Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/lY-lN1OaTytwfAdBM5Y6vDNeejQ.roa
File: lY-lN1OaTytwfAdBM5Y6vDNeejQ.roa (raw, json)
Hash identifier: 9MYI9V6A1yxvEKFSyIwKSv9ymZKZI2LWxXFhLhYYcts=
Subject key identifier: 95:8F:A5:37:53:9A:4F:2B:70:7C:07:41:33:96:3A:BC:33:5E:7A:34
Certificate issuer: /CN=c9cd38d1d1c4a23053cd997163318d649a7b2a57
Certificate serial: 182942BC
Authority key identifier: C9:CD:38:D1:D1:C4:A2:30:53:CD:99:71:63:31:8D:64:9A:7B:2A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yc040dHEojBTzZlxYzGNZJp7Klc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/lY-lN1OaTytwfAdBM5Y6vDNeejQ.roa
Signing time: Sat 01 Jan 2022 02:54:48 +0000
ROA not before: Sat 01 Jan 2022 02:54:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205660
IP address blocks: 185.39.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 405357244 (0x182942bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9cd38d1d1c4a23053cd997163318d649a7b2a57
Validity
Not Before: Jan 1 02:54:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=958fa537539a4f2b707c074133963abc335e7a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:65:df:1f:65:cc:9e:5e:05:fd:7b:f1:97:
ec:26:99:6d:d9:eb:46:27:77:ed:68:61:c5:41:6c:
2e:f3:90:5d:8d:23:d0:71:f5:a3:ca:28:ff:6f:31:
ad:b3:f1:64:a6:88:38:6a:34:e3:28:cc:5d:a9:ec:
8f:2f:b1:47:94:eb:c5:ba:e1:1e:ff:fe:61:99:4b:
cb:37:ba:db:d7:43:05:c7:20:ca:5f:dd:ab:47:f1:
29:91:56:2d:ae:31:73:3e:ff:ce:61:46:ad:9b:74:
5d:44:43:40:e2:6a:c9:e8:a6:14:b0:26:f6:d1:3a:
7a:80:71:f0:b2:ef:f4:22:cd:c1:c9:2c:21:24:b5:
33:1d:e5:18:6c:8f:3c:c1:38:3d:55:61:8d:a5:e3:
3e:d8:3e:0e:c8:35:b0:bb:b4:ef:93:58:04:24:a5:
41:14:71:ff:b6:fe:4a:b3:b0:45:0e:94:38:fb:e8:
ef:ec:00:e4:e4:0f:e6:e9:1c:1d:98:4d:f3:64:d7:
4a:83:b9:06:39:a7:63:d1:6a:28:1b:32:95:a9:f2:
27:f3:6c:a7:c3:d0:a7:c8:79:5a:70:f6:f8:ac:86:
16:d6:94:f8:2a:1d:3c:96:b2:4a:b6:94:5f:ac:1b:
12:20:68:49:7f:c6:6f:0e:00:f5:a9:23:e8:6b:13:
c9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8F:A5:37:53:9A:4F:2B:70:7C:07:41:33:96:3A:BC:33:5E:7A:34
X509v3 Authority Key Identifier:
keyid:C9:CD:38:D1:D1:C4:A2:30:53:CD:99:71:63:31:8D:64:9A:7B:2A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yc040dHEojBTzZlxYzGNZJp7Klc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/lY-lN1OaTytwfAdBM5Y6vDNeejQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/yc040dHEojBTzZlxYzGNZJp7Klc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.253.0/24
Signature Algorithm: sha256WithRSAEncryption
