Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/YPoR9JUTJhXmY2Moac5GvzJllIw.roa
File: YPoR9JUTJhXmY2Moac5GvzJllIw.roa (raw, json)
Hash identifier: qNSueVbkOv4jvYv+/n9p/Bxfz7NApVu0B/XgbuIFHoA=
Subject key identifier: 60:FA:11:F4:95:13:26:15:E6:63:63:28:69:CE:46:BF:32:65:94:8C
Certificate issuer: /CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Certificate serial: 01856DA676612D03A77DF5ED6C1BC90D5576
Authority key identifier: 8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/YPoR9JUTJhXmY2Moac5GvzJllIw.roa
Signing time: Sun 01 Jan 2023 14:05:03 +0000
ROA not before: Sun 01 Jan 2023 14:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205961
IP address blocks: 185.200.20.0/22 maxlen: 22
2a0b:24c1::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:76:61:2d:03:a7:7d:f5:ed:6c:1b:c9:0d:55:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Validity
Not Before: Jan 1 14:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60fa11f495132615e663632869ce46bf3265948c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:36:90:83:6f:d4:a4:37:f7:50:68:64:13:ce:
fb:cd:2f:01:ae:a4:2f:22:b1:c6:b5:2d:f9:27:76:
15:72:dd:c9:69:e3:da:77:3e:25:2f:48:ca:79:c9:
15:60:99:e6:cf:40:d7:2b:71:51:3d:24:7b:7a:84:
dd:e9:e8:8f:62:a2:80:a9:94:96:e3:72:fc:c5:30:
e1:d2:f2:1f:4d:58:fe:e0:61:9e:a3:70:95:64:61:
a7:fb:8d:ff:9e:5b:45:5e:f9:6a:c9:bb:78:7b:0f:
f2:7e:57:56:b9:13:ac:05:a6:83:6e:40:61:30:7c:
05:46:b5:44:35:a5:49:f8:57:7f:fc:40:2b:80:ef:
14:40:25:ec:6b:ae:0b:b4:6f:6b:86:55:2a:82:04:
0f:bb:4d:bb:b2:17:92:74:0d:d3:41:70:69:09:6a:
e7:e9:af:3a:25:00:45:c4:83:f5:00:e1:5f:fb:a1:
92:13:85:c1:69:fd:2a:2a:03:c9:cc:92:e3:c3:98:
6c:67:21:fd:e9:41:cd:e6:dc:49:25:60:49:ab:87:
d6:17:9e:d0:28:ff:2a:72:f1:6a:70:92:3a:32:f1:
24:67:82:5d:ae:50:3e:fa:69:48:25:bb:65:7e:a6:
3a:d2:5b:4f:59:d5:17:ed:00:96:2e:dc:ef:6c:8b:
e9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FA:11:F4:95:13:26:15:E6:63:63:28:69:CE:46:BF:32:65:94:8C
X509v3 Authority Key Identifier:
keyid:8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/YPoR9JUTJhXmY2Moac5GvzJllIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.20.0/22
IPv6:
2a0b:24c1::/33
Signature Algorithm: sha256WithRSAEncryption
5e:07:fa:76:89:96:e1:d0:e6:82:2f:27:5c:e6:00:9c:3e:b3:
6d:2b:e1:96:a5:93:65:2a:cd:2a:c4:ac:72:ca:a5:23:c0:66:
53:bf:15:c9:de:48:1b:cd:a7:a1:c4:38:13:dc:33:ae:b0:4c:
3f:ee:37:1b:05:35:e4:95:92:22:a5:61:14:d4:b3:ab:5e:bb:
15:ad:3c:da:cb:31:6f:6e:90:56:dd:c3:0a:9e:10:a5:62:11:
80:9d:b9:c7:c2:0f:38:83:ad:0f:09:55:dc:0d:e5:fe:b8:fc:
82:63:e4:e5:69:bb:c2:6a:e9:b6:53:18:2a:ec:f2:fb:c0:f8:
05:df:c4:5e:0f:a9:c8:a7:33:68:c0:76:09:88:e8:b5:e2:3e:
7f:fb:ff:eb:fe:fa:93:06:08:1b:a0:62:c6:b6:4e:4b:e4:11:
60:54:c8:e2:4b:63:46:3f:1e:ee:8d:75:2a:18:9a:77:60:d5:
eb:a5:4c:31:3b:8c:f1:9f:31:d2:08:66:44:bb:dd:e1:22:8b:
13:f3:3e:fc:cc:30:99:c3:a8:98:ec:fd:97:03:87:88:5a:3e:
d8:0c:c1:73:bc:00:a7:7f:f2:17:5d:f7:ca:eb:02:32:55:68:
6d:95:60:74:d8:04:75:48:50:40:3a:e0:36:47:d7:64:6c:b2:
82:45:76:64
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVtpnZhLQOnffXtbBvJDVV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2I0OTZlYTdjZjc2M2QwNTgzMDgzNzFlMWJmNjdlNTNi
YzdiYTMwHhcNMjMwMTAxMTQwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZhMTFmNDk1MTMyNjE1ZTY2MzYzMjg2OWNlNDZiZjMyNjU5NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDaQg2/UpDf3UGhkE877zS8BrqQv
IrHGtS35J3YVct3JaePadz4lL0jKeckVYJnmz0DXK3FRPSR7eoTd6eiPYqKAqZSW
43L8xTDh0vIfTVj+4GGeo3CVZGGn+43/nltFXvlqybt4ew/yfldWuROsBaaDbkBh
MHwFRrVENaVJ+Fd//EArgO8UQCXsa64LtG9rhlUqggQPu027sheSdA3TQXBpCWrn
6a86JQBFxIP1AOFf+6GSE4XBaf0qKgPJzJLjw5hsZyH96UHN5txJJWBJq4fWF57Q
KP8qcvFqcJI6MvEkZ4JdrlA++mlIJbtlfqY60ltPWdUX7QCWLtzvbIvpKQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGD6EfSVEyYV5mNjKGnORr8yZZSMMB8GA1UdIwQY
MBaAFI97SW6nz3Y9BYMINx4b9n5TvHujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUt
MjUxYjAxOWQ1MWE4LzEvWVBvUjlKVVRKaFhtWTJNb2FjNUd2ekpsbEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUtMjUxYjAxOWQ1MWE4
LzEvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCucgUMA4E
AgACMAgDBgcqCyTBADANBgkqhkiG9w0BAQsFAAOCAQEAXgf6domW4dDmgi8nXOYA
nD6zbSvhlqWTZSrNKsSscsqlI8BmU78Vyd5IG82nocQ4E9wzrrBMP+43GwU15JWS
IqVhFNSzq167Fa082ssxb26QVt3DCp4QpWIRgJ25x8IPOIOtDwlV3A3l/rj8gmPk
5Wm7wmrptlMYKuzy+8D4Bd/EXg+pyKczaMB2CYjoteI+f/v/6/76kwYIG6BixrZO
S+QRYFTI4ktjRj8e7o11Khiad2DV66VMMTuM8Z8x0ghmRLvd4SKLE/M+/MwwmcOo
mOz9lwOHiFo+2AzBc7wAp3/yF133yusCMlVobZVgdNgEdUhQQDrgNkfXZGyygkV2
ZA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:05:06 2025 by rpki-client