Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/YxfAG6ig_t_Ta0gPNSVipAwzE6k.roa
File: YxfAG6ig_t_Ta0gPNSVipAwzE6k.roa (raw, json)
Hash identifier: XwkpY1kOwgPo2DGZ303GLCYo0eC6oLa/LuXzIPz/8n4=
Subject key identifier: 63:17:C0:1B:A8:A0:FE:DF:D3:6B:48:0F:35:25:62:A4:0C:33:13:A9
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C8D7B179CE108CF82DF13C90A4AA822
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/YxfAG6ig_t_Ta0gPNSVipAwzE6k.roa
Signing time: Mon 28 Aug 2023 14:30:19 +0000
ROA not before: Mon 28 Aug 2023 14:30:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 109.166.36.0/22 maxlen: 24
151.248.68.0/23 maxlen: 24
91.232.182.0/24 maxlen: 24
91.232.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:8d:7b:17:9c:e1:08:cf:82:df:13:c9:0a:4a:a8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:30:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6317c01ba8a0fedfd36b480f352562a40c3313a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:dd:c3:bc:6a:94:6e:67:1a:1b:6c:15:ee:
21:f7:5f:05:a4:93:a6:a8:2e:3e:da:e2:2a:55:e9:
70:37:37:42:d8:92:8f:4b:39:6b:e2:b0:0b:3e:5a:
f1:1e:df:a2:d3:ee:6e:67:fa:88:4d:76:d4:4b:08:
6a:1b:a4:3e:29:7a:91:a0:45:20:90:0b:3a:67:9b:
6c:89:36:91:b8:a3:a5:56:bb:0e:41:07:ec:ae:46:
d0:88:30:60:06:49:e0:9f:ba:e0:7b:b3:44:9c:35:
65:0f:6e:00:e7:4e:3d:ed:9f:90:20:71:1c:7c:6e:
bd:ec:de:45:d4:1a:30:5a:50:5b:eb:ce:c2:d8:b3:
25:14:47:97:0b:e6:80:26:32:0a:11:58:68:f8:b1:
51:f3:3c:b2:c3:f2:c6:bd:98:cb:22:4a:76:a3:10:
81:62:85:f0:c1:02:56:d0:67:01:fc:f5:9e:2a:45:
b2:92:fd:d2:4f:c7:56:31:de:0c:4e:5e:e7:b5:20:
4f:26:2d:5a:26:46:ba:0e:07:50:b2:c7:d6:de:72:
72:c4:9e:44:d1:61:18:1b:ae:7f:d1:5d:bb:35:bb:
86:1d:6a:b2:d9:ca:f1:34:a6:b5:45:59:b7:67:d3:
99:61:4f:97:34:e4:36:31:03:f0:3f:3e:67:83:5f:
0b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:17:C0:1B:A8:A0:FE:DF:D3:6B:48:0F:35:25:62:A4:0C:33:13:A9
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/YxfAG6ig_t_Ta0gPNSVipAwzE6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.182.0/24
91.232.184.0/24
109.166.36.0/22
151.248.68.0/23
Signature Algorithm: sha256WithRSAEncryption
53:da:9a:1f:1e:6b:1a:a3:80:41:3c:70:1a:70:fc:13:9e:40:
f2:eb:a4:cf:70:75:04:58:33:d6:3b:be:c9:f7:de:ad:92:50:
d9:c5:5a:00:f9:9b:2f:94:c8:50:3e:d0:d4:25:ce:40:bd:b7:
b5:a6:52:af:69:96:d8:be:95:90:6a:68:e7:7a:4d:2f:4d:51:
7f:ba:b1:f4:23:2f:2b:21:97:a5:c9:02:82:59:57:0a:96:3e:
aa:94:42:21:2b:87:3d:d2:a5:37:41:3d:78:21:10:8e:a4:3f:
fa:da:25:ee:69:b1:f3:e0:43:88:ef:31:4f:d2:86:b5:09:80:
7a:68:64:16:f5:72:8d:fb:70:64:6a:3a:43:31:ee:a5:97:34:
e3:cb:88:5c:68:1d:5a:1e:61:64:29:e8:d9:a8:25:6f:1a:b8:
f3:99:59:f4:7b:4a:35:27:75:5c:e5:6e:6b:07:ec:52:ff:d9:
34:36:c1:fc:2f:63:23:99:75:cf:fd:7d:b0:7d:83:a1:24:b5:
d2:ab:98:5f:0c:b3:62:26:dd:3c:a0:b4:38:34:9a:62:4c:4f:
c8:3f:a4:da:8c:ba:a2:31:39:f0:03:f3:6a:6f:d8:fe:d3:de:
13:13:94:f0:07:43:b1:80:7c:73:47:b3:9f:b7:4f:d0:ed:ef:
24:ee:44:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYo8jXsXnOEIz4LfE8kKSqgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQzMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE3YzAxYmE4YTBmZWRmZDM2YjQ4MGYzNTI1NjJhNDBjMzMxM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXLdw7xqlG5nGhtsFe4h918FpJOm
qC4+2uIqVelwNzdC2JKPSzlr4rALPlrxHt+i0+5uZ/qITXbUSwhqG6Q+KXqRoEUg
kAs6Z5tsiTaRuKOlVrsOQQfsrkbQiDBgBkngn7rge7NEnDVlD24A50497Z+QIHEc
fG697N5F1BowWlBb687C2LMlFEeXC+aAJjIKEVho+LFR8zyyw/LGvZjLIkp2oxCB
YoXwwQJW0GcB/PWeKkWykv3ST8dWMd4MTl7ntSBPJi1aJka6DgdQssfW3nJyxJ5E
0WEYG65/0V27NbuGHWqy2crxNKa1RVm3Z9OZYU+XNOQ2MQPwPz5ng18LyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGMXwBuooP7f02tIDzUlYqQMMxOpMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvWXhmQUc2aWdfdF9UYTBnUE5TVmlwQXd6RTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+i2AwQA
W+i4AwQCbaYkAwQBl/hEMA0GCSqGSIb3DQEBCwUAA4IBAQBT2pofHmsao4BBPHAa
cPwTnkDy66TPcHUEWDPWO77J996tklDZxVoA+ZsvlMhQPtDUJc5Avbe1plKvaZbY
vpWQamjnek0vTVF/urH0Iy8rIZelyQKCWVcKlj6qlEIhK4c90qU3QT14IRCOpD/6
2iXuabHz4EOI7zFP0oa1CYB6aGQW9XKN+3BkajpDMe6llzTjy4hcaB1aHmFkKejZ
qCVvGrjzmVn0e0o1J3Vc5W5rB+xS/9k0NsH8L2MjmXXP/X2wfYOhJLXSq5hfDLNi
Jt08oLQ4NJpiTE/IP6TajLqiMTnwA/Nqb9j+094TE5TwB0OxgHxzR7Oft0/Q7e8k
7kQ6
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:08:43 2025 by rpki-client