Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/yUPnOrcBpcMt0bFpVpQXO5giHlQ.roa
File: yUPnOrcBpcMt0bFpVpQXO5giHlQ.roa (raw, json)
Hash identifier: ZcOy5qjSqdyKCe2Ez+TUZQdhMdqie8vZJVmUZ9/4tDk=
Subject key identifier: C9:43:E7:3A:B7:01:A5:C3:2D:D1:B1:69:56:94:17:3B:98:22:1E:54
Certificate issuer: /CN=713b9404a0c43223addc8ea1b10ab74b777a2a01
Certificate serial: 018ACB1C80341B8497155F6B6A03C3D57256
Authority key identifier: 71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/yUPnOrcBpcMt0bFpVpQXO5giHlQ.roa
Signing time: Mon 25 Sep 2023 06:52:37 +0000
ROA not before: Mon 25 Sep 2023 06:52:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25234
IP address blocks: 81.95.96.0/20 maxlen: 20
45.10.97.0/24 maxlen: 24
31.15.8.0/21 maxlen: 21
185.12.196.0/22 maxlen: 22
2a10:bbc0::/32 maxlen: 32
2a02:4a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:1c:80:34:1b:84:97:15:5f:6b:6a:03:c3:d5:72:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=713b9404a0c43223addc8ea1b10ab74b777a2a01
Validity
Not Before: Sep 25 06:52:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c943e73ab701a5c32dd1b1695694173b98221e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:77:cb:52:1e:17:f5:10:be:c3:b7:fe:1e:7e:
3e:72:66:f6:82:58:da:46:83:82:60:e6:19:bf:8d:
b3:e7:c1:03:50:29:a4:c8:8a:b9:7f:3f:07:77:17:
57:a9:d5:25:c7:c2:41:7b:82:cb:e1:9e:fb:be:2c:
d3:1e:be:0e:45:8f:87:60:58:7e:fa:17:e6:98:55:
79:54:83:01:85:75:53:f4:ab:6c:6a:e2:cb:b7:75:
04:d5:00:55:b9:60:fb:e1:fd:f3:9f:b2:1c:23:1c:
ec:fc:07:2d:fa:70:a5:2a:0a:e5:9f:4f:19:76:fa:
be:5c:e4:b0:63:4d:32:6b:91:90:65:45:e0:ce:10:
27:11:b8:ac:96:c6:ba:80:00:63:cc:20:7b:97:6a:
3b:23:1a:99:ba:ea:1c:7e:02:ed:c2:0c:9d:d6:95:
44:a2:20:b8:9d:a5:52:a8:76:96:0b:7f:85:6d:fc:
22:30:c5:4d:64:68:50:58:74:25:77:b0:a9:42:07:
45:f9:7d:2b:c4:96:31:27:01:c1:0d:a2:66:32:d6:
0b:44:16:06:b8:42:d1:99:67:19:b0:1a:95:98:51:
07:b3:55:9a:26:04:a6:ac:48:e3:0e:b6:55:1c:f2:
b4:71:62:97:97:d1:35:45:e6:bd:68:86:c9:8e:8f:
2d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:43:E7:3A:B7:01:A5:C3:2D:D1:B1:69:56:94:17:3B:98:22:1E:54
X509v3 Authority Key Identifier:
keyid:71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/yUPnOrcBpcMt0bFpVpQXO5giHlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/cTuUBKDEMiOt3I6hsQq3S3d6KgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.8.0/21
45.10.97.0/24
81.95.96.0/20
185.12.196.0/22
IPv6:
2a02:4a8::/32
