Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/434199-d26e-412e-a2bb-da0a4065e824/1/yAh3vdxqaEm26zPekiqWep45MKU.roa
File: yAh3vdxqaEm26zPekiqWep45MKU.roa (raw, json)
Hash identifier: c+W/xgpMqG+sl3Y4t3uxwl1CJOfz0ksxdRZSmZk5EVw=
Subject key identifier: C8:08:77:BD:DC:6A:68:49:B6:EB:33:DE:92:2A:96:7A:9E:39:30:A5
Certificate issuer: /CN=7a3862134f141365ef887902e6057c28b2829c9d
Certificate serial: AB54
Authority key identifier: 7A:38:62:13:4F:14:13:65:EF:88:79:02:E6:05:7C:28:B2:82:9C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejhiE08UE2XviHkC5gV8KLKCnJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/434199-d26e-412e-a2bb-da0a4065e824/1/yAh3vdxqaEm26zPekiqWep45MKU.roa
Signing time: Thu 28 Apr 2022 07:54:35 +0000
ROA not before: Thu 28 Apr 2022 07:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 194.124.232.0/23 maxlen: 23
2001:67c:1984::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43860 (0xab54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a3862134f141365ef887902e6057c28b2829c9d
Validity
Not Before: Apr 28 07:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c80877bddc6a6849b6eb33de922a967a9e3930a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3b:65:72:18:9d:27:54:36:73:ab:b2:da:d9:
f4:d6:52:b4:e7:ed:78:e7:0d:4d:6e:9c:32:12:20:
a4:b4:9d:8c:d5:6b:f9:71:be:22:ef:91:6c:35:00:
1d:a5:b3:0a:af:6e:7a:8f:94:ed:f0:26:4a:69:39:
3b:13:28:95:da:3e:a3:d0:6e:71:2f:b4:6f:80:56:
47:d5:5c:76:ae:b3:10:8a:38:0d:d4:95:91:dc:b5:
cb:25:eb:86:30:8a:04:81:cd:52:db:f3:d6:c5:e5:
71:63:32:4f:a3:32:3e:e0:21:88:ff:2d:c1:b8:ca:
14:3c:f6:d4:ae:31:24:42:5e:33:ab:f9:a1:10:a2:
17:5a:af:32:ec:67:85:a2:40:fb:ed:9b:7b:62:64:
af:4d:57:3d:8b:d1:bc:b0:be:b3:cc:75:7b:d5:f2:
54:96:5c:64:1e:63:5b:4c:f8:fb:0f:5a:07:eb:6f:
bf:0d:b4:4f:ce:0e:8b:a1:80:a4:36:47:c6:52:ad:
5a:5e:83:f0:f8:44:36:b2:cc:cb:40:4e:3d:da:bd:
55:ac:76:fa:97:39:c0:6f:16:05:9d:e2:e7:cf:0e:
1f:8c:db:ff:af:65:dd:ed:84:df:f8:6e:a6:4b:c0:
93:90:ac:21:1b:d8:d3:ef:6c:e7:3a:c5:f6:4e:d2:
03:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:08:77:BD:DC:6A:68:49:B6:EB:33:DE:92:2A:96:7A:9E:39:30:A5
X509v3 Authority Key Identifier:
keyid:7A:38:62:13:4F:14:13:65:EF:88:79:02:E6:05:7C:28:B2:82:9C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejhiE08UE2XviHkC5gV8KLKCnJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/434199-d26e-412e-a2bb-da0a4065e824/1/yAh3vdxqaEm26zPekiqWep45MKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/434199-d26e-412e-a2bb-da0a4065e824/1/ejhiE08UE2XviHkC5gV8KLKCnJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.232.0/23
IPv6:
2001:67c:1984::/48
