Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/CYvNfIXa1m7-vned5H_fMFi1fyM.roa
File: CYvNfIXa1m7-vned5H_fMFi1fyM.roa (raw, json)
Hash identifier: s584X261YtipL8YIJkUh6G54b5A++FTwbm4y2FKu0XY=
Subject key identifier: 09:8B:CD:7C:85:DA:D6:6E:FE:BE:77:9D:E4:7F:DF:30:58:B5:7F:23
Certificate issuer: /CN=a79cf10c31f2edbb557d5540973c88079b33200f
Certificate serial: 01856E5D577F76826C6F1ADABE09C41FF34D
Authority key identifier: A7:9C:F1:0C:31:F2:ED:BB:55:7D:55:40:97:3C:88:07:9B:33:20:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5zxDDHy7btVfVVAlzyIB5szIA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/CYvNfIXa1m7-vned5H_fMFi1fyM.roa
Signing time: Sun 01 Jan 2023 17:24:48 +0000
ROA not before: Sun 01 Jan 2023 17:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20565
IP address blocks: 185.113.48.0/22 maxlen: 22
45.153.204.0/22 maxlen: 22
45.81.208.0/22 maxlen: 22
185.241.0.0/22 maxlen: 22
2a06:6800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:57:7f:76:82:6c:6f:1a:da:be:09:c4:1f:f3:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79cf10c31f2edbb557d5540973c88079b33200f
Validity
Not Before: Jan 1 17:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=098bcd7c85dad66efebe779de47fdf3058b57f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e9:67:98:e8:59:27:3b:8b:77:c0:f1:85:05:
6c:80:f5:20:8b:b1:99:99:c8:59:1a:12:ef:68:67:
a7:64:4a:72:6e:37:a8:24:7f:79:9f:71:48:36:a3:
df:a5:f6:bf:b0:23:eb:52:8b:0d:80:46:94:89:8b:
3f:3b:89:40:e8:15:de:82:74:fc:a6:45:5f:2c:99:
9e:1b:da:e5:50:b5:73:26:40:2f:f6:b9:9b:37:ec:
0c:56:68:28:f6:45:d1:38:91:23:8b:94:67:56:31:
90:bb:da:d8:b7:89:9f:c7:40:98:27:24:94:31:55:
85:2b:1e:41:3d:34:36:da:86:2c:68:72:26:40:35:
a5:98:b7:88:b1:8d:4e:61:46:26:43:e5:39:dc:1e:
18:94:1d:85:7f:f3:da:ef:93:fa:7c:3e:2c:0f:e1:
50:dd:51:c4:bd:bf:91:55:be:31:6e:6c:1f:2c:d2:
6d:58:05:d4:71:3e:b4:fd:0d:74:28:60:bd:16:92:
a8:db:c2:fc:8e:c9:36:76:58:67:92:8d:e7:47:30:
f3:cb:9e:50:30:34:69:3c:17:93:92:95:57:28:3e:
7b:46:a2:64:ae:25:f6:45:60:b5:6c:fb:83:a6:7c:
b8:79:af:19:e6:4d:f1:e0:48:55:ab:f5:fc:38:00:
ef:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8B:CD:7C:85:DA:D6:6E:FE:BE:77:9D:E4:7F:DF:30:58:B5:7F:23
X509v3 Authority Key Identifier:
keyid:A7:9C:F1:0C:31:F2:ED:BB:55:7D:55:40:97:3C:88:07:9B:33:20:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5zxDDHy7btVfVVAlzyIB5szIA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/CYvNfIXa1m7-vned5H_fMFi1fyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/p5zxDDHy7btVfVVAlzyIB5szIA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.208.0/22
45.153.204.0/22
185.113.48.0/22
