Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/yClJ0y8D0Z6XhIXjpMB1QkhBwdI.roa
File: yClJ0y8D0Z6XhIXjpMB1QkhBwdI.roa (raw, json)
Hash identifier: CLsprgyq7UhSrovQxzJ0qaakv1csP6QnCgPf7LDhi2U=
Subject key identifier: C8:29:49:D3:2F:03:D1:9E:97:84:85:E3:A4:C0:75:42:48:41:C1:D2
Certificate issuer: /CN=c1db67b85104e4db598fea15678699c92473bda0
Certificate serial: 018A1E826F00F0FFA8198097D56A9EC5A72C
Authority key identifier: C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/yClJ0y8D0Z6XhIXjpMB1QkhBwdI.roa
Signing time: Tue 22 Aug 2023 18:29:39 +0000
ROA not before: Tue 22 Aug 2023 18:29:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216475
IP address blocks: 185.170.10.0/24 maxlen: 24
2a0c:dd80:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1e:82:6f:00:f0:ff:a8:19:80:97:d5:6a:9e:c5:a7:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1db67b85104e4db598fea15678699c92473bda0
Validity
Not Before: Aug 22 18:29:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82949d32f03d19e978485e3a4c075424841c1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:75:37:79:fc:c6:bb:5a:c3:55:fc:95:14:78:
4e:4e:df:45:3f:4e:de:55:0f:f9:19:f8:94:e6:16:
6e:ed:92:4d:75:24:a2:ed:57:de:2d:ac:8e:cc:3c:
7a:47:b2:5c:05:45:fd:92:dd:81:38:c6:37:3f:a1:
6f:c2:df:20:ed:b9:80:74:d3:2f:67:48:49:5f:2f:
5e:ec:92:46:41:dc:7b:98:3f:1c:46:44:ed:22:16:
ca:bd:fd:b3:82:0a:ab:15:47:3f:84:21:d2:88:9a:
4e:35:65:39:fe:e9:46:78:58:09:1a:12:25:c4:d4:
89:90:8f:e2:fe:63:45:a9:1f:55:d8:e2:c3:26:a4:
d7:56:ae:ec:91:42:95:55:ec:34:7b:57:43:bb:a6:
ce:80:bf:28:35:eb:3c:3a:9d:e8:26:f1:b9:d5:55:
e6:4f:71:62:d1:1e:f2:cc:85:05:70:fe:c5:43:b1:
80:c8:de:af:f2:ac:4c:5e:27:5e:22:28:57:a8:36:
a0:e8:f9:ef:14:54:61:af:7d:1b:ef:d9:6a:c9:db:
5c:27:20:31:72:bc:ac:e3:d4:d3:a2:d2:ed:aa:e7:
11:a0:47:73:59:84:9c:bc:d9:6e:19:b9:c8:d6:1c:
d3:80:84:2a:ef:58:74:f3:51:b3:f0:35:cb:c0:09:
86:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:29:49:D3:2F:03:D1:9E:97:84:85:E3:A4:C0:75:42:48:41:C1:D2
X509v3 Authority Key Identifier:
keyid:C1:DB:67:B8:51:04:E4:DB:59:8F:EA:15:67:86:99:C9:24:73:BD:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdtnuFEE5NtZj-oVZ4aZySRzvaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/yClJ0y8D0Z6XhIXjpMB1QkhBwdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6a6535-6f42-4f2d-9eb9-7d4c8f37f5fd/1/wdtnuFEE5NtZj-oVZ4aZySRzvaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.10.0/24
IPv6:
2a0c:dd80:2000::/48
