Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/yuYY0UqV2g9cxDCawXGeLAgsvtU.roa
File: yuYY0UqV2g9cxDCawXGeLAgsvtU.roa (raw, json)
Hash identifier: V6WxzqRmGDZ4EEmraz+0+xaQawOetxFEphwxQVWIYZ4=
Subject key identifier: CA:E6:18:D1:4A:95:DA:0F:5C:C4:30:9A:C1:71:9E:2C:08:2C:BE:D5
Certificate issuer: /CN=82fa25b2fcb1468114b738928ab20d8761bf8831
Certificate serial: 0188DE70D5DDAC358AD986606907BF1E6BD8
Authority key identifier: 82:FA:25:B2:FC:B1:46:81:14:B7:38:92:8A:B2:0D:87:61:BF:88:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gvolsvyxRoEUtziSirINh2G_iDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/yuYY0UqV2g9cxDCawXGeLAgsvtU.roa
Signing time: Wed 21 Jun 2023 14:51:56 +0000
ROA not before: Wed 21 Jun 2023 14:51:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25215
IP address blocks: 155.140.82.0/24 maxlen: 24
155.140.91.0/24 maxlen: 24
155.140.90.0/24 maxlen: 24
155.140.90.0/23 maxlen: 23
159.50.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:70:d5:dd:ac:35:8a:d9:86:60:69:07:bf:1e:6b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82fa25b2fcb1468114b738928ab20d8761bf8831
Validity
Not Before: Jun 21 14:51:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cae618d14a95da0f5cc4309ac1719e2c082cbed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3a:10:e5:24:73:e7:d8:ee:ce:0d:45:ed:f5:
11:9f:40:d0:7d:ed:3c:6c:4a:a2:c8:75:2e:c2:2b:
50:8d:b4:a8:d5:a1:ce:5a:3e:e9:87:69:8d:ad:18:
46:25:64:5b:29:43:89:6d:83:bd:4b:e9:86:40:cc:
58:e6:08:ba:5d:36:79:5b:af:9a:f5:18:7a:4a:01:
af:c4:b3:c7:58:25:2d:a3:f4:3e:2c:d8:9e:f6:68:
47:e0:dd:ae:d0:b7:d2:58:4c:db:5c:41:69:2f:20:
87:24:c0:63:36:f0:54:bf:fb:58:c4:d9:5d:17:19:
ed:eb:c5:9a:bc:7d:e1:12:e7:19:9e:c2:ab:79:a8:
1f:d3:69:b9:fa:29:22:db:9d:ac:96:1d:21:f0:3f:
f8:1d:8f:2e:8c:50:a7:5c:f9:10:d6:41:fb:81:d3:
73:a9:ef:8f:9c:60:3b:88:e9:21:64:c3:0f:2b:1b:
c2:0b:45:9d:30:eb:53:8c:48:6b:2b:b9:89:9c:ef:
f2:1e:2b:82:f4:b1:01:27:6f:48:1b:2a:08:39:d5:
d0:5b:a5:70:30:30:20:fc:b0:9a:25:a9:6e:d7:97:
e5:e8:a7:4e:62:03:19:95:fe:a9:48:70:93:84:44:
ee:a4:7c:4d:40:fc:c2:9d:bc:cd:dd:10:c3:a8:ec:
80:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E6:18:D1:4A:95:DA:0F:5C:C4:30:9A:C1:71:9E:2C:08:2C:BE:D5
X509v3 Authority Key Identifier:
keyid:82:FA:25:B2:FC:B1:46:81:14:B7:38:92:8A:B2:0D:87:61:BF:88:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gvolsvyxRoEUtziSirINh2G_iDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/yuYY0UqV2g9cxDCawXGeLAgsvtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/gvolsvyxRoEUtziSirINh2G_iDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.140.82.0/24
