Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/YG3Cs8Lcu-CLROHWAYotu9gKz9o.roa
File: YG3Cs8Lcu-CLROHWAYotu9gKz9o.roa (raw, json)
Hash identifier: EEH2QojNQLKL6DYbKrrgx+ALIEp7m9HRi6YRhUhWaEk=
Subject key identifier: 60:6D:C2:B3:C2:DC:BB:E0:8B:44:E1:D6:01:8A:2D:BB:D8:0A:CF:DA
Certificate issuer: /CN=12868f5e34eefefce655c1bb8383299fa56c5c82
Certificate serial: 0282CF53
Authority key identifier: 12:86:8F:5E:34:EE:FE:FC:E6:55:C1:BB:83:83:29:9F:A5:6C:5C:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EoaPXjTu_vzmVcG7g4Mpn6VsXII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/YG3Cs8Lcu-CLROHWAYotu9gKz9o.roa
Signing time: Sat 01 Jan 2022 14:04:15 +0000
ROA not before: Sat 01 Jan 2022 14:04:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 185.151.152.0/22 maxlen: 22
128.176.0.0/16 maxlen: 16
2001:4cf0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42127187 (0x282cf53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12868f5e34eefefce655c1bb8383299fa56c5c82
Validity
Not Before: Jan 1 14:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=606dc2b3c2dcbbe08b44e1d6018a2dbbd80acfda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:3a:47:7f:54:83:bb:5d:cd:bb:ca:80:5b:
58:56:b9:26:8d:68:1e:34:b2:c1:50:c6:f5:1b:6d:
23:fb:bf:2c:48:52:a2:9a:6e:d8:84:b4:65:63:78:
f2:2e:f7:14:0e:0c:33:7a:c3:34:b5:85:a5:3b:9e:
46:3d:60:be:da:d4:10:55:3d:9d:0f:a0:89:51:e3:
0a:a5:a3:4a:18:dc:51:af:e1:de:98:ad:52:89:76:
0a:4c:b1:ad:5a:fe:c1:9e:3f:90:22:6f:38:a2:c3:
17:23:04:00:3d:02:90:8f:82:6f:d5:6f:2f:17:69:
49:54:de:e0:7b:69:3b:fa:40:7b:93:66:25:9d:0e:
32:c9:1d:fe:f5:8e:af:95:6a:1c:0e:d1:e1:81:68:
5b:b3:03:23:fe:2f:87:75:41:fd:9e:b8:02:d6:8e:
61:b2:1a:42:b8:02:e4:26:66:e5:5c:24:de:0c:0e:
cb:88:41:d6:65:23:37:e2:53:2e:38:aa:2e:fb:5a:
0d:1a:8f:b3:2b:c3:fb:b9:49:a2:40:75:c9:1a:16:
fa:2f:65:35:bc:97:5c:33:20:6b:1f:07:59:de:ae:
42:fb:66:41:35:bf:1e:08:aa:22:5d:17:fc:15:cc:
e0:d0:86:49:c4:48:59:e8:30:1d:f7:d8:48:95:8c:
40:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6D:C2:B3:C2:DC:BB:E0:8B:44:E1:D6:01:8A:2D:BB:D8:0A:CF:DA
X509v3 Authority Key Identifier:
keyid:12:86:8F:5E:34:EE:FE:FC:E6:55:C1:BB:83:83:29:9F:A5:6C:5C:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EoaPXjTu_vzmVcG7g4Mpn6VsXII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/YG3Cs8Lcu-CLROHWAYotu9gKz9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/EoaPXjTu_vzmVcG7g4Mpn6VsXII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.176.0.0/16
185.151.152.0/22
IPv6:
2001:4cf0::/29
Signature Algorithm: sha256WithRSAEncryption
