Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/YwTwqMAUqSePFvJm0HMKRGqvPdk.roa
File: YwTwqMAUqSePFvJm0HMKRGqvPdk.roa (raw, json)
Hash identifier: b3K1gNuG3slAEpm4L/6yZDM0DAv1LAYZHZEojmiPD4g=
Subject key identifier: 63:04:F0:A8:C0:14:A9:27:8F:16:F2:66:D0:73:0A:44:6A:AF:3D:D9
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 0187C68CB068A432B058F760FFF5FFC403F1
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/YwTwqMAUqSePFvJm0HMKRGqvPdk.roa
Signing time: Fri 28 Apr 2023 06:28:41 +0000
ROA not before: Fri 28 Apr 2023 06:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203759
IP address blocks: 45.129.40.0/21 maxlen: 24
185.86.188.0/22 maxlen: 24
193.148.160.0/19 maxlen: 24
185.124.192.0/22 maxlen: 24
193.19.128.0/22 maxlen: 24
2a05:b540::/29 maxlen: 48
2a06:b500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:8c:b0:68:a4:32:b0:58:f7:60:ff:f5:ff:c4:03:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Apr 28 06:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6304f0a8c014a9278f16f266d0730a446aaf3dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:69:16:61:ef:41:7b:1d:dd:e8:5b:93:b7:69:
2d:1b:ef:13:b7:cc:b9:e2:0b:f9:f1:c9:14:72:8a:
df:5f:78:46:e4:1e:80:3b:0c:6a:f8:bd:54:09:8c:
1c:d7:d1:42:b3:57:2d:c2:b4:29:20:3e:57:ca:78:
0c:b7:17:85:6e:13:22:27:00:c4:a0:d5:93:fa:54:
cb:fa:63:1a:a7:0b:47:0f:86:e6:dd:02:15:a7:9d:
1e:5d:be:69:be:a3:12:ea:cc:b4:b5:e4:88:08:48:
bd:f0:bc:a8:25:8d:05:8f:a7:44:b2:b3:26:a5:29:
f9:20:0d:d3:0e:a6:11:62:9d:2c:e2:96:8a:6a:09:
0a:ed:d5:5e:ef:76:2a:2a:51:7b:9f:f1:d2:d1:58:
58:90:35:6c:f1:b4:e6:52:6b:ff:2a:1d:43:a7:14:
a9:67:1f:25:d0:19:d3:33:1c:53:8f:4b:84:b8:41:
e6:69:4f:9b:4d:21:a8:25:06:5d:7a:4a:81:ba:5e:
d9:43:73:a9:f3:55:a2:f3:37:e6:28:65:e0:e3:1e:
94:4e:52:ba:4c:a0:bf:d7:18:23:f7:70:c3:c3:08:
77:52:52:75:25:01:ed:16:f5:d1:08:08:68:47:b9:
3d:28:c5:6f:4b:a7:4e:1b:0e:94:47:af:77:5d:ed:
2f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:04:F0:A8:C0:14:A9:27:8F:16:F2:66:D0:73:0A:44:6A:AF:3D:D9
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/YwTwqMAUqSePFvJm0HMKRGqvPdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.40.0/21
185.86.188.0/22
185.124.192.0/22
193.19.128.0/22
193.148.160.0/19
IPv6:
2a05:b540::/29
2a06:b500::/29
Signature Algorithm: sha256WithRSAEncryption
00:c8:0f:d6:c6:2a:9f:49:50:03:fa:5e:99:9d:23:98:5f:70:
d4:87:27:93:f5:b8:25:ab:be:c3:6d:37:8d:80:c8:24:1c:fe:
25:19:fb:4c:68:b0:3f:7b:c2:4b:c9:98:35:89:bf:dd:1a:79:
ac:ee:da:58:69:35:51:4d:ab:24:b3:0c:f3:7e:d2:0b:06:db:
16:4d:e2:57:1b:14:e0:fc:c3:ea:ee:46:58:44:24:62:bc:09:
ef:bf:17:a3:4b:76:6b:d2:1f:a9:85:b9:95:84:a9:04:cd:f2:
28:d8:22:02:88:ac:e3:67:bc:30:89:d1:97:f8:9d:4a:84:3b:
7c:05:48:a1:aa:86:c6:4a:d8:10:44:bf:48:c3:27:d3:ac:9f:
07:4d:fa:51:34:d4:40:0e:71:36:d5:83:f6:84:f1:63:41:84:
7a:34:2a:4d:00:4d:b6:bc:ac:35:a3:85:cc:f3:43:44:20:9c:
40:e6:1a:94:08:aa:95:57:f1:22:a9:20:82:89:ea:e6:74:0d:
21:23:c0:f9:7c:44:a3:64:c4:8b:44:4c:97:6a:db:d0:7b:08:
54:75:c1:07:b6:12:ad:18:db:fd:a3:ba:12:10:ad:0e:d4:db:
bb:6f:d9:0b:84:56:11:35:28:bf:81:6e:a2:53:20:e6:76:2b:
13:f4:5d:47
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYfGjLBopDKwWPdg//X/xAPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjYwYjIzZmUzYjg2NDJkNmJmNDc1ZjhlYjdmY2FkOWQx
M2M0MTMwHhcNMjMwNDI4MDYyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA0ZjBhOGMwMTRhOTI3OGYxNmYyNjZkMDczMGE0NDZhYWYzZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmkWYe9Bex3d6FuTt2ktG+8Tt8y5
4gv58ckUcorfX3hG5B6AOwxq+L1UCYwc19FCs1ctwrQpID5XyngMtxeFbhMiJwDE
oNWT+lTL+mMapwtHD4bm3QIVp50eXb5pvqMS6sy0teSICEi98LyoJY0Fj6dEsrMm
pSn5IA3TDqYRYp0s4paKagkK7dVe73YqKlF7n/HS0VhYkDVs8bTmUmv/Kh1DpxSp
Zx8l0BnTMxxTj0uEuEHmaU+bTSGoJQZdekqBul7ZQ3Op81Wi8zfmKGXg4x6UTlK6
TKC/1xgj93DDwwh3UlJ1JQHtFvXRCAhoR7k9KMVvS6dOGw6UR693Xe0v4wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGME8KjAFKknjxbyZtBzCkRqrz3ZMB8GA1UdIwQY
MBaAFJJmCyP+O4ZC1r9HX463/K2dE8QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWIt
MTNlZjFjNDU1Y2M0LzEvWXdUd3FNQVVxU2VQRnZKbTBITUtSR3F2UGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWItMTNlZjFjNDU1Y2M0
LzEva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDLYEoAwQC
uVa8AwQCuXzAAwQCwROAAwQFwZSgMBQEAgACMA4DBQMqBbVAAwUDKga1ADANBgkq
hkiG9w0BAQsFAAOCAQEAAMgP1sYqn0lQA/pemZ0jmF9w1Icnk/W4Jau+w203jYDI
JBz+JRn7TGiwP3vCS8mYNYm/3Rp5rO7aWGk1UU2rJLMM837SCwbbFk3iVxsU4PzD
6u5GWEQkYrwJ778Xo0t2a9IfqYW5lYSpBM3yKNgiAois42e8MInRl/idSoQ7fAVI
oaqGxkrYEES/SMMn06yfB036UTTUQA5xNtWD9oTxY0GEejQqTQBNtrysNaOFzPND
RCCcQOYalAiqlVfxIqkggonq5nQNISPA+XxEo2TEi0RMl2rb0HsIVHXBB7YSrRjb
/aO6EhCtDtTbu2/ZC4RWETUov4FuolMg5nYrE/RdRw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:05 2025 by rpki-client