2a10:bbc0::/32
Signature Algorithm: sha256WithRSAEncryption
42:75:17:4b:42:b4:a2:2c:8f:a2:dd:11:ba:be:d6:2c:4b:e2:
e7:4b:98:5b:60:08:15:fa:cc:7c:c2:99:13:57:98:94:72:bc:
e7:97:39:7c:e7:da:45:d3:56:4e:37:3c:49:43:86:b0:cc:0e:
ed:8f:0a:54:68:d8:dc:1a:c9:cd:55:19:45:98:46:dc:0a:05:
90:17:66:a7:c5:f2:f6:db:3a:c9:9f:5e:3d:55:fe:a3:1f:52:
7a:27:4d:5a:3a:df:d1:6f:bf:2e:f7:c6:bf:cc:2b:19:b5:70:
cd:c6:58:3f:e4:ad:64:3a:17:12:14:c9:6b:0c:a5:f1:f1:59:
73:01:9e:27:e2:22:c2:f4:61:2f:5b:6e:a1:cf:84:2f:d9:41:
24:90:28:e3:8b:7f:c0:a0:5e:cc:88:0b:f6:95:c2:92:cb:f3:
6c:98:18:be:74:1c:f3:09:7c:cf:48:57:90:3a:13:03:25:51:
dc:ac:aa:3f:a4:5b:f3:34:e2:16:fe:5a:6f:98:40:7d:ac:d6:
2e:0b:7f:b4:a4:b2:6a:6f:4e:07:8f:71:05:c1:ac:f9:f6:15:
a8:fe:a0:c2:02:91:0d:1a:d7:5f:bb:67:b9:85:52:61:19:64:
20:ea:5f:df:bf:6c:92:b5:d1:81:49:85:d0:97:6f:ad:ee:12:
69:5b:fd:b7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYrLHIA0G4SXFV9ragPD1XJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxM2I5NDA0YTBjNDMyMjNhZGRjOGVhMWIxMGFiNzRiNzc3
YTJhMDEwHhcNMjMwOTI1MDY1MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQzZTczYWI3MDFhNWMzMmRkMWIxNjk1Njk0MTczYjk4MjIxZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HfLUh4X9RC+w7f+Hn4+cmb2glja
RoOCYOYZv42z58EDUCmkyIq5fz8HdxdXqdUlx8JBe4LL4Z77vizTHr4ORY+HYFh+
+hfmmFV5VIMBhXVT9KtsauLLt3UE1QBVuWD74f3zn7IcIxzs/Act+nClKgrln08Z
dvq+XOSwY00ya5GQZUXgzhAnEbislsa6gABjzCB7l2o7IxqZuuocfgLtwgyd1pVE
oiC4naVSqHaWC3+FbfwiMMVNZGhQWHQld7CpQgdF+X0rxJYxJwHBDaJmMtYLRBYG
uELRmWcZsBqVmFEHs1WaJgSmrEjjDrZVHPK0cWKXl9E1Rea9aIbJjo8tZQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMlD5zq3AaXDLdGxaVaUFzuYIh5UMB8GA1UdIwQY
MBaAFHE7lASgxDIjrdyOobEKt0t3eioBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUt
N2E1MzFkNDgzNzQ3LzEveVVQbk9yY0JwY010MGJGcFZwUVhPNWdpSGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUtN2E1MzFkNDgzNzQ3
LzEvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDHw8IAwQA
LQphAwQEUV9gAwQCuQzEMBQEAgACMA4DBQAqAgSoAwUAKhC7wDANBgkqhkiG9w0B
AQsFAAOCAQEAQnUXS0K0oiyPot0Rur7WLEvi50uYW2AIFfrMfMKZE1eYlHK855c5
fOfaRdNWTjc8SUOGsMwO7Y8KVGjY3BrJzVUZRZhG3AoFkBdmp8Xy9ts6yZ9ePVX+
ox9SeidNWjrf0W+/LvfGv8wrGbVwzcZYP+StZDoXEhTJawyl8fFZcwGeJ+IiwvRh
L1tuoc+EL9lBJJAo44t/wKBezIgL9pXCksvzbJgYvnQc8wl8z0hXkDoTAyVR3Kyq
P6Rb8zTiFv5ab5hAfazWLgt/tKSyam9OB49xBcGs+fYVqP6gwgKRDRrXX7tnuYVS
YRlkIOpf379skrXRgUmF0Jdvre4SaVv9tw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:02 2025 by rpki-client