Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/ybtWMtE1oU1_LEn3kbrOu-XHqLk.roa
File: ybtWMtE1oU1_LEn3kbrOu-XHqLk.roa (raw, json)
Hash identifier: w0ngy15M6MRFAdPviFufWJSwPMBsJs6MFcnZpkhOZgY=
Subject key identifier: C9:BB:56:32:D1:35:A1:4D:7F:2C:49:F7:91:BA:CE:BB:E5:C7:A8:B9
Certificate issuer: /CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Certificate serial: 01857295B0F54E4EB95B60BAC02C58B91C60
Authority key identifier: D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/ybtWMtE1oU1_LEn3kbrOu-XHqLk.roa
Signing time: Mon 02 Jan 2023 13:04:50 +0000
ROA not before: Mon 02 Jan 2023 13:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47447
IP address blocks: 185.13.68.0/22 maxlen: 24
62.113.233.0/24 maxlen: 24
185.252.32.0/22 maxlen: 22
62.113.192.0/18 maxlen: 24
212.83.32.0/19 maxlen: 24
2a0c:2040::/29 maxlen: 29
2a00:f48::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:b0:f5:4e:4e:b9:5b:60:ba:c0:2c:58:b9:1c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Validity
Not Before: Jan 2 13:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9bb5632d135a14d7f2c49f791bacebbe5c7a8b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5d:fb:17:6a:c9:dd:36:7d:23:29:04:ef:12:
01:e8:64:54:2b:01:4f:7d:4c:32:be:1b:29:44:68:
8d:74:f7:f7:1d:06:b2:11:ba:d0:36:d8:c0:52:77:
b7:e4:6b:b9:d5:fa:e0:75:80:5b:5c:cf:2d:e6:d6:
cc:7a:0f:c4:cf:27:2b:f3:46:5c:22:d5:26:35:8b:
11:53:97:50:6b:4b:f8:85:d2:03:4d:aa:75:a5:bf:
72:b0:c7:b5:f1:c8:30:14:da:e3:d8:e2:2e:58:93:
f4:cf:0c:d2:5b:2a:bd:24:75:82:92:5c:50:70:55:
cf:4b:5f:16:cd:ce:8e:16:fb:37:09:7d:14:32:ed:
3c:03:ae:a2:9e:64:60:26:69:c1:17:6e:58:0e:bb:
59:0d:77:a9:f5:63:fa:a5:4e:27:30:c2:7a:eb:f5:
fa:8f:b3:f5:7e:e0:9e:97:f2:fc:a5:a4:e1:e2:dc:
c7:1e:9d:47:d5:72:23:ba:af:1a:13:b8:72:32:3e:
09:3a:50:82:9a:ec:21:1e:95:3b:b7:6e:a0:76:00:
8b:31:d6:57:46:4e:0d:a4:a0:b0:37:23:78:71:65:
ae:4d:e0:4c:c5:d2:47:82:27:c3:32:e5:e6:8d:79:
c9:42:ca:b4:cd:ee:16:fd:1d:50:6b:c7:b3:66:6e:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BB:56:32:D1:35:A1:4D:7F:2C:49:F7:91:BA:CE:BB:E5:C7:A8:B9
X509v3 Authority Key Identifier:
keyid:D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/ybtWMtE1oU1_LEn3kbrOu-XHqLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.192.0/18
185.13.68.0/22
185.252.32.0/22
212.83.32.0/19
IPv6:
2a00:f48::/32
2a0c:2040::/29
Signature Algorithm: sha256WithRSAEncryption
34:67:4d:b7:4b:40:72:e7:d2:e0:25:0b:e7:cc:7d:18:e3:fe:
