Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/Yulq_N2aPHnbfsX9Znxym_SwipU.roa
File: Yulq_N2aPHnbfsX9Znxym_SwipU.roa (raw, json)
Hash identifier: YVF+7MBwF5wl2gQdtUtCjGEgAjs08x4/0tnGpOfszYY=
Subject key identifier: 62:E9:6A:FC:DD:9A:3C:79:DB:7E:C5:FD:66:7C:72:9B:F4:B0:8A:95
Certificate issuer: /CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Certificate serial: 0185728C71DDDCF9C509B235EDAC8922C72C
Authority key identifier: B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/Yulq_N2aPHnbfsX9Znxym_SwipU.roa
Signing time: Mon 02 Jan 2023 12:54:44 +0000
ROA not before: Mon 02 Jan 2023 12:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204634
IP address blocks: 185.248.130.0/24 maxlen: 24
194.31.171.0/24 maxlen: 24
185.248.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:71:dd:dc:f9:c5:09:b2:35:ed:ac:89:22:c7:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Validity
Not Before: Jan 2 12:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62e96afcdd9a3c79db7ec5fd667c729bf4b08a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:49:7e:8b:d2:40:8e:42:d9:8a:e4:82:da:f5:
9b:73:b8:42:6e:cf:15:8a:d7:d5:cc:b1:43:fc:be:
a6:ce:05:5b:30:18:bb:78:3a:f0:61:8a:f6:3b:24:
15:dc:c6:25:7a:41:26:f0:bb:c4:43:ba:ad:8b:e6:
95:41:fe:65:3d:6e:53:d1:98:33:5c:b9:1c:66:10:
c9:42:1a:28:56:24:3a:20:38:e0:ae:c5:78:f6:ea:
d6:85:99:8c:0a:3e:fe:fb:d4:c5:44:d2:bd:ff:64:
65:8c:6a:5c:34:de:88:ac:43:8e:1d:6c:e0:f3:c4:
98:46:d6:87:4a:fa:bf:97:4b:11:c1:4f:71:5e:1e:
ac:2b:6f:5b:9a:e1:e2:c8:a5:27:35:6f:48:0b:ed:
9c:d3:50:3b:ce:e5:4e:45:08:e1:96:2c:37:f6:3c:
4d:8f:fc:f2:14:07:54:59:7a:e5:b5:cd:aa:39:e5:
23:d6:de:0c:48:fc:61:98:13:c9:3e:42:d7:7f:a7:
91:72:31:a5:02:54:9b:1c:d2:68:cd:03:80:5f:8c:
d5:17:c5:86:b7:5b:63:38:8a:b7:07:c0:59:5d:e0:
3c:ea:48:2c:b6:8c:94:8d:f3:31:2f:c5:71:62:b2:
fe:65:8c:b8:29:9c:13:f4:e4:dd:ca:08:b4:b2:56:
5a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E9:6A:FC:DD:9A:3C:79:DB:7E:C5:FD:66:7C:72:9B:F4:B0:8A:95
X509v3 Authority Key Identifier:
keyid:B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/Yulq_N2aPHnbfsX9Znxym_SwipU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.130.0/23
194.31.171.0/24
Signature Algorithm: sha256WithRSAEncryption
84:d4:45:0f:3f:f3:75:8f:09:99:58:f1:f0:7c:1a:28:8f:18:
16:f0:7a:d3:7e:e6:5a:03:d5:da:23:96:1c:92:95:55:e0:12:
ab:fa:f1:da:9c:ea:29:18:67:e6:92:ad:53:d3:0b:e4:fc:07:
d8:9c:28:4e:66:85:23:4b:a2:67:b8:13:23:3c:5e:30:48:61:
64:3d:f6:52:21:64:14:72:e7:73:f3:0d:82:97:4c:ce:b6:33:
35:c0:9b:f8:9e:d2:43:34:97:93:24:4f:24:33:63:70:06:5f:
ae:75:79:af:f3:81:d1:08:39:22:c1:11:7c:d1:46:a4:85:99:
a0:cf:33:68:92:ef:e5:dc:a5:b9:d0:2d:0d:8f:81:f1:0c:94:
21:3d:9c:6f:00:5f:5d:c8:ca:c5:6b:aa:11:a1:42:b3:cf:e9:
84:a3:e5:c9:ec:79:5e:e1:0d:49:d3:6f:10:c8:79:6c:a0:60:
e3:80:71:29:62:8e:b0:62:d3:83:42:b6:30:ed:f9:3f:4b:e3:
1a:d6:51:7b:23:70:5c:01:b0:72:1c:3b:9c:74:17:f7:ba:17:
2b:c8:29:3a:b9:d9:0d:81:fa:47:e4:db:ff:5c:a6:a6:bb:37:
3e:a6:d9:c1:26:c5:5e:b4:6d:d9:3a:e9:d3:95:1e:59:d5:ab:
55:d4:00:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyjHHd3PnFCbI17ayJIscsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MGQ2Y2E5NWUyNzcwZjU1MzQwZDkwOWVjN2M5N2VlY2Ez
ZmUyMGUwHhcNMjMwMTAyMTI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmU5NmFmY2RkOWEzYzc5ZGI3ZWM1ZmQ2NjdjNzI5YmY0YjA4YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEl+i9JAjkLZiuSC2vWbc7hCbs8V
itfVzLFD/L6mzgVbMBi7eDrwYYr2OyQV3MYlekEm8LvEQ7qti+aVQf5lPW5T0Zgz
XLkcZhDJQhooViQ6IDjgrsV49urWhZmMCj7++9TFRNK9/2RljGpcNN6IrEOOHWzg
88SYRtaHSvq/l0sRwU9xXh6sK29bmuHiyKUnNW9IC+2c01A7zuVORQjhliw39jxN
j/zyFAdUWXrltc2qOeUj1t4MSPxhmBPJPkLXf6eRcjGlAlSbHNJozQOAX4zVF8WG
t1tjOIq3B8BZXeA86kgstoyUjfMxL8VxYrL+ZYy4KZwT9OTdygi0slZajQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGLpavzdmjx5237F/WZ8cpv0sIqVMB8GA1UdIwQY
MBaAFLYNbKleJ3D1U0DZCex8l+7KP+IOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUt
MjM4NDdhNDBkOWU0LzEvWXVscV9OMmFQSG5iZnNYOVpueHltX1N3aXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUtMjM4NDdhNDBkOWU0
LzEvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBufiCAwQA
wh+rMA0GCSqGSIb3DQEBCwUAA4IBAQCE1EUPP/N1jwmZWPHwfBoojxgW8HrTfuZa
A9XaI5YckpVV4BKr+vHanOopGGfmkq1T0wvk/AfYnChOZoUjS6JnuBMjPF4wSGFk
PfZSIWQUcudz8w2Cl0zOtjM1wJv4ntJDNJeTJE8kM2NwBl+udXmv84HRCDkiwRF8
0UakhZmgzzNoku/l3KW50C0Nj4HxDJQhPZxvAF9dyMrFa6oRoUKzz+mEo+XJ7Hle
4Q1J028QyHlsoGDjgHEpYo6wYtODQrYw7fk/S+Ma1lF7I3BcAbByHDucdBf3uhcr
yCk6udkNgfpH5Nv/XKamuzc+ptnBJsVetG3ZOunTlR5Z1atV1AB2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:52 2025 by rpki-client