155.140.90.0/23
159.50.174.0/24
Signature Algorithm: sha256WithRSAEncryption
30:4c:cb:e1:e6:cd:df:40:0a:92:40:d6:22:2a:4b:db:db:52:
70:ac:1c:bc:65:87:73:7b:64:79:08:b2:64:1e:d1:d8:9d:0d:
e6:63:6f:28:12:b4:a5:87:2e:19:19:f9:95:b5:3b:41:d9:6f:
2f:d8:06:95:ac:0c:6b:44:52:f0:60:c9:96:01:6a:3b:0a:f8:
d6:f9:46:99:7b:2f:d4:ec:da:45:63:e1:bb:ac:6c:83:4f:25:
0e:51:e2:32:ab:46:77:54:33:d9:22:56:ba:99:72:93:a0:04:
9e:4b:4a:46:62:b2:ff:4d:51:3f:26:67:9d:d7:81:b6:41:b7:
08:f1:fc:88:d4:33:25:3e:c6:22:b1:4b:e9:33:fa:cd:57:a7:
3a:61:2e:66:fb:77:d5:15:b8:52:11:d0:1d:9b:e8:da:0c:c5:
b5:fa:0c:82:d1:56:21:86:c6:9b:38:92:af:f6:b5:2a:d0:67:
13:87:bd:32:0a:94:f2:6a:22:ec:2b:a6:c7:43:c5:9c:ec:c8:
b6:b5:d7:15:12:2d:4d:1e:f8:99:a0:67:43:56:a0:4f:43:03:
e7:f8:a0:04:f2:d1:d6:47:24:61:19:e7:2d:c8:cf:43:a7:ef:
de:04:ec:a8:58:17:9d:ca:5d:97:64:29:a5:d8:5e:bc:98:0d:
15:19:32:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjecNXdrDWK2YZgaQe/HmvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZmEyNWIyZmNiMTQ2ODExNGI3Mzg5MjhhYjIwZDg3NjFi
Zjg4MzEwHhcNMjMwNjIxMTQ1MTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWU2MThkMTRhOTVkYTBmNWNjNDMwOWFjMTcxOWUyYzA4MmNiZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojoQ5SRz59juzg1F7fURn0DQfe08
bEqiyHUuwitQjbSo1aHOWj7ph2mNrRhGJWRbKUOJbYO9S+mGQMxY5gi6XTZ5W6+a
9Rh6SgGvxLPHWCUto/Q+LNie9mhH4N2u0LfSWEzbXEFpLyCHJMBjNvBUv/tYxNld
Fxnt68WavH3hEucZnsKreagf02m5+iki252slh0h8D/4HY8ujFCnXPkQ1kH7gdNz
qe+PnGA7iOkhZMMPKxvCC0WdMOtTjEhrK7mJnO/yHiuC9LEBJ29IGyoIOdXQW6Vw
MDAg/LCaJalu15fl6KdOYgMZlf6pSHCThETupHxNQPzCnbzN3RDDqOyAXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMrmGNFKldoPXMQwmsFxniwILL7VMB8GA1UdIwQY
MBaAFIL6JbL8sUaBFLc4koqyDYdhv4gxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZvbHN2eXhSb0VVdHppU2lySU5oMkdfaURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMzcxYTYtZjVmMy00M2JmLWFmZjQt
NzY4NWM5NjcwMDE3LzEveXVZWTBVcVYyZzljeERDYXdYR2VMQWdzdnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMzcxYTYtZjVmMy00M2JmLWFmZjQtNzY4NWM5NjcwMDE3
LzEvZ3ZvbHN2eXhSb0VVdHppU2lySU5oMkdfaURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAm4xSAwQB
m4xaAwQAnzKuMA0GCSqGSIb3DQEBCwUAA4IBAQAwTMvh5s3fQAqSQNYiKkvb21Jw
rBy8ZYdze2R5CLJkHtHYnQ3mY28oErSlhy4ZGfmVtTtB2W8v2AaVrAxrRFLwYMmW
AWo7CvjW+UaZey/U7NpFY+G7rGyDTyUOUeIyq0Z3VDPZIla6mXKToASeS0pGYrL/
TVE/Jmed14G2QbcI8fyI1DMlPsYisUvpM/rNV6c6YS5m+3fVFbhSEdAdm+jaDMW1
+gyC0VYhhsabOJKv9rUq0GcTh70yCpTyaiLsK6bHQ8Wc7Mi2tdcVEi1NHviZoGdD
VqBPQwPn+KAE8tHWRyRhGectyM9Dp+/eBOyoWBedyl2XZCml2F68mA0VGTLl
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:40 2025 by rpki-client