Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/YiOkX1GCXeImACcEhdKHrQFGcCY.roa
File: YiOkX1GCXeImACcEhdKHrQFGcCY.roa (raw, json)
Hash identifier: Y29B68n5G0KDHHq7CXImNPCKHd1O2zJ0JKhMkoZkStY=
Subject key identifier: 62:23:A4:5F:51:82:5D:E2:26:00:27:04:85:D2:87:AD:01:46:70:26
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 03EA3034
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/YiOkX1GCXeImACcEhdKHrQFGcCY.roa
Signing time: Sat 01 Jan 2022 07:54:44 +0000
ROA not before: Sat 01 Jan 2022 07:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203759
IP address blocks: 185.86.188.0/22 maxlen: 24
193.148.162.0/24 maxlen: 24
193.148.160.0/19 maxlen: 24
185.124.192.0/22 maxlen: 24
193.19.128.0/22 maxlen: 24
2a05:b540::/29 maxlen: 48
2a06:b500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65679412 (0x3ea3034)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Jan 1 07:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6223a45f51825de22600270485d287ad01467026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1f:b5:3e:3a:fe:b8:fc:5a:96:cf:4e:44:d2:
94:73:6b:af:24:a2:2b:fa:9a:05:29:37:bb:cd:3a:
c6:41:1b:6f:ab:49:0e:bf:75:c9:69:4a:a6:61:6c:
2e:3d:1d:ce:da:ee:e5:b9:ed:22:cf:99:38:ef:04:
6d:bd:b8:f8:1b:6e:f3:9a:9f:af:89:7e:1d:9c:73:
91:fd:ad:9b:50:4d:24:7d:e4:ce:d5:77:1d:e6:67:
e9:38:d7:ab:f3:aa:9f:91:3a:40:7c:42:35:85:d3:
e4:03:3b:5c:fc:f2:62:7e:5b:d0:4c:cc:f6:67:83:
93:28:c2:b0:30:95:1b:1b:6c:6c:83:46:11:d6:84:
02:20:9f:a4:c2:00:56:1e:31:8e:40:bc:82:8a:a8:
5b:0a:80:8f:f5:92:18:56:a7:2b:56:01:d8:17:f9:
99:d0:da:4a:b5:8d:3e:be:6e:c0:b9:48:85:bc:4e:
a1:85:5d:9e:f0:a3:c9:58:85:f3:3c:34:ac:d4:42:
21:32:fd:17:18:48:6b:e2:ef:9a:fc:cd:a5:c5:bb:
ef:d4:fe:8e:58:0a:b6:8b:09:cc:d6:1f:01:df:72:
81:bb:8e:be:e9:a5:d6:53:97:ce:8e:3c:ce:96:e3:
65:a3:11:cf:4c:11:51:e8:2e:86:54:6a:af:82:e7:
c8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:23:A4:5F:51:82:5D:E2:26:00:27:04:85:D2:87:AD:01:46:70:26
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/YiOkX1GCXeImACcEhdKHrQFGcCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.188.0/22
185.124.192.0/22
193.19.128.0/22
193.148.160.0/19
IPv6:
2a05:b540::/29
2a06:b500::/29
Signature Algorithm: sha256WithRSAEncryption
91:4e:d0:bd:5b:ac:25:3e:71:9a:59:47:63:86:03:05:97:67:
bb:30:4e:70:41:91:ed:5a:e1:f4:6f:9d:2e:23:bc:23:a5:cc:
f2:97:bc:55:ad:55:b7:73:c3:7a:03:36:4b:df:2e:e8:5b:30:
