Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/0YQtrFS_itUx507lC8ocJldpkfc.roa
File: 0YQtrFS_itUx507lC8ocJldpkfc.roa (raw, json)
Hash identifier: HBRr3azABwPJ50bHxB7x8DHCen5rqWbU/UU0Ngm6Fkw=
Subject key identifier: D1:84:2D:AC:54:BF:8A:D5:31:E7:4E:E5:0B:CA:1C:26:57:69:91:F7
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018C68C28004F7A71D853FDD5CB084547E60
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/0YQtrFS_itUx507lC8ocJldpkfc.roa
Signing time: Thu 14 Dec 2023 14:37:06 +0000
ROA not before: Thu 14 Dec 2023 14:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9050
IP address blocks: 185.253.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:c2:80:04:f7:a7:1d:85:3f:dd:5c:b0:84:54:7e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Dec 14 14:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1842dac54bf8ad531e74ee50bca1c26576991f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:66:4d:1b:a2:e6:a5:1b:cc:90:5a:08:3f:41:
a2:fb:a7:a2:68:55:d4:68:62:d7:a0:9f:32:78:d8:
57:15:d3:b6:69:6e:0f:f7:56:50:b2:72:fb:32:89:
bd:32:9e:03:17:2e:4e:9b:e9:16:55:2a:d3:84:25:
64:b8:00:b8:c8:e7:2e:d8:3b:d9:ac:57:06:33:4f:
9a:76:66:c6:7d:d2:62:62:0e:b6:47:49:ff:fe:d0:
81:31:1a:20:36:b4:8e:b3:3e:8d:ed:04:17:75:62:
00:77:a5:75:9f:cb:b4:86:8b:c2:cd:64:a8:06:3a:
7a:c5:bc:1a:cd:80:a1:c2:5f:2a:26:fe:55:8b:19:
e5:e4:e3:5a:ef:1d:15:d4:4f:86:11:56:6b:36:02:
2b:aa:3b:5f:db:54:4b:2b:35:b1:fc:11:bf:83:ad:
16:21:e0:c8:af:59:74:84:05:d7:79:cb:eb:8f:e1:
73:0b:89:39:b4:36:72:64:63:c3:0a:9b:4a:5b:ca:
73:df:e1:91:f7:0d:29:6a:92:05:db:a3:b2:28:f4:
8f:7d:cd:f4:d1:2a:6e:8d:4a:69:8d:6c:3e:d6:bc:
f9:f6:07:6c:26:56:3c:0e:03:59:c8:9b:51:68:85:
a7:c9:80:2a:94:27:c4:81:59:63:0d:21:71:87:bf:
21:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:84:2D:AC:54:BF:8A:D5:31:E7:4E:E5:0B:CA:1C:26:57:69:91:F7
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/0YQtrFS_itUx507lC8ocJldpkfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.6.0/24
Signature Algorithm: sha256WithRSAEncryption
44:75:dc:d5:71:7d:de:9c:0a:8a:2c:47:02:f9:41:9f:49:2c:
d2:50:cc:e6:10:49:18:8c:e2:4a:8c:56:c3:8a:16:4e:b5:69:
74:43:6b:fe:75:2a:2d:86:c1:ed:fa:52:cd:93:35:6c:e2:2f:
bd:6a:17:2a:8d:34:01:b2:49:fd:fc:89:d6:31:b9:48:93:44:
5f:9f:0e:be:fb:57:b3:92:9e:23:af:2f:a8:46:da:a2:b1:aa:
e5:f7:d2:6c:37:99:50:04:1e:ad:c6:8a:56:b1:82:21:5d:e5:
15:90:32:4c:89:ac:e9:a3:97:f2:fb:26:fa:50:ff:44:01:2d:
b8:1c:75:73:d2:a8:94:96:a4:68:55:5f:da:90:f6:5e:08:24:
dd:0f:a0:15:6c:74:a6:ca:ce:3e:c3:cc:e5:b7:e1:ac:bb:cf:
26:45:e2:24:73:70:fb:1f:ea:79:b4:d2:36:aa:a6:43:9e:74:
66:1a:b3:56:14:f3:70:7e:2b:6d:25:d7:2d:44:4f:cd:31:43:
e1:a7:84:9f:b1:5b:b6:a8:9a:52:7c:b7:6b:10:e1:dc:22:9e:
96:73:cc:d0:0a:c2:24:2b:13:34:83:45:e4:ab:de:4e:1c:f3:
e5:6a:3f:c4:64:33:79:76:d5:14:d3:43:c9:a0:89:6d:ce:7c:
17:6d:d2:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxowoAE96cdhT/dXLCEVH5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjMxMjE0MTQzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg0MmRhYzU0YmY4YWQ1MzFlNzRlZTUwYmNhMWMyNjU3Njk5MWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2ZNG6LmpRvMkFoIP0Gi+6eiaFXU
aGLXoJ8yeNhXFdO2aW4P91ZQsnL7Mom9Mp4DFy5Om+kWVSrThCVkuAC4yOcu2DvZ
rFcGM0+admbGfdJiYg62R0n//tCBMRogNrSOsz6N7QQXdWIAd6V1n8u0hovCzWSo
Bjp6xbwazYChwl8qJv5Vixnl5ONa7x0V1E+GEVZrNgIrqjtf21RLKzWx/BG/g60W
IeDIr1l0hAXXecvrj+FzC4k5tDZyZGPDCptKW8pz3+GR9w0papIF26OyKPSPfc30
0SpujUppjWw+1rz59gdsJlY8DgNZyJtRaIWnyYAqlCfEgVljDSFxh78hKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGELaxUv4rVMedO5QvKHCZXaZH3MB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvMFlRdHJGU19pdFV4NTA3bEM4b2NKbGRwa2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0GMA0G
CSqGSIb3DQEBCwUAA4IBAQBEddzVcX3enAqKLEcC+UGfSSzSUMzmEEkYjOJKjFbD
ihZOtWl0Q2v+dSothsHt+lLNkzVs4i+9ahcqjTQBskn9/InWMblIk0Rfnw6++1ez
kp4jry+oRtqisarl99JsN5lQBB6txopWsYIhXeUVkDJMiazpo5fy+yb6UP9EAS24
HHVz0qiUlqRoVV/akPZeCCTdD6AVbHSmys4+w8zlt+Gsu88mReIkc3D7H+p5tNI2
qqZDnnRmGrNWFPNwfittJdctRE/NMUPhp4SfsVu2qJpSfLdrEOHcIp6Wc8zQCsIk
KxM0g0Xkq95OHPPlaj/EZDN5dtUU00PJoIltznwXbdLU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:36 2025 by rpki-client