Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/yFxi9jv-94ksX_8HuvqWHZKQOfY.roa
File: yFxi9jv-94ksX_8HuvqWHZKQOfY.roa (raw, json)
Hash identifier: zO33UoNOQRFN5BuKLzESejo3sJbHRkfwVaMyTXhpGpI=
Subject key identifier: C8:5C:62:F6:3B:FE:F7:89:2C:5F:FF:07:BA:FA:96:1D:92:90:39:F6
Certificate issuer: /CN=c6b6f07b173360f215f1518c8712a4b054d85c07
Certificate serial: 0185732205AD6251129F8911C1B932294356
Authority key identifier: C6:B6:F0:7B:17:33:60:F2:15:F1:51:8C:87:12:A4:B0:54:D8:5C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xrbwexczYPIV8VGMhxKksFTYXAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/yFxi9jv-94ksX_8HuvqWHZKQOfY.roa
Signing time: Mon 02 Jan 2023 15:38:07 +0000
ROA not before: Mon 02 Jan 2023 15:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21473
IP address blocks: 185.28.4.0/22 maxlen: 24
93.190.248.0/21 maxlen: 21
109.233.144.0/21 maxlen: 24
212.65.0.0/19 maxlen: 19
2a00:1e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:05:ad:62:51:12:9f:89:11:c1:b9:32:29:43:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6b6f07b173360f215f1518c8712a4b054d85c07
Validity
Not Before: Jan 2 15:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c85c62f63bfef7892c5fff07bafa961d929039f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:54:d9:97:ac:86:b7:f8:75:3d:e5:17:75:60:
ae:6e:6e:be:87:89:51:f9:69:35:4c:94:fb:98:1e:
76:c3:34:53:45:77:51:66:ff:e8:17:cc:e3:81:ec:
92:44:12:fc:d3:8a:cb:20:a9:5c:61:8b:30:0b:62:
95:a6:79:5c:a5:e2:c7:44:83:56:be:56:40:aa:14:
13:7b:5a:ee:1c:a6:33:5f:8d:c9:cb:40:ac:fe:f6:
c0:3a:c0:5e:b1:93:22:d3:d1:eb:38:be:77:56:97:
86:74:88:21:bf:11:52:71:e2:09:bf:44:07:9b:e1:
d2:b7:8c:4b:95:9d:e1:ce:57:c3:cf:d2:60:fc:5d:
4d:4f:ff:f0:7d:6d:92:d6:a2:29:a0:db:ec:da:3c:
34:41:66:d6:48:6a:a9:5f:35:fd:86:35:80:1b:dd:
43:b8:ba:1c:79:f5:a4:60:7b:90:1e:55:83:de:c9:
ff:84:7c:b9:d6:f1:fc:bd:d8:34:18:6b:ce:ef:b5:
2b:a1:f6:41:a9:4a:df:c7:57:36:9f:c7:e2:cd:9e:
18:ce:ce:45:a0:55:87:dc:da:a4:0a:dc:ed:0b:c6:
92:5a:2d:ad:f6:2c:65:37:2a:4e:56:a7:31:e9:84:
0c:a0:87:82:51:ff:dc:a3:3a:05:2b:4e:2c:4a:8c:
93:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5C:62:F6:3B:FE:F7:89:2C:5F:FF:07:BA:FA:96:1D:92:90:39:F6
X509v3 Authority Key Identifier:
keyid:C6:B6:F0:7B:17:33:60:F2:15:F1:51:8C:87:12:A4:B0:54:D8:5C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xrbwexczYPIV8VGMhxKksFTYXAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/yFxi9jv-94ksX_8HuvqWHZKQOfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/xrbwexczYPIV8VGMhxKksFTYXAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.248.0/21
109.233.144.0/21
185.28.4.0/22
