Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yq_C-CzEl2cYioEsct3lF7DDnSs.roa
File: yq_C-CzEl2cYioEsct3lF7DDnSs.roa (raw, json)
Hash identifier: Poup4PNIgbc9x+5IGAYtvTt3Lb2EUIFau1TahqiAAdE=
Subject key identifier: CA:AF:C2:F8:2C:C4:97:67:18:8A:81:2C:72:DD:E5:17:B0:C3:9D:2B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AB87A9D3C63C0FF287184E0528F345221
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yq_C-CzEl2cYioEsct3lF7DDnSs.roa
Signing time: Thu 21 Sep 2023 16:02:37 +0000
ROA not before: Thu 21 Sep 2023 16:02:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397423
IP address blocks: 82.153.245.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b8:7a:9d:3c:63:c0:ff:28:71:84:e0:52:8f:34:52:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 21 16:02:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caafc2f82cc49767188a812c72dde517b0c39d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:9d:c3:c1:5d:11:2e:19:18:b4:f4:6f:53:
35:b3:f0:15:2c:9f:bb:da:31:6e:4a:02:ed:51:f0:
6e:56:c4:a3:6d:59:82:58:84:85:a9:7f:81:ba:74:
54:4a:44:4c:aa:1a:3d:9f:65:44:34:8b:d5:f2:91:
ec:6d:0a:f6:f1:3f:b5:9a:d2:60:9a:b6:27:fe:d6:
3f:50:8a:89:e6:5e:fc:27:8c:53:f5:2d:3e:a8:42:
58:1a:c7:47:72:e4:be:37:5c:46:3a:df:48:46:7a:
e7:10:df:8d:d5:45:bd:24:6a:50:c0:c0:a9:6c:9f:
49:99:c8:83:d3:63:95:99:8f:21:eb:30:02:99:fb:
c9:0c:a6:28:f3:ff:6d:c7:10:b1:c5:a1:92:0e:50:
a9:86:55:ff:4d:b0:88:5a:fa:38:23:d7:8b:4b:56:
b5:f0:94:3e:f7:3b:ba:a9:92:1d:66:4a:35:37:ba:
4f:9c:a6:f5:e6:56:2b:80:00:6f:dc:5d:6c:f2:02:
38:ce:5f:8d:3f:b2:cf:44:94:29:c1:3b:34:6a:c4:
a8:8c:f0:70:2b:a6:69:e3:c2:69:76:7c:e0:b1:f6:
df:78:03:c1:7e:bc:4f:42:ae:35:bf:30:ad:e1:c2:
31:90:cd:40:34:9f:03:cc:98:76:a0:b4:88:29:27:
34:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AF:C2:F8:2C:C4:97:67:18:8A:81:2C:72:DD:E5:17:B0:C3:9D:2B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yq_C-CzEl2cYioEsct3lF7DDnSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.245.0/24
89.213.132.0/24
Signature Algorithm: sha256WithRSAEncryption
09:2b:fe:c5:3e:57:1c:9e:57:ac:5d:f2:bb:f1:3f:b7:86:3f:
53:30:88:c1:dd:d7:6b:6b:c7:ed:4e:6f:c9:30:24:4b:7b:52:
c3:2a:6f:9e:00:15:30:58:06:32:b1:c3:ae:52:ea:94:9a:de:
b2:5b:61:aa:e4:b0:e3:ac:05:42:98:4a:2c:67:aa:d7:b8:6c:
47:6a:b5:da:cc:eb:cd:24:8b:c7:2b:3c:db:ab:08:95:9c:ac:
08:f4:f2:4b:86:be:d9:ba:4e:15:df:90:2c:7d:e5:e6:c6:0f:
b4:f3:4f:73:8f:d4:1f:ba:52:36:2a:ee:87:b0:32:89:17:d5:
44:d9:61:dc:53:82:8a:3c:30:5f:e0:1f:e9:5c:35:51:87:2f:
22:d2:86:e0:7a:b1:1f:d8:da:93:5c:d5:c5:80:84:9d:36:ed:
67:f7:da:13:02:92:21:00:c0:8f:f0:8e:f3:96:b1:06:22:de:
24:ef:2a:e7:ec:92:3b:92:22:7f:eb:50:c7:db:e8:af:f2:4f:
ea:2c:7c:be:a7:73:c3:39:bd:ac:6b:6a:12:98:24:fb:71:91:
af:37:01:4b:e7:e3:3d:c5:40:dc:4b:97:9c:0d:f2:f7:b8:ee:
2e:8f:ac:58:5e:6c:9e:49:a4:46:df:ff:20:0f:83:b0:5d:9e:
bb:be:a3:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYq4ep08Y8D/KHGE4FKPNFIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTIxMTYwMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFmYzJmODJjYzQ5NzY3MTg4YTgxMmM3MmRkZTUxN2IwYzM5ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw32dw8FdES4ZGLT0b1M1s/AVLJ+7
2jFuSgLtUfBuVsSjbVmCWISFqX+BunRUSkRMqho9n2VENIvV8pHsbQr28T+1mtJg
mrYn/tY/UIqJ5l78J4xT9S0+qEJYGsdHcuS+N1xGOt9IRnrnEN+N1UW9JGpQwMCp
bJ9JmciD02OVmY8h6zACmfvJDKYo8/9txxCxxaGSDlCphlX/TbCIWvo4I9eLS1a1
8JQ+9zu6qZIdZko1N7pPnKb15lYrgABv3F1s8gI4zl+NP7LPRJQpwTs0asSojPBw
K6Zp48JpdnzgsfbfeAPBfrxPQq41vzCt4cIxkM1ANJ8DzJh2oLSIKSc0sQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMqvwvgsxJdnGIqBLHLd5Reww50rMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveXFfQy1DekVsMmNZaW9Fc2N0M2xGN0REblNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpn1AwQA
WdWEMA0GCSqGSIb3DQEBCwUAA4IBAQAJK/7FPlccnlesXfK78T+3hj9TMIjB3ddr
a8ftTm/JMCRLe1LDKm+eABUwWAYyscOuUuqUmt6yW2Gq5LDjrAVCmEosZ6rXuGxH
arXazOvNJIvHKzzbqwiVnKwI9PJLhr7Zuk4V35AsfeXmxg+0809zj9QfulI2Ku6H
sDKJF9VE2WHcU4KKPDBf4B/pXDVRhy8i0obgerEf2NqTXNXFgISdNu1n99oTApIh
AMCP8I7zlrEGIt4k7yrn7JI7kiJ/61DH2+iv8k/qLHy+p3PDOb2sa2oSmCT7cZGv
NwFL5+M9xUDcS5ecDfL3uO4uj6xYXmyeSaRG3/8gD4OwXZ67vqOa
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:58 2025 by rpki-client