b3:78:bc:e0:fd:3c:78:9a:5c:5b:10:fc:7d:7a:65:5a:be:93:
30:80:ea:09:94:69:36:7c:e4:2b:93:e2:27:ca:b7:4e:d7:49:
2f:45:27:9c:d5:ae:15:24:c6:98:4d:05:9a:d6:c5:82:0f:1b:
09:0f:ff:5b:b4:ac:72:af:de:2d:e8:ef:80:71:9f:aa:19:01:
90:23:2e:76:b0:b9:20:53:ae:c4:29:7e:bd:42:06:b2:4a:03:
b6:8c:88:14:03:67:44:0f:da:82:7d:0a:0e:e9:a7:73:cc:51:
ab:5b:39:0b:26:87:50:ec:16:a5:c6:43:32:f3:a4:8a:a6:49:
54:d9:df:e9:d9:59:ea:85:43:c8:48:6f:a0:bc:82:8c:9a:2e:
c5:b8:b2:12:e0:89:8e:78:b4:c4:d5:0d:93:fb:00:18:96:b4:
1b:bb:9a:fb:e1:77:a7:f9:d4:e3:1e:36:31:92:91:ce:0a:0a:
ed:79:bc:65:5c:67:b2:8a:c7:9a:5a:4d:e0:f9:4c:e8:f5:d1:
5d:6c:d2:70:a4:b0:87:d8:f8:4b:4f:b3:f5:43:58:33:f2:45:
38:41:1b:d5:da:82:93:d5:95:b8:48:56:44:c8:f2:6a:1a:dd:
db:2d:7b:60:43:f1:8a:6f:2f:06:4a:bd:f1:2a:62:4d:00:92:
dd:76:1e:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAoLPUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Mjg2OGY1ZTM0ZWVmZWZjZTY1NWMxYmI4MzgzMjk5ZmE1NmM1YzgyMB4XDTIyMDEw
MTE0MDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA2ZGMyYjNjMmRj
YmJlMDhiNDRlMWQ2MDE4YTJkYmJkODBhY2ZkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9/Okd/VIO7Xc27yoBbWFa5Jo1oHjSywVDG9RttI/u/LEhS
oppu2IS0ZWN48i73FA4MM3rDNLWFpTueRj1gvtrUEFU9nQ+giVHjCqWjShjcUa/h
3pitUol2CkyxrVr+wZ4/kCJvOKLDFyMEAD0CkI+Cb9VvLxdpSVTe4HtpO/pAe5Nm
JZ0OMskd/vWOr5VqHA7R4YFoW7MDI/4vh3VB/Z64AtaOYbIaQrgC5CZm5Vwk3gwO
y4hB1mUjN+JTLjiqLvtaDRqPsyvD+7lJokB1yRoW+i9lNbyXXDMgax8HWd6uQvtm
QTW/HgiqIl0X/BXM4NCGScRIWegwHffYSJWMQCMCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRgbcKzwty74ItE4dYBii272ArP2jAfBgNVHSMEGDAWgBQSho9eNO7+/OZV
wbuDgymfpWxcgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VvYVBYalR1X3Z6bVZjRzdnNE1wbjZWc1hJSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvNDM2YWExLWY0N2EtNGNkNS04N2EyLTFmMzRlZmI1YjdkMS8x
L1lHM0NzOExjdS1DTFJPSFdBWW90dTlnS3o5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
NDM2YWExLWY0N2EtNGNkNS04N2EyLTFmMzRlZmI1YjdkMS8xL0VvYVBYalR1X3Z6
bVZjRzdnNE1wbjZWc1hJSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDAICwAwQCuZeYMA0EAgACMAcDBQMg
AUzwMA0GCSqGSIb3DQEBCwUAA4IBAQCzeLzg/Tx4mlxbEPx9emVavpMwgOoJlGk2
fOQrk+InyrdO10kvRSec1a4VJMaYTQWa1sWCDxsJD/9btKxyr94t6O+AcZ+qGQGQ
Iy52sLkgU67EKX69QgaySgO2jIgUA2dED9qCfQoO6adzzFGrWzkLJodQ7BalxkMy
86SKpklU2d/p2VnqhUPISG+gvIKMmi7FuLIS4ImOeLTE1Q2T+wAYlrQbu5r74Xen
+dTjHjYxkpHOCgrtebxlXGeyiseaWk3g+Uzo9dFdbNJwpLCH2PhLT7P1Q1gz8kU4
QRvV2oKT1ZW4SFZEyPJqGt3bLXtgQ/GKby8GSr3xKmJNAJLddh7b
-----END CERTIFICATE-----
Generated at Mon Apr 14 07:25:28 2025 by rpki-client