Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/yPIUXZvats6BQlC0nct4WTE-CCA.roa
File: yPIUXZvats6BQlC0nct4WTE-CCA.roa (raw, json)
Hash identifier: 9qDL+55ALt5ZOLmA8Z/FGX8lu/ZB4nC/+T6sGCzX1k0=
Subject key identifier: C8:F2:14:5D:9B:DA:B6:CE:81:42:50:B4:9D:CB:78:59:31:3E:08:20
Certificate issuer: /CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Certificate serial: 018321FB0803FAD3601D6FE3C58EBA5FD8C9
Authority key identifier: B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/yPIUXZvats6BQlC0nct4WTE-CCA.roa
Signing time: Fri 09 Sep 2022 11:20:43 +0000
ROA not before: Fri 09 Sep 2022 11:20:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207799
IP address blocks: 185.73.136.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:fb:08:03:fa:d3:60:1d:6f:e3:c5:8e:ba:5f:d8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Validity
Not Before: Sep 9 11:20:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8f2145d9bdab6ce814250b49dcb7859313e0820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f7:18:1d:ae:43:7f:98:4c:b9:71:dc:29:7e:
a6:c1:dc:f1:9f:50:1e:ad:88:13:51:5e:56:4a:76:
a5:04:f3:b5:bf:2f:86:84:8b:ca:84:27:66:0d:5c:
fc:a7:99:0b:68:1c:86:4d:bc:10:5b:48:46:6b:1a:
39:23:8b:30:9d:b7:a0:a9:11:5f:67:d1:4c:e7:f5:
76:2b:fc:a9:58:68:13:cd:c5:8d:d4:e5:15:fe:c0:
b0:0e:67:fa:97:7d:a5:3e:17:b0:67:7d:32:45:f6:
20:c5:3f:5e:da:17:f2:94:d7:35:50:19:3b:9c:21:
22:18:29:8a:3f:e0:b7:12:6f:cc:94:1e:7a:da:b8:
c1:0c:81:0f:eb:3a:fe:59:2e:0d:60:0a:cb:20:9d:
38:10:d8:5f:78:e0:10:e9:f8:5d:fb:e5:b2:ef:0c:
2a:e3:e1:5f:21:45:04:00:3b:18:6f:3f:24:7c:e1:
a3:59:ae:87:46:f8:2f:cc:5f:f4:af:1e:50:36:10:
82:8c:cc:35:08:5a:2c:ca:df:f7:ef:9f:f7:0c:b1:
cd:25:6b:95:23:ae:b1:4a:e7:e2:74:2b:16:83:d7:
cc:92:5d:a8:55:5b:9e:b3:db:37:35:b8:f3:38:be:
57:f3:15:f3:a1:d0:80:60:5d:f0:33:4f:2f:15:1d:
d0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F2:14:5D:9B:DA:B6:CE:81:42:50:B4:9D:CB:78:59:31:3E:08:20
X509v3 Authority Key Identifier:
keyid:B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/yPIUXZvats6BQlC0nct4WTE-CCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.136.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:a3:44:ef:c9:49:59:c7:4c:70:72:eb:39:af:9f:55:94:90:
2f:b0:7c:b3:ee:19:d1:21:c1:25:6f:5a:48:35:b8:47:b0:be:
43:8b:14:aa:be:b8:35:6f:8c:30:59:c8:6e:52:cd:d8:3d:31:
79:46:d8:74:42:54:06:42:f9:3f:d5:d8:c9:22:0f:82:d8:6a:
9c:d9:3b:90:3f:28:2f:c6:bc:45:56:b4:3b:ee:65:9a:87:9a:
d8:da:ec:d2:68:38:74:f1:87:8b:ad:60:ed:1c:69:2b:da:93:
fb:96:16:c1:9d:13:18:ce:50:dd:3c:7e:74:21:86:f0:79:68:
08:b8:d3:d4:cd:a6:38:b1:47:d5:ee:bf:e4:98:fd:39:87:91:
00:b5:49:01:35:af:8a:4b:e4:16:5f:4f:b3:9c:be:e1:93:7f:
3d:44:00:34:f5:5d:f3:55:2a:a7:07:d4:cb:f1:e4:42:4c:6a:
b9:6e:28:ce:5d:05:5d:72:a5:52:0c:06:07:3d:1e:86:2c:af:
8f:75:39:0a:c7:2e:fc:2f:4a:b3:e2:df:00:4a:56:c1:ad:ac:
2a:61:37:18:18:f1:da:48:b6:a3:9f:9c:8c:d9:f4:84:8d:21:
aa:01:1f:a7:6c:f6:e4:4a:70:bc:a3:f3:dd:45:77:f1:81:46:
eb:74:4d:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMh+wgD+tNgHW/jxY66X9jJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ2MjA1NWE1MTkxYzAyZWM1MTEyZTk1MTgxYTg5YWMw
NjBjZWIwHhcNMjIwOTA5MTEyMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYyMTQ1ZDliZGFiNmNlODE0MjUwYjQ5ZGNiNzg1OTMxM2UwODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vcYHa5Df5hMuXHcKX6mwdzxn1Ae
rYgTUV5WSnalBPO1vy+GhIvKhCdmDVz8p5kLaByGTbwQW0hGaxo5I4swnbegqRFf
Z9FM5/V2K/ypWGgTzcWN1OUV/sCwDmf6l32lPhewZ30yRfYgxT9e2hfylNc1UBk7
nCEiGCmKP+C3Em/MlB562rjBDIEP6zr+WS4NYArLIJ04ENhfeOAQ6fhd++Wy7wwq
4+FfIUUEADsYbz8kfOGjWa6HRvgvzF/0rx5QNhCCjMw1CFosyt/375/3DLHNJWuV
I66xSufidCsWg9fMkl2oVVues9s3NbjzOL5X8xXzodCAYF3wM08vFR3Q1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjyFF2b2rbOgUJQtJ3LeFkxPgggMB8GA1UdIwQY
MBaAFLbtYgVaUZHALsURLpUYGomsBgzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjkt
YzgxMjY2YjdjNDllLzEveVBJVVhadmF0czZCUWxDMG5jdDRXVEUtQ0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjktYzgxMjY2YjdjNDll
LzEvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUmIMA0G
CSqGSIb3DQEBCwUAA4IBAQC8o0TvyUlZx0xwcus5r59VlJAvsHyz7hnRIcElb1pI
NbhHsL5DixSqvrg1b4wwWchuUs3YPTF5Rth0QlQGQvk/1djJIg+C2Gqc2TuQPygv
xrxFVrQ77mWah5rY2uzSaDh08YeLrWDtHGkr2pP7lhbBnRMYzlDdPH50IYbweWgI
uNPUzaY4sUfV7r/kmP05h5EAtUkBNa+KS+QWX0+znL7hk389RAA09V3zVSqnB9TL
8eRCTGq5bijOXQVdcqVSDAYHPR6GLK+PdTkKxy78L0qz4t8ASlbBrawqYTcYGPHa
SLajn5yM2fSEjSGqAR+nbPbkSnC8o/PdRXfxgUbrdE20
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:37 2025 by rpki-client