Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/yCzqVa0LsW3lywL5uD2fL4uSCGc.roa
File: yCzqVa0LsW3lywL5uD2fL4uSCGc.roa (raw, json)
Hash identifier: S7cSR3CEnYFoMUKhtBdtKNo9dVGFVgzJbPRSk0vsbgU=
Subject key identifier: C8:2C:EA:55:AD:0B:B1:6D:E5:CB:02:F9:B8:3D:9F:2F:8B:92:08:67
Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Certificate serial: 06BB9634
Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/yCzqVa0LsW3lywL5uD2fL4uSCGc.roa
Signing time: Sat 01 Jan 2022 15:05:48 +0000
ROA not before: Sat 01 Jan 2022 15:05:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25682
IP address blocks: 193.57.173.0/24 maxlen: 24
193.57.200.0/24 maxlen: 24
193.57.223.0/24 maxlen: 24
193.57.224.0/24 maxlen: 24
2a0f:8640::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112956980 (0x6bb9634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Validity
Not Before: Jan 1 15:05:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c82cea55ad0bb16de5cb02f9b83d9f2f8b920867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5b:8f:13:b0:88:26:8f:69:0c:59:bf:14:21:
fe:0b:f6:6f:0d:66:ac:a1:71:ff:d6:f9:f1:14:54:
be:93:a9:50:7e:bc:7f:7a:fe:a0:e2:e9:74:d6:95:
7a:93:50:21:6b:8d:f3:02:dc:a4:bd:a3:bb:50:f7:
1d:5a:b6:14:f1:7a:f3:35:90:bc:5d:5e:50:ce:70:
43:d7:69:0d:9d:06:f8:f4:cb:6c:77:a0:1a:92:54:
46:2b:10:2a:6b:4b:54:41:3a:55:cd:12:0b:0c:a0:
b9:00:38:50:89:ec:49:e2:7c:87:32:69:7b:2c:06:
95:56:95:89:e5:61:ef:82:fe:12:9a:14:0b:d1:17:
69:82:dc:d4:49:36:ce:8d:ad:26:22:52:eb:2f:f4:
eb:dc:f3:6a:76:ad:e8:23:86:5b:2e:10:09:78:9b:
55:0d:2b:10:b5:40:fd:30:ce:b6:c8:5d:81:95:71:
8e:79:47:93:bc:5a:dc:77:30:5c:8c:8a:06:b8:b5:
e7:bd:8b:e1:a2:77:af:93:4e:59:f3:cc:db:ce:91:
b2:03:50:44:7d:3b:f5:4e:8a:03:e7:fe:31:14:91:
15:90:a3:0a:f0:e3:b1:46:3c:0b:53:23:b6:91:da:
85:04:b9:7a:5d:3b:ed:0f:99:ce:0e:9f:fa:98:63:
7e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2C:EA:55:AD:0B:B1:6D:E5:CB:02:F9:B8:3D:9F:2F:8B:92:08:67
X509v3 Authority Key Identifier:
keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/yCzqVa0LsW3lywL5uD2fL4uSCGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.173.0/24
193.57.200.0/24
193.57.223.0-193.57.224.255
IPv6:
2a0f:8640::/29
Signature Algorithm: sha256WithRSAEncryption
3d:30:99:bc:95:32:30:d2:f0:b3:d5:dc:78:a3:66:02:97:12:
19:a1:7d:f3:21:48:e3:89:6c:11:2e:b8:eb:f9:28:0d:75:2f:
d1:67:45:aa:6a:b8:07:9c:66:80:16:a5:04:4e:fa:e0:58:a6:
