Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/yxzZNibLCPI-pjvf4RpLjwjVPwc.roa
File: yxzZNibLCPI-pjvf4RpLjwjVPwc.roa (raw, json)
Hash identifier: VEHumy0tbIrMwyrvyXyn5EXAIkwvSWRDz/qcNxj/Zw8=
Subject key identifier: CB:1C:D9:36:26:CB:08:F2:3E:A6:3B:DF:E1:1A:4B:8F:08:D5:3F:07
Certificate issuer: /CN=1b6df0bc093f298b043522ebd4ede19793081a29
Certificate serial: 01856DDD456DC720CAE18E50D6B2955FF7EE
Authority key identifier: 1B:6D:F0:BC:09:3F:29:8B:04:35:22:EB:D4:ED:E1:97:93:08:1A:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G23wvAk_KYsENSLr1O3hl5MIGik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/yxzZNibLCPI-pjvf4RpLjwjVPwc.roa
Signing time: Sun 01 Jan 2023 15:04:55 +0000
ROA not before: Sun 01 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42221
IP address blocks: 185.87.0.0/24 maxlen: 24
185.87.3.0/24 maxlen: 24
185.87.2.0/24 maxlen: 24
185.87.1.0/24 maxlen: 24
2a05:bd04::/31 maxlen: 31
2a05:bd06::/31 maxlen: 31
2a05:bd02::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:45:6d:c7:20:ca:e1:8e:50:d6:b2:95:5f:f7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b6df0bc093f298b043522ebd4ede19793081a29
Validity
Not Before: Jan 1 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb1cd93626cb08f23ea63bdfe11a4b8f08d53f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:9d:51:49:d5:20:2f:72:2c:14:2b:0d:1d:
68:05:8e:09:fb:09:9d:b4:4a:fe:38:6b:af:6b:1d:
0d:d1:13:e4:5d:52:8d:2f:41:1d:4f:03:cd:55:9d:
be:06:0b:46:3f:39:df:c4:70:54:0f:d6:f4:77:84:
51:d5:51:34:ec:83:41:36:89:1c:35:9f:a9:ef:a4:
7c:60:d4:0c:d1:0f:3c:25:33:05:0f:2e:ca:4d:13:
be:eb:c2:95:ef:1a:73:e1:f0:75:6d:72:fd:6b:6f:
d7:45:ee:05:c1:25:3f:8a:12:44:74:e1:3c:0b:af:
da:4f:7d:12:bf:17:47:b7:92:7b:e0:be:ff:c8:85:
c7:12:01:18:c1:78:e3:da:6a:1f:01:a7:d7:72:60:
3e:4a:6f:a6:d7:89:d6:fc:84:11:03:db:ea:e7:a6:
d4:75:a9:34:57:d0:97:b6:b1:27:99:08:a5:f2:d1:
0a:52:0f:e7:c7:98:74:ac:33:5d:bf:48:75:57:37:
d3:a6:a7:8c:5a:cd:c9:f1:b4:72:81:dd:78:da:b0:
93:66:06:9a:7a:05:ad:27:d2:fb:b5:7e:1a:fc:f4:
7a:56:05:22:a3:17:ae:2a:ef:88:30:9e:1c:72:e9:
41:be:ec:7b:0f:ba:66:0b:4b:fd:b4:ef:f6:0d:a0:
bc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1C:D9:36:26:CB:08:F2:3E:A6:3B:DF:E1:1A:4B:8F:08:D5:3F:07
X509v3 Authority Key Identifier:
keyid:1B:6D:F0:BC:09:3F:29:8B:04:35:22:EB:D4:ED:E1:97:93:08:1A:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G23wvAk_KYsENSLr1O3hl5MIGik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/yxzZNibLCPI-pjvf4RpLjwjVPwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/G23wvAk_KYsENSLr1O3hl5MIGik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.0.0/22
