Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/yJmt_w4sv6kfy9pWxTBHubTMZbQ.roa
File: yJmt_w4sv6kfy9pWxTBHubTMZbQ.roa (raw, json)
Hash identifier: YUaDaRlHczuIbkmFCy7jPUIraU94Yrt1behlqlboUaU=
Subject key identifier: C8:99:AD:FF:0E:2C:BF:A9:1F:CB:DA:56:C5:30:47:B9:B4:CC:65:B4
Certificate issuer: /CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Certificate serial: 01856D13EC1CD32DE61A993BD4AD9B8FB7D6
Authority key identifier: A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/yJmt_w4sv6kfy9pWxTBHubTMZbQ.roa
Signing time: Sun 01 Jan 2023 11:25:00 +0000
ROA not before: Sun 01 Jan 2023 11:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29467
IP address blocks: 45.67.254.0/24 maxlen: 24
45.67.255.0/24 maxlen: 24
45.67.252.0/24 maxlen: 24
45.67.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:ec:1c:d3:2d:e6:1a:99:3b:d4:ad:9b:8f:b7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Validity
Not Before: Jan 1 11:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c899adff0e2cbfa91fcbda56c53047b9b4cc65b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:75:60:7d:bb:9a:98:d9:37:0a:2d:64:be:5d:
4c:c0:6f:c2:30:15:27:53:18:a3:e1:4e:47:09:85:
0a:61:87:d8:cc:1f:54:c9:20:64:55:92:f3:9a:73:
5c:2b:f6:25:51:7b:7c:79:e5:01:0a:9f:99:4a:b2:
17:45:40:08:25:53:98:0f:be:c6:98:78:03:10:3b:
bd:9d:34:e6:bc:52:9c:31:83:69:d4:32:a6:45:c1:
e2:71:d3:d5:83:2a:d7:e3:83:ea:e2:30:50:ad:f5:
ad:11:e6:ae:54:92:eb:96:c1:4f:ff:1e:7e:5c:73:
21:cc:55:66:cd:3f:cb:5a:13:a4:66:ec:39:cb:bb:
3c:52:83:2d:0a:47:8e:b6:d7:2d:37:53:d0:a3:e3:
db:e8:32:0a:14:69:eb:43:a6:20:69:79:ee:57:76:
76:66:51:88:a5:bf:81:ed:80:bf:6c:f9:83:fb:0f:
73:bf:76:3d:a1:6a:ff:f6:b5:9e:c3:8c:8e:b2:09:
b3:44:47:2b:20:e0:5f:0e:2c:54:2b:74:57:5f:a2:
9a:48:5f:57:2e:f2:e8:1f:d6:8b:d6:df:3d:83:fa:
d0:a0:68:ca:8c:53:b1:43:a0:68:60:a6:e9:5e:a0:
c3:18:c5:27:ef:d8:64:2d:4b:56:25:9f:42:60:a4:
5d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:99:AD:FF:0E:2C:BF:A9:1F:CB:DA:56:C5:30:47:B9:B4:CC:65:B4
X509v3 Authority Key Identifier:
keyid:A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/yJmt_w4sv6kfy9pWxTBHubTMZbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.252.0/22
Signature Algorithm: sha256WithRSAEncryption
29:bb:27:df:93:ea:ca:03:d9:d2:75:51:a0:44:93:f4:71:0d:
5d:a3:76:e1:ee:aa:35:41:08:5c:40:f8:00:cc:43:1f:a6:cd:
b6:b1:78:8c:97:d4:13:55:d6:40:14:c5:ec:c9:00:43:1b:74:
e7:a8:9b:c0:e9:1f:18:75:c5:6b:9c:72:c9:15:b3:64:f3:f3:
e5:3a:ac:d7:6d:28:f0:dc:54:21:0a:2d:83:dc:3f:03:43:5d:
a7:aa:06:5b:09:e8:85:77:3c:ae:0c:e3:68:52:98:bb:43:be:
bf:16:26:7c:23:35:8f:ff:57:4f:09:cf:9f:45:b6:38:9f:9a:
3d:3a:22:30:0e:32:74:8e:93:ba:07:37:01:09:6c:0a:b1:77:
c0:c4:e8:24:12:3e:8d:64:07:88:2c:0c:16:06:fe:39:e2:c6:
e8:3d:c6:94:e5:ea:73:4f:34:3a:ca:c2:f7:8d:0c:b2:9d:b0:
a1:35:ad:90:04:73:ec:04:30:16:b5:a3:81:00:a8:09:22:b6:
3c:b1:6a:f3:af:fb:e7:36:af:cd:9e:98:d4:89:13:f5:68:65:
e8:90:e3:2c:7e:26:0f:29:21:43:72:dd:f3:48:2d:18:03:b3:
eb:31:4c:ac:4d:85:69:19:91:82:54:99:f3:f4:de:fb:2b:a8:
89:0a:a4:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE+wc0y3mGpk71K2bj7fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWI0OTQzZTdkNmI0YjBlMWRlODVjOWJjMzhiODU3NTU0
ZGQ0N2QwHhcNMjMwMTAxMTEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk5YWRmZjBlMmNiZmE5MWZjYmRhNTZjNTMwNDdiOWI0Y2M2NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnVgfbuamNk3Ci1kvl1MwG/CMBUn
Uxij4U5HCYUKYYfYzB9UySBkVZLzmnNcK/YlUXt8eeUBCp+ZSrIXRUAIJVOYD77G
mHgDEDu9nTTmvFKcMYNp1DKmRcHicdPVgyrX44Pq4jBQrfWtEeauVJLrlsFP/x5+
XHMhzFVmzT/LWhOkZuw5y7s8UoMtCkeOttctN1PQo+Pb6DIKFGnrQ6YgaXnuV3Z2
ZlGIpb+B7YC/bPmD+w9zv3Y9oWr/9rWew4yOsgmzREcrIOBfDixUK3RXX6KaSF9X
LvLoH9aL1t89g/rQoGjKjFOxQ6BoYKbpXqDDGMUn79hkLUtWJZ9CYKRdQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMiZrf8OLL+pH8vaVsUwR7m0zGW0MB8GA1UdIwQY
MBaAFKObSUPn1rSw4d6Fybw4uFdVTdR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUt
NjkzYmY2N2U2MWYzLzEveUptdF93NHN2NmtmeTlwV3hUQkh1YlRNWmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUtNjkzYmY2N2U2MWYz
LzEvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUP8MA0G
CSqGSIb3DQEBCwUAA4IBAQApuyffk+rKA9nSdVGgRJP0cQ1do3bh7qo1QQhcQPgA
zEMfps22sXiMl9QTVdZAFMXsyQBDG3TnqJvA6R8YdcVrnHLJFbNk8/PlOqzXbSjw
3FQhCi2D3D8DQ12nqgZbCeiFdzyuDONoUpi7Q76/FiZ8IzWP/1dPCc+fRbY4n5o9
OiIwDjJ0jpO6BzcBCWwKsXfAxOgkEj6NZAeILAwWBv454sboPcaU5epzTzQ6ysL3
jQyynbChNa2QBHPsBDAWtaOBAKgJIrY8sWrzr/vnNq/NnpjUiRP1aGXokOMsfiYP
KSFDct3zSC0YA7PrMUysTYVpGZGCVJnz9N77K6iJCqSv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:03 2025 by rpki-client