspZJOAbPa9RBCvc
vGjmV/y5lLW19SEzFiCDSAhm3V+hLQ2VNVFHhMPOMhXrQnkacwVvhN49oWF5S+SC
RKK/skfJo/gQ2B4jOMofi3oWJy3qJY+XUO31tymrgtwOs2v2WPOQ8EQJrU2v0w6X
Ykpohapbusy0X4EScF92/WLCFd+oDyQQsCzKZx8Z1eov8KNvu9V8Z1JWG71va5xV
31i/Sn67w/3qS20/xTj9UIxEN3acXGaQzGQrvLva0Hk/DOC3Yr3YTFJx3AdM8+ib
flV93L1QnasC8wuLvTuSr/n+ojK9JvLsFERF+aXaauLmj3GW25qTUI9lgQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMtoP/59i1bfeMVjVS//Ss2O2DBeMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEveTJnX19uMkxWdDk0eFdOVkxfOUt6WTdZTUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALvhkAwQA
UogHMAwDBAJSiAwDBAJSiBADBABVdAgDBABVdAoDBAFVdAwwDQYJKoZIhvcNAQEL
BQADggEBACocp67XokIErJ2+YCJfJuHP6tBKTAfmOLu6hnUxyj0Cb/t7jnguUNkg
QAWYzMGCYBumNZ9mvE65t/O9G1iFv0qpKAU05wnqJeKgT7m066Y/zlKX0pKbMLZM
afaujPeegZDqSXoVwv3A7WGBZSVt4I77zhS0PmZNydgsvth+EVSrI3mJZJXSRYo+
dqFUcaBwZoRGuTHtqVRwaAysHloLDb3xx2G+AXQpPVezEmI8J3laZLzNwqeGDNf8
i9bRItvDy8XAXbJ+9bctpl+XcxC2awDPpQoyeUNMnbhlKtpfVx/CuKbcGuzRCSPj
rV29z1GuY5gqreIPFDRh2EKaUsEp/x8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:22 2025 by rpki-client