IPv6:
2a05:bd02::-2a05:bd07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
21:ce:e9:ed:59:40:a2:e0:34:0a:d1:94:62:c1:bb:43:8a:82:
5f:8c:cd:c5:1f:b1:51:45:10:db:f9:19:1d:a8:a8:22:fb:5a:
04:65:1b:58:d7:e1:b2:e2:35:02:00:1b:73:f2:37:ff:4e:54:
f4:9c:29:4d:c1:f8:c5:54:de:20:0b:a6:4d:10:3d:6f:a4:65:
38:dd:b3:93:5c:b7:83:af:69:25:5b:4d:8b:ef:2a:63:35:20:
31:01:f4:44:cf:90:3b:84:fc:e8:f8:ea:47:30:a3:e6:d7:bd:
aa:d4:1b:af:64:9e:55:d2:fc:f3:9a:44:a1:62:16:04:53:db:
75:80:39:61:4b:a1:b7:c9:f8:7a:60:ff:53:d9:cf:b6:0d:a7:
72:12:5f:32:d0:63:b3:e1:dd:6c:fa:d2:57:da:52:dc:24:61:
18:9f:de:08:91:e3:59:80:97:2d:11:04:aa:4c:7d:b1:73:8f:
5e:93:c9:ac:36:6d:2c:86:7a:2f:7b:d8:d0:52:53:5a:00:76:
77:d3:b0:b5:0b:9e:af:02:87:ab:6d:b6:b4:3f:70:d5:93:18:
b7:5c:5f:9c:8a:73:01:64:93:fd:8a:e0:f0:ed:ea:98:d6:e7:
fe:a9:77:ba:d1:8a:7f:73:02:e1:a3:79:3a:2f:1a:69:0e:04:
21:e1:97:35
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVt3UVtxyDK4Y5Q1rKVX/fuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmRmMGJjMDkzZjI5OGIwNDM1MjJlYmQ0ZWRlMTk3OTMw
ODFhMjkwHhcNMjMwMTAxMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjFjZDkzNjI2Y2IwOGYyM2VhNjNiZGZlMTFhNGI4ZjA4ZDUzZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrGdUUnVIC9yLBQrDR1oBY4J+wmd
tEr+OGuvax0N0RPkXVKNL0EdTwPNVZ2+BgtGPznfxHBUD9b0d4RR1VE07INBNokc
NZ+p76R8YNQM0Q88JTMFDy7KTRO+68KV7xpz4fB1bXL9a2/XRe4FwSU/ihJEdOE8
C6/aT30SvxdHt5J74L7/yIXHEgEYwXjj2mofAafXcmA+Sm+m14nW/IQRA9vq56bU
dak0V9CXtrEnmQil8tEKUg/nx5h0rDNdv0h1VzfTpqeMWs3J8bRygd142rCTZgaa
egWtJ9L7tX4a/PR6VgUioxeuKu+IMJ4cculBvux7D7pmC0v9tO/2DaC8rwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMsc2TYmywjyPqY73+EaS48I1T8HMB8GA1UdIwQY
MBaAFBtt8LwJPymLBDUi69Tt4ZeTCBopMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzIzd3ZBa19LWXNFTlNMcjFPM2hsNU1JR2lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84M2NmMDEtNmNjYS00OGQxLTljYmYt
NWFjNmZkZmRjMGNjLzEveXh6Wk5pYkxDUEktcGp2ZjRScExqd2pWUHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84M2NmMDEtNmNjYS00OGQxLTljYmYtNWFjNmZkZmRjMGNj
LzEvRzIzd3ZBa19LWXNFTlNMcjFPM2hsNU1JR2lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuVcAMBYE
AgACMBAwDgMFASoFvQIDBQMqBb0AMA0GCSqGSIb3DQEBCwUAA4IBAQAhzuntWUCi
4DQK0ZRiwbtDioJfjM3FH7FRRRDb+RkdqKgi+1oEZRtY1+Gy4jUCABtz8jf/TlT0
nClNwfjFVN4gC6ZNED1vpGU43bOTXLeDr2klW02L7ypjNSAxAfREz5A7hPzo+OpH
MKPm172q1BuvZJ5V0vzzmkShYhYEU9t1gDlhS6G3yfh6YP9T2c+2DadyEl8y0GOz
4d1s+tJX2lLcJGEYn94IkeNZgJctEQSqTH2xc49ek8msNm0shnove9jQUlNaAHZ3
07C1C56vAoerbba0P3DVkxi3XF+cinMBZJP9iuDw7eqY1uf+qXe60Yp/cwLho3k6
LxppDgQh4Zc1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:52 2025 by rpki-client