6a:1e:ea:e2:e3:d5:1c:13:69:54:0d:42:b4:67:8b:f1:66:e1:
f7:fa:a1:0e:9d:64:1c:bc:f1:91:0b:6d:47:0d:a2:85:ed:27:
f4:66:4e:3e:50:9d:82:a2:34:6e:6c:e8:84:35:13:0e:2a:ba:
b6:29:e1:49:8a:88:61:87:de:20:a7:78:79:80:2f:00:34:fe:
29:90:53:8e:df:50:5c:6a:29:43:28:36:62:9b:c2:d4:d3:c1:
db:78:f1:85:7d:ce:ef:3e:2b:50:c1:0b:37:2e:23:fc:1b:71:
37:28:73:9e:4e:f7:ad:de:ae:0e:61:9f:e3:a5:d1:8b:10:8c:
98:c4:56:13:90:9e:06:72:09:a2:cc:33:f3:02:9b:20:0f:49:
9b:78:31:74:4c:98:e5:7f:97:ad:e3:6d:7d:4f:5c:fc:38:96:
69:b5:6b:9f:f8:6f:3d:01:30:5a:cf:1b:84:c4:68:4e:9e:1b:
15:02:ad:e3:75:ef:32:3c:47:fb:b4:d6:db:22:17:9a:a1:21:
74:20:55:df
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEA+owNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjY2MGIyM2ZlM2I4NjQyZDZiZjQ3NWY4ZWI3ZmNhZDlkMTNjNDEzMB4XDTIyMDEw
MTA3NTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIyM2E0NWY1MTgy
NWRlMjI2MDAyNzA0ODVkMjg3YWQwMTQ2NzAyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYftT46/rj8WpbPTkTSlHNrrySiK/qaBSk3u806xkEbb6tJ
Dr91yWlKpmFsLj0dztru5bntIs+ZOO8Ebb24+Btu85qfr4l+HZxzkf2tm1BNJH3k
ztV3HeZn6TjXq/Oqn5E6QHxCNYXT5AM7XPzyYn5b0EzM9meDkyjCsDCVGxtsbING
EdaEAiCfpMIAVh4xjkC8goqoWwqAj/WSGFanK1YB2Bf5mdDaSrWNPr5uwLlIhbxO
oYVdnvCjyViF8zw0rNRCITL9FxhIa+LvmvzNpcW779T+jlgKtosJzNYfAd9ygbuO
vuml1lOXzo48zpbjZaMRz0wRUeguhlRqr4LnyI0CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBRiI6RfUYJd4iYAJwSF0oetAUZwJjAfBgNVHSMEGDAWgBSSZgsj/juGQta/
R1+Ot/ytnRPEEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ttWUxJXzQ3aGtMV3YwZGZqcmY4clowVHhCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYWUzYmFjLTNkYTItNGU0OS1iZGFiLTEzZWYxYzQ1NWNjNC8x
L1lpT2tYMUdDWGVJbUFDY0VoZEtIclFGR2NDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YWUzYmFjLTNkYTItNGU0OS1iZGFiLTEzZWYxYzQ1NWNjNC8xL2ttWUxJXzQ3aGtM
V3YwZGZqcmY4clowVHhCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEArlWvAMEArl8wAMEAsETgAMEBcGU
oDAUBAIAAjAOAwUDKgW1QAMFAyoGtQAwDQYJKoZIhvcNAQELBQADggEBAJFO0L1b
rCU+cZpZR2OGAwWXZ7swTnBBke1a4fRvnS4jvCOlzPKXvFWtVbdzw3oDNkvfLuhb
MGoe6uLj1RwTaVQNQrRni/Fm4ff6oQ6dZBy88ZELbUcNooXtJ/RmTj5QnYKiNG5s
6IQ1Ew4qurYp4UmKiGGH3iCneHmALwA0/imQU47fUFxqKUMoNmKbwtTTwdt48YV9
zu8+K1DBCzcuI/wbcTcoc55O963erg5hn+Ol0YsQjJjEVhOQngZyCaLMM/MCmyAP
SZt4MXRMmOV/l63jbX1PXPw4lmm1a5/4bz0BMFrPG4TEaE6eGxUCreN17zI8R/u0
1tsiF5qhIXQgVd8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:58:18 2025 by rpki-client