dd:44:0c:86:30:3f:fc:ab:96:6f:24:6d:32:b8:86:03:62:10:
62:5c:82:97:b3:88:51:94:cf:c8:6f:5c:c1:06:55:1c:9f:47:
ac:ee:2c:60:fe:ad:27:45:76:f2:f1:aa:70:bd:97:8e:cf:b4:
f8:cb:a4:e3:4e:6c:f9:5f:a7:33:55:cd:13:97:ef:c3:55:04:
1a:c3:c1:ce:fa:ae:73:25:e6:c1:7f:d2:0d:fb:c5:a0:ba:da:
79:65:dc:5a:c2:a4:9f:b3:06:c5:61:26:e3:57:b1:b5:15:b8:
c7:ec:01:ea:22:cc:6a:d9:37:08:54:80:65:fd:2b:f8:10:38:
5c:40:f6:74:e7:bf:34:dd:f5:41:10:c4:21:e0:7b:a0:05:c0:
f9:fc:87:25:fc:63:63:4a:ca:e6:89:ee:90:ff:1a:2b:40:4c:
b3:ee:5a:f4:90:b4:78:f3:63:be:94:ec:21:d8:19:55:bf:ae:
cc:8c:6d:7f:fc:d0:94:f1:40:56:dc:6c:f4:91:6c:cf:19:fa:
77:c0:65:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBruWNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmNkNDBkMTBiNTZmM2I1MzJmYTBkZmQwMWQ4MTdlZjkzZGExYTM0MB4XDTIyMDEw
MTE1MDU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzgyY2VhNTVhZDBi
YjE2ZGU1Y2IwMmY5YjgzZDlmMmY4YjkyMDg2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdbjxOwiCaPaQxZvxQh/gv2bw1mrKFx/9b58RRUvpOpUH68
f3r+oOLpdNaVepNQIWuN8wLcpL2ju1D3HVq2FPF68zWQvF1eUM5wQ9dpDZ0G+PTL
bHegGpJURisQKmtLVEE6Vc0SCwyguQA4UInsSeJ8hzJpeywGlVaVieVh74L+EpoU
C9EXaYLc1Ek2zo2tJiJS6y/069zzanat6COGWy4QCXibVQ0rELVA/TDOtshdgZVx
jnlHk7xa3HcwXIyKBri1572L4aJ3r5NOWfPM286RsgNQRH079U6KA+f+MRSRFZCj
CvDjsUY8C1MjtpHahQS5el077Q+Zzg6f+phjfpMCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTILOpVrQuxbeXLAvm4PZ8vi5IIZzAfBgNVHSMEGDAWgBRbzUDRC1bztTL6
Df0B2Bfvk9oaNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1c4MUEwUXRXODdVeS1nMzlBZGdYNzVQYUdqUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvYmZmNzU4LTRiODMtNDczZC1iMDcyLWEyY2UxY2M4Yjg3Zi8x
L3lDenFWYTBMc1czbHl3TDV1RDJmTDR1U0NHYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
YmZmNzU4LTRiODMtNDczZC1iMDcyLWEyY2UxY2M4Yjg3Zi8xL1c4MUEwUXRXODdV
eS1nMzlBZGdYNzVQYUdqUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAME5rQMEAME5yDAMAwQAwTnfAwQA
wTngMA0EAgACMAcDBQMqD4ZAMA0GCSqGSIb3DQEBCwUAA4IBAQA9MJm8lTIw0vCz
1dx4o2YClxIZoX3zIUjjiWwRLrjr+SgNdS/RZ0WqargHnGaAFqUETvrgWKbdRAyG
MD/8q5ZvJG0yuIYDYhBiXIKXs4hRlM/Ib1zBBlUcn0es7ixg/q0nRXby8apwvZeO
z7T4y6TjTmz5X6czVc0Tl+/DVQQaw8HO+q5zJebBf9IN+8Wgutp5ZdxawqSfswbF
YSbjV7G1FbjH7AHqIsxq2TcIVIBl/Sv4EDhcQPZ057803fVBEMQh4HugBcD5/Icl
/GNjSsrmie6Q/xorQEyz7lr0kLR482O+lOwh2BlVv67MjG1//NCU8UBW3Gz0kWzP
Gfp3wGXB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:52 2025 by rpki-client