Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/yEGWlkeZVgVry1KiXBZ97_YRd7U.roa
File: yEGWlkeZVgVry1KiXBZ97_YRd7U.roa (raw, json)
Hash identifier: LmtgCZOKQ6EffBw1E3XFwGxMCy7lVAUTkakjhSzMSQ0=
Subject key identifier: C8:41:96:96:47:99:56:05:6B:CB:52:A2:5C:16:7D:EF:F6:11:77:B5
Certificate issuer: /CN=05c8a3faa18b6d717aa2f7622181bad8be5b55a3
Certificate serial: 018573560809ED51D3102E63875DA5766991
Authority key identifier: 05:C8:A3:FA:A1:8B:6D:71:7A:A2:F7:62:21:81:BA:D8:BE:5B:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bcij-qGLbXF6ovdiIYG62L5bVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/yEGWlkeZVgVry1KiXBZ97_YRd7U.roa
Signing time: Mon 02 Jan 2023 16:34:56 +0000
ROA not before: Mon 02 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47381
IP address blocks: 185.51.64.0/22 maxlen: 24
2a01:ae20::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:08:09:ed:51:d3:10:2e:63:87:5d:a5:76:69:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05c8a3faa18b6d717aa2f7622181bad8be5b55a3
Validity
Not Before: Jan 2 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8419696479956056bcb52a25c167deff61177b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:81:06:bf:4a:94:5a:07:d3:64:a2:26:9d:da:
99:36:3c:b8:65:3d:00:26:48:e9:3a:f0:87:fd:a7:
4c:df:ff:a5:d6:f6:bc:aa:cc:42:82:3f:10:0f:1c:
6e:e8:5d:9d:82:67:5a:66:f7:77:11:23:b7:0d:40:
3a:b2:9e:fe:f5:1d:5a:e6:9d:e3:8c:32:a1:34:a3:
b5:96:de:53:6b:ec:73:c2:0f:a3:c8:7b:03:17:26:
89:c1:90:e6:e9:fe:f2:c6:53:b1:95:ae:36:ce:de:
0e:55:56:0c:56:d4:f4:91:d5:00:81:ff:a6:86:14:
2d:c1:96:3c:63:ea:1b:00:76:86:66:4f:74:97:88:
72:c5:32:72:05:65:7c:75:93:67:00:50:78:c6:f4:
e5:fa:38:8a:a4:90:e8:e3:d7:23:d9:65:e1:aa:cb:
dc:0c:03:c4:9c:bd:dd:d3:63:fe:78:f6:84:25:1b:
d1:c2:70:4d:88:54:75:22:c2:2a:ab:6f:2c:0d:ab:
d3:db:a8:37:42:87:0a:cc:4a:13:49:40:96:72:9e:
8c:32:c3:28:41:69:63:93:af:50:9a:49:80:b1:d0:
8f:e3:20:ca:4d:88:7c:05:79:e9:cb:ba:2b:d2:78:
c7:e4:44:ad:6b:7c:20:dd:20:86:f1:b6:2c:93:20:
2d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:41:96:96:47:99:56:05:6B:CB:52:A2:5C:16:7D:EF:F6:11:77:B5
X509v3 Authority Key Identifier:
keyid:05:C8:A3:FA:A1:8B:6D:71:7A:A2:F7:62:21:81:BA:D8:BE:5B:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bcij-qGLbXF6ovdiIYG62L5bVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/yEGWlkeZVgVry1KiXBZ97_YRd7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/Bcij-qGLbXF6ovdiIYG62L5bVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.64.0/22
IPv6:
2a01:ae20::/32
