Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/yqol4LRFMqJkKLDz26Nm6iAjBYM.roa
File: yqol4LRFMqJkKLDz26Nm6iAjBYM.roa (raw, json)
Hash identifier: L9Gtml0SbFAIrfAqTA/89k954Q5pUg2c9vl4pbIvV5Q=
Subject key identifier: CA:AA:25:E0:B4:45:32:A2:64:28:B0:F3:DB:A3:66:EA:20:23:05:83
Certificate issuer: /CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Certificate serial: 3473FFC1
Authority key identifier: 17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/yqol4LRFMqJkKLDz26Nm6iAjBYM.roa
Signing time: Thu 02 Jun 2022 07:07:20 +0000
ROA not before: Thu 02 Jun 2022 07:07:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57888
IP address blocks: 5.149.66.0/24 maxlen: 24
5.149.78.0/23 maxlen: 23
5.149.73.0/24 maxlen: 24
5.149.85.0/24 maxlen: 24
5.149.84.0/22 maxlen: 22
5.149.84.0/24 maxlen: 24
5.149.80.0/22 maxlen: 22
5.149.87.0/24 maxlen: 24
5.149.86.0/24 maxlen: 24
85.235.84.0/22 maxlen: 22
217.9.20.0/22 maxlen: 22
194.99.16.0/22 maxlen: 22
194.53.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 880017345 (0x3473ffc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Validity
Not Before: Jun 2 07:07:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=caaa25e0b44532a26428b0f3dba366ea20230583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:18:d6:7b:36:ac:3c:bc:48:ba:92:f1:d4:
e2:51:f6:bd:53:95:19:d0:30:7e:70:dd:a4:07:2b:
41:bb:53:60:13:88:64:96:aa:4c:b5:71:d3:ba:cd:
c0:2c:a1:d4:3b:62:cb:97:86:f5:75:9c:ae:5c:65:
6f:85:09:fe:7b:8d:19:4a:fc:0c:86:8f:5f:09:97:
e4:21:70:02:24:d4:a9:e7:83:7d:65:10:c8:9d:66:
f3:89:ad:ab:54:a9:0e:e7:82:04:7f:2b:02:e3:16:
ad:09:83:73:ab:fe:f1:33:6f:07:9b:93:47:d2:5f:
42:dc:2f:e9:c0:07:6e:9a:1c:84:65:83:a4:b0:e3:
a3:af:3c:1f:9d:06:ca:89:61:9f:26:f0:fa:d7:37:
83:ab:be:e4:75:cf:69:f2:d4:61:fd:7d:c6:53:fb:
ff:f1:86:b7:85:4a:1a:a4:8e:79:ed:5a:12:4d:90:
8b:12:be:56:0b:ee:be:e4:f6:da:1c:57:8a:84:9c:
6b:91:0f:32:f5:34:f1:ad:a2:dd:3a:e3:33:57:67:
ce:dc:26:8a:5c:91:27:89:32:e4:52:68:63:b8:e6:
97:9d:b8:41:2c:a9:2b:0f:23:1f:16:51:97:1f:34:
84:05:85:d1:95:b3:3e:18:3b:4d:31:e8:45:bc:51:
a9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AA:25:E0:B4:45:32:A2:64:28:B0:F3:DB:A3:66:EA:20:23:05:83
X509v3 Authority Key Identifier:
keyid:17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/yqol4LRFMqJkKLDz26Nm6iAjBYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.66.0/24
5.149.73.0/24
5.149.78.0-5.149.87.255
85.235.84.0/22
194.53.156.0/22
194.99.16.0/22
217.9.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:37:a3:92:ac:13:79:99:77:d1:c7:48:b0:44:47:c9:5d:39:
