Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/YB0z0Scuwf2868O6A0HSzY7UjkM.roa
File: YB0z0Scuwf2868O6A0HSzY7UjkM.roa (raw, json)
Hash identifier: YB3xcCtC9KXN3xdu4wYrB7a/sdHKpkMmlnkzBxhgcO4=
Subject key identifier: 60:1D:33:D1:27:2E:C1:FD:BC:EB:C3:BA:03:41:D2:CD:8E:D4:8E:43
Certificate issuer: /CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Certificate serial: 01893F944E3E8FCBDF7D5F188DA6071693E1
Authority key identifier: 88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/YB0z0Scuwf2868O6A0HSzY7UjkM.roa
Signing time: Mon 10 Jul 2023 11:33:51 +0000
ROA not before: Mon 10 Jul 2023 11:33:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51013
IP address blocks: 185.140.108.0/24 maxlen: 24
193.32.235.0/24 maxlen: 24
185.111.89.0/24 maxlen: 24
185.111.91.0/24 maxlen: 24
185.111.88.0/22 maxlen: 24
185.111.88.0/24 maxlen: 24
185.111.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3f:94:4e:3e:8f:cb:df:7d:5f:18:8d:a6:07:16:93:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Validity
Not Before: Jul 10 11:33:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=601d33d1272ec1fdbcebc3ba0341d2cd8ed48e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:f1:1e:a9:a1:73:1e:53:f9:12:82:0a:55:
4e:70:80:5e:56:f0:41:fc:60:2a:a3:65:2e:ea:86:
26:55:6e:cf:25:36:28:bf:6d:f3:ef:88:85:d2:f0:
ad:65:b8:ac:da:56:62:0a:e8:6d:e1:9e:d3:d2:6c:
fd:f5:db:1a:fd:75:4d:74:ce:2a:7e:0a:da:9f:36:
88:37:24:98:dc:da:e1:28:ec:0c:fa:a4:06:87:57:
1f:44:c5:33:92:79:be:d6:20:73:6f:bf:f5:cd:f3:
4d:0b:ea:68:55:98:77:31:5f:16:83:c7:ab:2d:04:
4c:5c:e9:dc:b0:0c:14:2d:11:df:dc:e6:db:8f:35:
09:50:b1:27:2d:f5:c9:41:8e:19:a8:81:b5:e9:e9:
c0:13:6c:88:9e:79:bc:f2:b0:6a:9c:41:74:cb:6f:
db:93:fe:b5:87:e6:71:a4:13:64:88:68:d7:15:e3:
dd:bc:00:0d:16:48:d2:a7:ad:6c:42:de:43:4d:bf:
08:d3:5c:d3:f5:f8:fd:4b:8c:53:b8:85:c2:df:0a:
c7:16:dc:06:ce:66:77:9e:b1:af:7e:34:4d:e4:94:
5e:64:10:ff:fa:9a:16:db:3e:d4:f0:22:d0:c7:94:
b4:e9:4f:bb:5f:42:a8:ad:1c:51:17:92:3c:30:51:
b6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1D:33:D1:27:2E:C1:FD:BC:EB:C3:BA:03:41:D2:CD:8E:D4:8E:43
X509v3 Authority Key Identifier:
keyid:88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/YB0z0Scuwf2868O6A0HSzY7UjkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.88.0/22
185.140.108.0/24
193.32.235.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:56:72:1d:c1:b6:02:e3:e1:cb:6e:53:2f:2b:67:e1:62:39:
81:9f:e8:60:ea:77:2e:b0:e9:f2:b1:ab:97:ac:8f:cc:cf:c7:
26:76:81:e7:0b:f4:6c:35:b6:80:04:b9:19:46:0e:36:07:be:
40:1c:6a:ce:5c:53:4f:22:3d:a3:62:11:58:fd:d2:9f:c2:12:
a4:fd:45:cd:c9:26:5d:81:f3:2f:71:d8:00:a0:fe:8e:8c:04:
53:7c:78:dd:ae:a9:63:01:c8:9e:fb:cb:da:ea:46:5d:97:be:
83:88:8d:26:9b:63:d0:cb:a4:75:7a:d9:4c:03:99:23:19:be:
ac:c7:45:bb:18:c0:40:bb:07:1b:40:ba:46:6c:ae:b0:f5:65:
33:ea:09:38:6a:84:44:6a:d0:c0:f8:dd:ec:de:4f:90:63:0e:
d1:7b:b8:64:23:cd:f0:5a:13:ed:a6:35:04:d6:db:2e:c2:1a:
df:32:ca:dd:10:1d:5c:e7:77:b8:5f:16:79:13:78:c1:ae:3a:
b0:63:5a:c5:ac:14:2a:f2:fc:fd:7e:24:74:1b:3b:18:5d:8b:
42:a6:e0:ac:72:35:5c:f6:56:83:b3:01:1b:d1:27:e5:bf:22:
a9:33:c4:2f:2e:6f:e8:45:8e:c2:a3:9c:d4:5b:c2:7b:40:ca:
57:0f:82:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYk/lE4+j8vffV8YjaYHFpPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTJhMGE4MDlkYzNjZDFmYmQ4OTUxYThmODBmNjk5MjVl
MTE5MDgwHhcNMjMwNzEwMTEzMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFkMzNkMTI3MmVjMWZkYmNlYmMzYmEwMzQxZDJjZDhlZDQ4ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntvxHqmhcx5T+RKCClVOcIBeVvBB
/GAqo2Uu6oYmVW7PJTYov23z74iF0vCtZbis2lZiCuht4Z7T0mz99dsa/XVNdM4q
fgranzaINySY3NrhKOwM+qQGh1cfRMUzknm+1iBzb7/1zfNNC+poVZh3MV8Wg8er
LQRMXOncsAwULRHf3ObbjzUJULEnLfXJQY4ZqIG16enAE2yInnm88rBqnEF0y2/b
k/61h+ZxpBNkiGjXFePdvAANFkjSp61sQt5DTb8I01zT9fj9S4xTuIXC3wrHFtwG
zmZ3nrGvfjRN5JReZBD/+poW2z7U8CLQx5S06U+7X0KorRxRF5I8MFG2yQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGAdM9EnLsH9vOvDugNB0s2O1I5DMB8GA1UdIwQY
MBaAFIgSoKgJ3DzR+9iVGo+A9pkl4RkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjIt
ZmE3NWNiZTliZWFkLzEvWUIwejBTY3V3ZjI4NjhPNkEwSFN6WTdVamtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjItZmE3NWNiZTliZWFk
LzEvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuW9YAwQA
uYxsAwQAwSDrMA0GCSqGSIb3DQEBCwUAA4IBAQBsVnIdwbYC4+HLblMvK2fhYjmB
n+hg6ncusOnysauXrI/Mz8cmdoHnC/RsNbaABLkZRg42B75AHGrOXFNPIj2jYhFY
/dKfwhKk/UXNySZdgfMvcdgAoP6OjARTfHjdrqljAcie+8va6kZdl76DiI0mm2PQ
y6R1etlMA5kjGb6sx0W7GMBAuwcbQLpGbK6w9WUz6gk4aoREatDA+N3s3k+QYw7R
e7hkI83wWhPtpjUE1tsuwhrfMsrdEB1c53e4XxZ5E3jBrjqwY1rFrBQq8vz9fiR0
GzsYXYtCpuCscjVc9laDswEb0SflvyKpM8QvLm/oRY7Co5zUW8J7QMpXD4KF
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:58 2025 by rpki-client