Signature Algorithm: sha256WithRSAEncryption
5a:6b:7f:64:f7:af:40:d6:6a:05:69:97:37:f0:38:73:ea:29:
d1:d9:1a:52:fa:4a:f9:89:6b:ce:b3:2d:fb:6d:0f:b1:7e:a4:
65:a3:19:8f:53:9f:57:09:7f:3c:f7:b9:49:9e:cb:d7:27:57:
2f:15:e4:76:7a:be:a3:96:3e:b7:86:e9:c3:ed:72:ff:0a:f2:
f8:44:ec:96:6a:1f:b8:21:53:78:a9:69:2f:34:5b:b8:43:c0:
25:39:fc:34:37:40:0c:04:24:e2:1d:32:9c:68:ce:ae:8a:ee:
cb:b6:8c:ba:df:ba:aa:06:bb:9c:85:52:19:69:c9:bb:9e:6b:
5b:49:e2:ce:79:74:14:f2:47:60:8e:44:33:10:60:6d:5d:7e:
33:98:d8:8a:b2:04:24:57:27:b0:93:15:ca:d1:35:6b:d2:a8:
86:f3:8e:12:9d:4a:f6:82:00:d4:53:e8:b4:e1:a7:6d:d0:cd:
1e:44:e6:4f:1f:00:64:36:4e:bf:d5:a9:5a:dc:ce:d0:1b:98:
b6:16:a7:e0:c7:f8:b3:f1:ea:e7:e8:0a:ee:3c:07:e0:4e:83:
2e:ac:4e:96:57:27:16:20:42:11:89:32:a3:7c:c0:29:20:60:
06:e7:fe:8d:0d:ac:db:cb:08:55:cf:ec:e2:0c:57:2e:7b:cf:
0c:6a:3c:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzVggJ7VHTEC5jh12ldmmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YzhhM2ZhYTE4YjZkNzE3YWEyZjc2MjIxODFiYWQ4YmU1
YjU1YTMwHhcNMjMwMTAyMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQxOTY5NjQ3OTk1NjA1NmJjYjUyYTI1YzE2N2RlZmY2MTE3N2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoEGv0qUWgfTZKImndqZNjy4ZT0A
JkjpOvCH/adM3/+l1va8qsxCgj8QDxxu6F2dgmdaZvd3ESO3DUA6sp7+9R1a5p3j
jDKhNKO1lt5Ta+xzwg+jyHsDFyaJwZDm6f7yxlOxla42zt4OVVYMVtT0kdUAgf+m
hhQtwZY8Y+obAHaGZk90l4hyxTJyBWV8dZNnAFB4xvTl+jiKpJDo49cj2WXhqsvc
DAPEnL3d02P+ePaEJRvRwnBNiFR1IsIqq28sDavT26g3QocKzEoTSUCWcp6MMsMo
QWljk69QmkmAsdCP4yDKTYh8BXnpy7or0njH5ESta3wg3SCG8bYskyAt/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMhBlpZHmVYFa8tSolwWfe/2EXe1MB8GA1UdIwQY
MBaAFAXIo/qhi21xeqL3YiGButi+W1WjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNpai1xR0xiWEY2b3ZkaUlZRzYyTDViVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wZGE4ZjctZmUyMi00MmZiLWEzMjkt
N2Q0NWE5ZmM0ZmZjLzEveUVHV2xrZVpWZ1ZyeTFLaVhCWjk3X1lSZDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wZGE4ZjctZmUyMi00MmZiLWEzMjktN2Q0NWE5ZmM0ZmZj
LzEvQmNpai1xR0xiWEY2b3ZkaUlZRzYyTDViVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTNAMA0E
AgACMAcDBQAqAa4gMA0GCSqGSIb3DQEBCwUAA4IBAQBaa39k969A1moFaZc38Dhz
6inR2RpS+kr5iWvOsy37bQ+xfqRloxmPU59XCX8897lJnsvXJ1cvFeR2er6jlj63
hunD7XL/CvL4ROyWah+4IVN4qWkvNFu4Q8AlOfw0N0AMBCTiHTKcaM6uiu7Ltoy6
37qqBruchVIZacm7nmtbSeLOeXQU8kdgjkQzEGBtXX4zmNiKsgQkVyewkxXK0TVr
0qiG844SnUr2ggDUU+i04adt0M0eROZPHwBkNk6/1ala3M7QG5i2Fqfgx/iz8ern
6AruPAfgToMurE6WVycWIEIRiTKjfMApIGAG5/6NDazbywhVz+ziDFcue88Majxx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:54 2025 by rpki-client