aa:a7:a0:d2:e6:39:00:60:45:91:c6:6d:43:d6:90:9a:02:06:
4d:0a:73:73:2e:b5:a2:60:ca:4d:a0:44:c8:71:da:a5:eb:c5:
ca:c1:47:d9:1f:9e:19:13:72:bd:54:a4:36:d1:c0:0e:64:1e:
0f:b3:ee:93:42:87:e4:e2:33:ea:49:4d:4c:cb:82:54:2a:1e:
e7:2d:0a:0b:d1:e0:89:8f:fa:a0:0a:cc:e0:04:63:68:5b:f7:
8b:39:d1:12:8c:00:59:e7:32:99:12:b2:4e:15:9d:66:e2:eb:
f9:69:ae:c9:ff:1e:42:2c:40:e6:11:f3:ec:b0:8a:ba:4b:4d:
06:95:d2:64:12:9c:2d:0a:10:81:ac:1f:28:3a:77:20:0f:84:
27:41:33:e0:2c:a1:c0:d7:51:56:4e:fb:c6:3f:ed:d3:ca:fe:
b2:14:c4:13:b3:1f:c4:10:f9:06:ac:f1:48:3e:72:d7:1c:a8:
d0:90:80:3c:17:4c:e5:62:bc:3d:7f:72:1d:78:19:9e:32:5b:
e8:54:79:30:ef:1e:02:94:8c:c9:82:91:fe:3a:7c:27:5f:ea:
c5:ba:75:fd:74:e1:da:d8:ef:d3:13:93:00:99:c5:e4:50:dc:
ba:00:57:03
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIENHP/wTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzU5NDM2ODY5MDg5Y2Q5YzdlNmQwMjAyOGYyNGEyZmU0OWI4NmQ1MB4XDTIyMDYw
MjA3MDcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FhYTI1ZTBiNDQ1
MzJhMjY0MjhiMGYzZGJhMzY2ZWEyMDIzMDU4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwEGNZ7Nqw8vEi6kvHU4lH2vVOVGdAwfnDdpAcrQbtTYBOI
ZJaqTLVx07rNwCyh1Dtiy5eG9XWcrlxlb4UJ/nuNGUr8DIaPXwmX5CFwAiTUqeeD
fWUQyJ1m84mtq1SpDueCBH8rAuMWrQmDc6v+8TNvB5uTR9JfQtwv6cAHbpochGWD
pLDjo688H50Gyolhnybw+tc3g6u+5HXPafLUYf19xlP7//GGt4VKGqSOee1aEk2Q
ixK+VgvuvuT22hxXioSca5EPMvU08a2i3TrjM1dnztwmilyRJ4ky5FJoY7jml524
QSypKw8jHxZRlx80hAWF0ZWzPhg7TTHoRbxRqZcCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBTKqiXgtEUyomQosPPbo2bqICMFgzAfBgNVHSMEGDAWgBQXWUNoaQic2cfm
0CAo8kov5JuG1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YxbERhR2tJbk5uSDV0QWdLUEpLTC1TYmh0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNzI0N2QyLTBhMjgtNGU0YS1hYTBjLWZlZjQxZGQ4NzZjMC8x
L3lxb2w0TFJGTXFKa0tMRHoyNk5tNmlBakJZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NzI0N2QyLTBhMjgtNGU0YS1hYTBjLWZlZjQxZGQ4NzZjMC8xL0YxbERhR2tJbk5u
SDV0QWdLUEpLTC1TYmh0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAAWVQgMEAAWVSTAMAwQBBZVOAwQD
BZVQAwQCVetUAwQCwjWcAwQCwmMQAwQC2QkUMA0GCSqGSIb3DQEBCwUAA4IBAQAt
N6OSrBN5mXfRx0iwREfJXTmqp6DS5jkAYEWRxm1D1pCaAgZNCnNzLrWiYMpNoETI
cdql68XKwUfZH54ZE3K9VKQ20cAOZB4Ps+6TQofk4jPqSU1My4JUKh7nLQoL0eCJ
j/qgCszgBGNoW/eLOdESjABZ5zKZErJOFZ1m4uv5aa7J/x5CLEDmEfPssIq6S00G
ldJkEpwtChCBrB8oOncgD4QnQTPgLKHA11FWTvvGP+3Tyv6yFMQTsx/EEPkGrPFI
PnLXHKjQkIA8F0zlYrw9f3IdeBmeMlvoVHkw7x4ClIzJgpH+OnwnX+rFunX9dOHa
2O/TE5MAmcXkUNy6AFcD
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:32:50 2025 by rpki-client