Signature Algorithm: sha256WithRSAEncryption
ca:ae:9f:1e:e5:d5:bc:67:05:0b:9a:e8:fd:7a:2e:38:23:bb:
b2:8f:5c:03:55:9a:8f:02:91:87:07:f1:b6:bd:d9:7f:65:f5:
9e:bd:61:51:c4:e9:b1:c8:d5:04:e7:b7:6d:06:15:3f:67:bf:
10:07:60:b6:b1:78:8a:47:32:53:1a:da:1e:b2:19:19:64:7f:
2f:12:46:b4:e8:30:24:fc:a6:6d:9c:8d:89:ab:35:64:90:46:
b6:63:46:3d:d2:c6:aa:20:79:52:b2:7c:ef:44:fd:59:be:e1:
83:63:ee:1d:50:a0:c6:82:b1:65:f2:41:e3:19:1e:f6:a2:8c:
cc:dd:6a:a1:9c:5c:8e:70:9d:62:3b:83:4a:3f:bc:4b:2d:c9:
06:2c:70:86:69:26:76:2f:3a:b5:48:79:44:64:62:e7:e7:5f:
34:18:a1:73:ef:8f:30:ea:83:20:3e:ef:cf:9a:22:c2:47:b8:
de:31:57:ff:41:be:cb:5a:41:e5:1f:4a:ba:fc:96:ef:2c:95:
be:0f:db:87:30:5c:4d:9d:d8:c1:59:05:11:07:94:c3:ee:47:
44:a8:0a:0e:0c:a0:7b:cb:2b:fb:b8:81:1b:75:78:a3:11:14:
50:6b:df:ce:8e:e5:90:d9:1d:5f:cf:4c:44:cd:e7:27:7c:c1:
16:f0:95:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoegm8A8P+oGYCX1WqexacsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZGI2N2I4NTEwNGU0ZGI1OThmZWExNTY3ODY5OWM5MjQ3
M2JkYTAwHhcNMjMwODIyMTgyOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI5NDlkMzJmMDNkMTllOTc4NDg1ZTNhNGMwNzU0MjQ4NDFjMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3U3efzGu1rDVfyVFHhOTt9FP07e
VQ/5GfiU5hZu7ZJNdSSi7VfeLayOzDx6R7JcBUX9kt2BOMY3P6Fvwt8g7bmAdNMv
Z0hJXy9e7JJGQdx7mD8cRkTtIhbKvf2zggqrFUc/hCHSiJpONWU5/ulGeFgJGhIl
xNSJkI/i/mNFqR9V2OLDJqTXVq7skUKVVew0e1dDu6bOgL8oNes8Op3oJvG51VXm
T3Fi0R7yzIUFcP7FQ7GAyN6v8qxMXideIihXqDag6PnvFFRhr30b79lqydtcJyAx
crys49TTotLtqucRoEdzWYScvNluGbnI1hzTgIQq71h081Gz8DXLwAmG+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMgpSdMvA9Gel4SF46TAdUJIQcHSMB8GA1UdIwQY
MBaAFMHbZ7hRBOTbWY/qFWeGmckkc72gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjkt
N2Q0YzhmMzdmNWZkLzEveUNsSjB5OEQwWjZYaElYanBNQjFRa2hCd2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82YTY1MzUtNmY0Mi00ZjJkLTllYjktN2Q0YzhmMzdmNWZk
LzEvd2R0bnVGRUU1TnRaai1vVlo0YVp5U1J6dmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuaoKMA8E
AgACMAkDBwAqDN2AIAAwDQYJKoZIhvcNAQELBQADggEBAMqunx7l1bxnBQua6P16
Ljgju7KPXANVmo8CkYcH8ba92X9l9Z69YVHE6bHI1QTnt20GFT9nvxAHYLaxeIpH
MlMa2h6yGRlkfy8SRrToMCT8pm2cjYmrNWSQRrZjRj3SxqogeVKyfO9E/Vm+4YNj
7h1QoMaCsWXyQeMZHvaijMzdaqGcXI5wnWI7g0o/vEstyQYscIZpJnYvOrVIeURk
YufnXzQYoXPvjzDqgyA+78+aIsJHuN4xV/9BvstaQeUfSrr8lu8slb4P24cwXE2d
2MFZBREHlMPuR0SoCg4MoHvLK/u4gRt1eKMRFFBr386O5ZDZHV/PTETN5yd8wRbw
lTM=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:57:03 2025 by rpki-client