Signature Algorithm: sha256WithRSAEncryption
62:4b:6c:99:e7:90:40:4b:d6:27:13:02:b2:21:6b:2e:08:76:
ff:73:14:80:21:42:67:98:bf:79:09:52:e5:ad:bd:ec:b1:da:
87:0f:43:2a:71:01:85:43:43:2c:73:e1:68:27:8a:78:bc:a2:
35:e0:a6:b0:93:0f:c0:12:92:5c:e5:91:82:3a:20:14:d8:16:
95:33:ad:29:b8:84:cf:b8:25:b0:6b:42:74:03:4a:0e:7a:9a:
3e:6d:08:cd:b0:aa:e2:0c:1e:ee:56:37:73:33:2d:68:24:8e:
4c:3f:fa:32:18:c5:be:2a:fa:13:27:a2:a9:a9:48:99:70:a9:
f7:96:84:01:40:be:f2:67:28:23:50:77:1f:77:e5:f2:96:67:
82:2d:db:0c:da:d4:7a:0e:0b:d0:30:79:25:d2:d4:17:36:ab:
be:dc:99:e2:0e:c2:f7:89:5e:3b:fd:a1:6e:11:b8:a9:f1:ed:
5f:b2:e2:14:8a:57:5f:96:5d:fc:3d:1e:31:78:5a:c6:bc:0f:
0b:00:68:74:2b:f2:de:ce:b9:b2:be:51:84:02:31:25:23:c3:
96:0e:a9:d0:1b:ff:ea:d5:76:1d:5f:fb:dc:44:35:cf:c6:01:
98:4e:98:2d:21:54:08:5c:10:18:68:21:30:d0:11:48:0c:9c:
30:6b:18:78
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIDAKtUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
Mzg2MjEzNGYxNDEzNjVlZjg4NzkwMmU2MDU3YzI4YjI4MjljOWQwHhcNMjIwNDI4
MDc1NDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjODA4NzdiZGRjNmE2
ODQ5YjZlYjMzZGU5MjJhOTY3YTllMzkzMGE1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmTtlchidJ1Q2c6uy2tn01lK05+145w1NbpwyEiCktJ2M1Wv5
cb4i75FsNQAdpbMKr256j5Tt8CZKaTk7EyiV2j6j0G5xL7RvgFZH1Vx2rrMQijgN
1JWR3LXLJeuGMIoEgc1S2/PWxeVxYzJPozI+4CGI/y3BuMoUPPbUrjEkQl4zq/mh
EKIXWq8y7GeFokD77Zt7YmSvTVc9i9G8sL6zzHV71fJUllxkHmNbTPj7D1oH62+/
DbRPzg6LoYCkNkfGUq1aXoPw+EQ2sszLQE492r1VrHb6lznAbxYFneLnzw4fjNv/
r2Xd7YTf+G6mS8CTkKwhG9jT72znOsX2TtID5wIDAQABo4ICGjCCAhYwHQYDVR0O
BBYEFMgId73camhJtusz3pIqlnqeOTClMB8GA1UdIwQYMBaAFHo4YhNPFBNl74h5
AuYFfCiygpydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZWpoaUUwOFVFMlh2aUhrQzVnVjhLTEtDbkowLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83YS80MzQxOTktZDI2ZS00MTJlLWEyYmItZGEwYTQwNjVlODI0LzEv
eUFoM3ZkeHFhRW0yNnpQZWtpcVdlcDQ1TUtVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80
MzQxOTktZDI2ZS00MTJlLWEyYmItZGEwYTQwNjVlODI0LzEvZWpoaUUwOFVFMlh2
aUhrQzVnVjhLTEtDbkowLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAG
CCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwnzoMA8EAgACMAkDBwAgAQZ8GYQw
DQYJKoZIhvcNAQELBQADggEBAGJLbJnnkEBL1icTArIhay4Idv9zFIAhQmeYv3kJ
UuWtveyx2ocPQypxAYVDQyxz4Wgnini8ojXgprCTD8ASklzlkYI6IBTYFpUzrSm4
hM+4JbBrQnQDSg56mj5tCM2wquIMHu5WN3MzLWgkjkw/+jIYxb4q+hMnoqmpSJlw
qfeWhAFAvvJnKCNQdx935fKWZ4It2wza1HoOC9AweSXS1Bc2q77cmeIOwveJXjv9
oW4RuKnx7V+y4hSKV1+WXfw9HjF4Wsa8DwsAaHQr8t7OubK+UYQCMSUjw5YOqdAb
/+rVdh1f+9xENc/GAZhOmC0hVAhcEBhoITDQEUgMnDBrGHg=
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:03:27 2025 by rpki-client