58:38:d2:43:ee:26:e9:50:8b:24:33:fe:cc:11:b9:a9:8e:94:
82:6f:4d:13:9d:26:c0:24:37:65:99:b9:83:8c:6f:31:2b:16:
ad:c8:de:13:11:9e:b5:8f:d2:eb:ae:0a:6f:4f:05:d7:c9:00:
25:00:7b:c8:ec:6c:5a:ed:02:23:a9:aa:23:09:20:55:95:ee:
d0:3d:5e:ae:ab:6e:1e:3c:20:26:cd:5b:f8:c8:68:fc:bc:ed:
6b:57:79:1e:bb:10:35:7f:8f:6f:74:1d:7e:54:f3:a0:c2:36:
c6:b4:6c:7e:d4:e2:5a:c0:05:42:97:14:37:cc:7a:a7:2a:a6:
83:92:82:5d:96:0a:82:23:19:3e:b0:75:27:31:da:af:72:2e:
22:c4:3a:39:cd:9b:23:a3:0d:39:5b:44:25:5c:ef:1c:16:f7:
ba:c4:e2:18:a6:65:19:85:39:a9:81:42:8b:c7:c3:7c:3e:09:
f3:8a:77:a4:65:7b:9a:bb:f6:b9:e5:97:f1:d7:df:11:ca:a6:
36:a6:43:bf:ee:ef:91:58:c1:93:72:a8:ee:80:05:c5:8e:83:
66:2e:c8:2c:36:f0:af:67:04:02:59:c4:11:1d:42:de:b7:39:
7d:f9:95:03:b8:3f:1b:00:33:ef:dd:69:7b:2d:4d:b3:17:b7:
d6:dc:7d:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGClCvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWNkMzhkMWQxYzRhMjMwNTNjZDk5NzE2MzMxOGQ2NDlhN2IyYTU3MB4XDTIyMDEw
MTAyNTQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU4ZmE1Mzc1Mzlh
NGYyYjcwN2MwNzQxMzM5NjNhYmMzMzVlN2EzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALntZd8fZcyeXgX9e/GX7CaZbdnrRid37WhhxUFsLvOQXY0j
0HH1o8oo/28xrbPxZKaIOGo04yjMXansjy+xR5TrxbrhHv/+YZlLyze629dDBccg
yl/dq0fxKZFWLa4xcz7/zmFGrZt0XURDQOJqyeimFLAm9tE6eoBx8LLv9CLNwcks
ISS1Mx3lGGyPPME4PVVhjaXjPtg+Dsg1sLu075NYBCSlQRRx/7b+SrOwRQ6UOPvo
7+wA5OQP5ukcHZhN82TXSoO5BjmnY9FqKBsylanyJ/Nsp8PQp8h5WnD2+KyGFtaU
+CodPJaySraUX6wbEiBoSX/Gbw4A9akj6GsTyX8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSVj6U3U5pPK3B8B0Ezljq8M156NDAfBgNVHSMEGDAWgBTJzTjR0cSiMFPN
mXFjMY1kmnsqVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ljMDQwZEhFb2pCVHpabHhZekdOWkpwN0tsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvMjJlNDlkLTY5NTMtNGZjOC1hODk2LWM1YzM1ODgzN2E4NC8x
L2xZLWxOMU9hVHl0d2ZBZEJNNVk2dkROZWVqUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
MjJlNDlkLTY5NTMtNGZjOC1hODk2LWM1YzM1ODgzN2E4NC8xL3ljMDQwZEhFb2pC
VHpabHhZekdOWkpwN0tsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkn/TANBgkqhkiG9w0BAQsFAAOC
AQEAWDjSQ+4m6VCLJDP+zBG5qY6Ugm9NE50mwCQ3ZZm5g4xvMSsWrcjeExGetY/S
664Kb08F18kAJQB7yOxsWu0CI6mqIwkgVZXu0D1erqtuHjwgJs1b+Mho/Lzta1d5
HrsQNX+Pb3QdflTzoMI2xrRsftTiWsAFQpcUN8x6pyqmg5KCXZYKgiMZPrB1JzHa
r3IuIsQ6Oc2bI6MNOVtEJVzvHBb3usTiGKZlGYU5qYFCi8fDfD4J84p3pGV7mrv2
ueWX8dffEcqmNqZDv+7vkVjBk3Ko7oAFxY6DZi7ILDbwr2cEAlnEER1C3rc5ffmV
A7g/GwAz791pey1Nsxe31tx95A==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:12:03 2025 by rpki-client