185.241.0.0/22
IPv6:
2a06:6800::/29
Signature Algorithm: sha256WithRSAEncryption
68:9f:e6:91:8f:3e:3c:68:6f:80:22:5e:86:3e:bc:2d:e9:c6:
e3:1d:49:38:70:89:53:fe:b1:6d:2f:8a:21:a0:6e:f7:a2:7d:
9b:78:8b:44:5e:a4:cf:b9:d9:44:46:30:bb:56:2c:a5:45:22:
8b:ef:c8:88:be:14:c3:1d:9f:b6:ef:64:3a:b0:d7:cc:72:2a:
17:66:63:6d:fb:49:3e:e3:87:9a:8f:f9:8d:f4:85:75:b3:dc:
94:d1:c2:13:96:a0:39:7e:d2:3a:f2:3c:de:9e:74:e9:cc:27:
bc:8d:1a:9b:4f:e9:03:19:b3:bd:17:1d:65:fe:38:23:57:80:
0d:bd:61:2b:55:e0:28:5f:fd:0c:0a:6f:e6:5e:48:87:fd:b3:
51:08:51:41:09:69:29:b5:38:00:de:56:e9:1d:f3:2e:4e:b2:
fb:04:db:2b:da:a6:29:6a:1e:c4:4c:df:80:94:0d:dd:b7:4b:
f9:52:bc:09:10:82:da:05:ea:d2:1e:f5:1f:cd:38:d2:39:a3:
23:ad:01:18:d7:54:74:27:63:16:46:69:a7:fd:07:a8:87:9a:
34:04:85:75:ec:b6:f3:30:78:13:91:8a:e8:70:86:43:e9:c2:
7c:ff:a8:e9:14:89:76:2b:02:eb:05:db:cb:47:23:2a:43:fc:
81:a7:43:88
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuXVd/doJsbxravgnEH/NNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWNmMTBjMzFmMmVkYmI1NTdkNTU0MDk3M2M4ODA3OWIz
MzIwMGYwHhcNMjMwMTAxMTcyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOThiY2Q3Yzg1ZGFkNjZlZmViZTc3OWRlNDdmZGYzMDU4YjU3ZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOlnmOhZJzuLd8DxhQVsgPUgi7GZ
mchZGhLvaGenZEpybjeoJH95n3FINqPfpfa/sCPrUosNgEaUiYs/O4lA6BXegnT8
pkVfLJmeG9rlULVzJkAv9rmbN+wMVmgo9kXROJEji5RnVjGQu9rYt4mfx0CYJySU
MVWFKx5BPTQ22oYsaHImQDWlmLeIsY1OYUYmQ+U53B4YlB2Ff/Pa75P6fD4sD+FQ
3VHEvb+RVb4xbmwfLNJtWAXUcT60/Q10KGC9FpKo28L8jsk2dlhnko3nRzDzy55Q
MDRpPBeTkpVXKD57RqJkriX2RWC1bPuDpny4ea8Z5k3x4EhVq/X8OADv9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAmLzXyF2tZu/r53neR/3zBYtX8jMB8GA1UdIwQY
MBaAFKec8Qwx8u27VX1VQJc8iAebMyAPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV6eERESHk3YnRWZlZWQWx6eUlCNXN6SUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yNjliZTktOTNmZi00YzEyLTkxYmEt
MWE5YjE1NTUxMzZhLzEvQ1l2TmZJWGExbTctdm5lZDVIX2ZNRmkxZnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yNjliZTktOTNmZi00YzEyLTkxYmEtMWE5YjE1NTUxMzZh
LzEvcDV6eERESHk3YnRWZlZWQWx6eUlCNXN6SUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLVHQAwQC
LZnMAwQCuXEwAwQCufEAMA0EAgACMAcDBQMqBmgAMA0GCSqGSIb3DQEBCwUAA4IB
AQBon+aRjz48aG+AIl6GPrwt6cbjHUk4cIlT/rFtL4ohoG73on2beItEXqTPudlE
RjC7ViylRSKL78iIvhTDHZ+272Q6sNfMcioXZmNt+0k+44eaj/mN9IV1s9yU0cIT
lqA5ftI68jzennTpzCe8jRqbT+kDGbO9Fx1l/jgjV4ANvWErVeAoX/0MCm/mXkiH
/bNRCFFBCWkptTgA3lbpHfMuTrL7BNsr2qYpah7ETN+AlA3dt0v5UrwJEILaBerS
HvUfzTjSOaMjrQEY11R0J2MWRmmn/Qeoh5o0BIV17LbzMHgTkYrocIZD6cJ8/6jp
FIl2KwLrBdvLRyMqQ/yBp0OI
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:51:38 2025 by rpki-client