212.65.0.0/19
IPv6:
2a00:1e80::/32
Signature Algorithm: sha256WithRSAEncryption
b1:f6:4e:9f:d2:6f:77:01:fa:c6:03:10:94:d2:82:ba:20:6a:
8e:08:28:db:20:7a:ab:34:4f:5d:6e:4d:8b:b9:7d:0a:59:44:
5e:41:cc:e4:d1:1f:0f:ce:04:5a:3e:d9:0a:24:2c:55:a5:e0:
49:61:0f:e9:3a:d1:35:5f:5b:c1:11:b4:a5:8b:ad:30:66:4e:
da:11:f1:23:16:19:33:72:58:08:59:ec:d6:f2:0b:59:71:df:
b4:7a:fe:29:e6:68:1a:6a:28:ea:7c:f6:7a:8b:e5:b3:ba:77:
8d:27:0a:07:5e:02:c4:89:9f:bb:d4:7f:2e:0a:c2:fe:c5:85:
b9:7c:bd:82:2d:a9:3b:e0:4c:85:8a:ec:b6:85:54:b2:df:4f:
ed:00:81:0f:a7:16:36:d4:f6:54:67:6d:9a:3e:f2:10:58:e8:
4b:b1:99:33:25:54:a4:ce:ee:2d:e9:a9:4a:8b:73:d1:cf:fd:
b2:1e:83:53:fa:96:ee:cf:c1:a8:9d:d2:22:92:ff:6e:8e:6a:
3f:15:87:cc:f1:87:10:1e:1b:3e:76:64:85:d0:79:59:b6:0b:
e4:3f:c4:12:0d:03:7e:63:83:bd:69:f5:78:5b:79:40:2c:49:
c9:7f:8b:16:f0:cd:01:34:11:ca:57:8e:19:16:5b:0f:0c:55:
68:02:7a:e4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzIgWtYlESn4kRwbkyKUNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YjZmMDdiMTczMzYwZjIxNWYxNTE4Yzg3MTJhNGIwNTRk
ODVjMDcwHhcNMjMwMTAyMTUzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODVjNjJmNjNiZmVmNzg5MmM1ZmZmMDdiYWZhOTYxZDkyOTAzOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFTZl6yGt/h1PeUXdWCubm6+h4lR
+Wk1TJT7mB52wzRTRXdRZv/oF8zjgeySRBL804rLIKlcYYswC2KVpnlcpeLHRINW
vlZAqhQTe1ruHKYzX43Jy0Cs/vbAOsBesZMi09HrOL53VpeGdIghvxFSceIJv0QH
m+HSt4xLlZ3hzlfDz9Jg/F1NT//wfW2S1qIpoNvs2jw0QWbWSGqpXzX9hjWAG91D
uLocefWkYHuQHlWD3sn/hHy51vH8vdg0GGvO77UrofZBqUrfx1c2n8fizZ4Yzs5F
oFWH3NqkCtztC8aSWi2t9ixlNypOVqcx6YQMoIeCUf/cozoFK04sSoyTcwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMhcYvY7/veJLF//B7r6lh2SkDn2MB8GA1UdIwQY
MBaAFMa28HsXM2DyFfFRjIcSpLBU2FwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHJid2V4Y3pZUElWOFZHTWh4S2tzRlRZWEFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iODcyYjYtYzMwYS00NjE2LWI1YTct
MjhkOTRmY2IxMDg4LzEveUZ4aTlqdi05NGtzWF84SHV2cVdIWktRT2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iODcyYjYtYzMwYS00NjE2LWI1YTctMjhkOTRmY2IxMDg4
LzEveHJid2V4Y3pZUElWOFZHTWh4S2tzRlRZWEFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXb74AwQD
bemQAwQCuRwEAwQF1EEAMA0EAgACMAcDBQAqAB6AMA0GCSqGSIb3DQEBCwUAA4IB
AQCx9k6f0m93AfrGAxCU0oK6IGqOCCjbIHqrNE9dbk2LuX0KWUReQczk0R8PzgRa
PtkKJCxVpeBJYQ/pOtE1X1vBEbSli60wZk7aEfEjFhkzclgIWezW8gtZcd+0ev4p
5mgaaijqfPZ6i+WzuneNJwoHXgLEiZ+71H8uCsL+xYW5fL2CLak74EyFiuy2hVSy
30/tAIEPpxY21PZUZ22aPvIQWOhLsZkzJVSkzu4t6alKi3PRz/2yHoNT+pbuz8Go
ndIikv9ujmo/FYfM8YcQHhs+dmSF0HlZtgvkP8QSDQN+Y4O9afV4W3lALEnJf4sW
8M0BNBHKV44ZFlsPDFVoAnrk
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:31:10 2025 by rpki-client