48:17:7b:3c:a6:fd:99:dd:8d:b9:f0:10:f8:5f:68:73:c6:91:
3e:16:3b:ae:54:99:c4:56:eb:86:c4:0d:5e:a3:d5:ad:c0:56:
67:a8:30:de:54:1f:9f:8b:54:a8:36:d8:b9:d2:21:f8:22:20:
4a:24:cd:ee:9b:96:e3:59:fe:5b:06:73:bc:e9:75:1d:6f:7d:
ad:47:74:fc:a1:c6:f3:e1:5a:41:ec:33:08:4e:14:85:2d:31:
33:da:f7:81:63:b4:62:c6:cc:b0:07:21:aa:c0:ca:86:c9:b8:
ba:23:a6:c2:c5:10:e4:cf:0e:96:2e:50:17:99:c4:0e:2d:21:
ed:3c:fb:01:82:cd:41:be:b2:d4:46:56:6b:12:2c:b8:e4:c6:
7f:f8:36:36:a1:33:c4:ef:89:45:14:9c:33:ce:28:09:c7:9d:
02:d0:f0:50:52:13:6b:73:be:14:71:8c:85:90:d1:3f:d4:bc:
0b:6b:1f:57:16:eb:f9:b7:86:e0:a1:f7:3e:01:34:15:06:58:
b4:8e:46:88:41:cd:c9:31:05:9d:b8:fc:2a:18:52:77:89:5c:
06:72:bb:9a:90:dd:d0:f4:9a:37:9f:52:f0:6a:cf:29:11:ac:
fe:4a:a0:84
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVylbD1Tk65W2C6wCxYuRxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOTQ5M2ExNzk5N2QzMWU4ZDVhYTZjY2M5YTZiZDc1N2Yx
NWMwMzAwHhcNMjMwMTAyMTMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJiNTYzMmQxMzVhMTRkN2YyYzQ5Zjc5MWJhY2ViYmU1YzdhOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz137F2rJ3TZ9IykE7xIB6GRUKwFP
fUwyvhspRGiNdPf3HQayEbrQNtjAUne35Gu51frgdYBbXM8t5tbMeg/Ezycr80Zc
ItUmNYsRU5dQa0v4hdIDTap1pb9ysMe18cgwFNrj2OIuWJP0zwzSWyq9JHWCklxQ
cFXPS18Wzc6OFvs3CX0UMu08A66inmRgJmnBF25YDrtZDXep9WP6pU4nMMJ66/X6
j7P1fuCel/L8paTh4tzHHp1H1XIjuq8aE7hyMj4JOlCCmuwhHpU7t26gdgCLMdZX
Rk4NpKCwNyN4cWWuTeBMxdJHgifDMuXmjXnJQsq0ze4W/R1Qa8ezZm46AQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMm7VjLRNaFNfyxJ95G6zrvlx6i5MB8GA1UdIwQY
MBaAFNOUk6F5l9MejVqmzMmmvXV/FcAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDVTVG9YbVgweDZOV3FiTXlhYTlkWDhWd0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lODA0ZTQtN2YzMC00MDQ5LTk0OGIt
OTc5MjMyOTdjZGE3LzEveWJ0V010RTFvVTFfTEVuM2tick91LVhIcUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lODA0ZTQtN2YzMC00MDQ5LTk0OGItOTc5MjMyOTdjZGE3
LzEvMDVTVG9YbVgweDZOV3FiTXlhYTlkWDhWd0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQGPnHAAwQC
uQ1EAwQCufwgAwQF1FMgMBQEAgACMA4DBQAqAA9IAwUDKgwgQDANBgkqhkiG9w0B
AQsFAAOCAQEANGdNt0tAcufS4CUL58x9GOP+SBd7PKb9md2NufAQ+F9oc8aRPhY7
rlSZxFbrhsQNXqPVrcBWZ6gw3lQfn4tUqDbYudIh+CIgSiTN7puW41n+WwZzvOl1
HW99rUd0/KHG8+FaQewzCE4UhS0xM9r3gWO0YsbMsAchqsDKhsm4uiOmwsUQ5M8O
li5QF5nEDi0h7Tz7AYLNQb6y1EZWaxIsuOTGf/g2NqEzxO+JRRScM84oCcedAtDw
UFITa3O+FHGMhZDRP9S8C2sfVxbr+beG4KH3PgE0FQZYtI5GiEHNyTEFnbj8KhhS
d4lcBnK7mpDd0PSaN59S8GrPKRGs/kqghA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:46 2025 by rpki-client