Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/yuBL35uF5GZYgV_L3QJMvIOV6s0.roa
File: yuBL35uF5GZYgV_L3QJMvIOV6s0.roa (raw, json)
Hash identifier: UU9H8Pcm7IZB9IKUncyPK7WPwvWKp0pVBAbUl2kqAOw=
Subject key identifier: CA:E0:4B:DF:9B:85:E4:66:58:81:5F:CB:DD:02:4C:BC:83:95:EA:CD
Certificate issuer: /CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4
Certificate serial: 018340C240EAA3CFF8ACDEE9D16AC82747EE
Authority key identifier: B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/yuBL35uF5GZYgV_L3QJMvIOV6s0.roa
Signing time: Thu 15 Sep 2022 10:46:55 +0000
ROA not before: Thu 15 Sep 2022 10:46:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209030
IP address blocks: 82.202.187.0/24 maxlen: 24
82.202.191.0/24 maxlen: 24
82.202.190.0/24 maxlen: 24
82.202.189.0/24 maxlen: 24
82.202.188.0/24 maxlen: 24
82.202.186.0/24 maxlen: 24
2a13:c80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:c2:40:ea:a3:cf:f8:ac:de:e9:d1:6a:c8:27:47:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4
Validity
Not Before: Sep 15 10:46:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cae04bdf9b85e46658815fcbdd024cbc8395eacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0e:9b:2d:a9:39:e7:c2:f9:8d:e3:4b:51:6c:
e6:de:21:ca:41:79:c0:6b:3b:4b:3d:97:8c:66:03:
b1:2b:a2:51:44:d7:c3:a5:39:6d:e4:ad:20:63:19:
49:8d:ac:79:c1:15:dc:e9:72:80:a0:a7:a2:ad:83:
05:72:6f:70:51:f3:b5:0d:4a:50:9f:e2:31:b3:19:
22:d9:5c:24:be:2d:66:ba:7a:0c:d3:14:13:0e:c1:
2a:1a:46:36:29:86:77:23:1c:9d:9b:71:08:90:04:
ff:8c:5d:48:2d:29:08:e1:bd:45:02:05:ad:2e:13:
be:73:97:40:8c:fa:2e:dd:d1:a8:53:c6:8c:b4:a7:
91:7f:bf:12:5e:4d:9c:07:46:ab:01:ee:3b:16:c2:
34:2e:aa:f7:4d:77:fc:2d:4d:c6:f0:ed:2e:9c:28:
3f:ad:e6:3e:ad:a5:12:9d:57:92:e0:9f:62:db:d5:
1e:ec:3a:e0:60:fd:3f:b8:82:29:5a:77:ac:82:71:
0b:e5:97:e9:b8:3c:b2:9f:c0:cd:05:8f:a3:55:e6:
3f:73:00:01:d0:41:e5:72:d0:84:38:37:d4:a8:55:
ae:aa:98:c1:f1:3c:fc:4e:4c:57:f5:ea:74:17:bc:
21:1d:13:d0:c3:8b:54:8a:4e:1b:b8:14:12:78:60:
f9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E0:4B:DF:9B:85:E4:66:58:81:5F:CB:DD:02:4C:BC:83:95:EA:CD
X509v3 Authority Key Identifier:
keyid:B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/yuBL35uF5GZYgV_L3QJMvIOV6s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.202.186.0-82.202.191.255
IPv6:
2a13:c80::/32
Signature Algorithm: sha256WithRSAEncryption
46:6f:f9:df:f7:ca:34:7a:b3:19:af:3a:af:a6:3a:94:22:63:
f7:dc:ac:c2:ab:19:68:f0:5c:38:2f:46:15:f0:80:5a:f5:16:
07:32:87:b3:10:02:49:9f:34:80:da:f2:b4:94:0e:6c:63:16:
01:cd:97:d4:09:62:4f:11:94:2d:a4:32:0a:1c:35:a9:dd:a0:
be:f1:7d:d5:97:e1:d7:d1:30:f5:72:e5:bf:11:db:2b:9e:33:
19:e3:6b:92:fc:93:c0:d4:9c:fc:55:61:ae:13:e5:a1:6d:44:
e4:94:33:3f:d8:8f:d7:29:88:85:13:21:a8:70:a0:e4:76:ab:
35:88:0f:05:d1:1b:d5:10:51:46:3c:ac:9d:86:ee:ee:e6:88:
d9:ec:00:03:5c:e0:bf:af:b3:72:92:9c:e9:93:bb:61:7c:63:
ee:bd:39:45:fa:18:04:1e:56:a6:97:69:2f:41:c5:29:8c:30:
1b:94:4f:85:58:1a:11:1f:06:a1:40:49:47:38:f0:6b:f1:4a:
6f:c0:e1:61:24:f5:c1:f6:fd:3a:62:e8:53:5b:64:20:56:cf:
1f:ab:d0:a9:b4:29:20:2d:4d:00:bc:42:ef:0b:ad:8f:84:c2:
8a:e2:7f:cc:48:30:78:dd:a1:5c:43:b9:8a:b1:44:98:dd:31:
56:02:7e:ad
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYNAwkDqo8/4rN7p0WrIJ0fuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWZhMzdiZDBkZGFkZWI3ZmVhMmI5YmU2NGIxMTA4ZTIw
ZGU5YjQwHhcNMjIwOTE1MTA0NjU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWUwNGJkZjliODVlNDY2NTg4MTVmY2JkZDAyNGNiYzgzOTVlYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw6bLak558L5jeNLUWzm3iHKQXnA
aztLPZeMZgOxK6JRRNfDpTlt5K0gYxlJjax5wRXc6XKAoKeirYMFcm9wUfO1DUpQ
n+Ixsxki2Vwkvi1munoM0xQTDsEqGkY2KYZ3Ixydm3EIkAT/jF1ILSkI4b1FAgWt
LhO+c5dAjPou3dGoU8aMtKeRf78SXk2cB0arAe47FsI0Lqr3TXf8LU3G8O0unCg/
reY+raUSnVeS4J9i29Ue7DrgYP0/uIIpWnesgnEL5ZfpuDyyn8DNBY+jVeY/cwAB
0EHlctCEODfUqFWuqpjB8Tz8TkxX9ep0F7whHRPQw4tUik4buBQSeGD5iQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMrgS9+bheRmWIFfy90CTLyDlerNMB8GA1UdIwQY
MBaAFLWvo3vQ3a3rf+orm+ZLEQjiDem0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYt
NWE5NWNjODBjZDFiLzEveXVCTDM1dUY1R1pZZ1ZfTDNRSk12SU9WNnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYtNWE5NWNjODBjZDFi
LzEvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAFSyroD
BAZSyoAwDQQCAAIwBwMFACoTDIAwDQYJKoZIhvcNAQELBQADggEBAEZv+d/3yjR6
sxmvOq+mOpQiY/fcrMKrGWjwXDgvRhXwgFr1Fgcyh7MQAkmfNIDa8rSUDmxjFgHN
l9QJYk8RlC2kMgocNandoL7xfdWX4dfRMPVy5b8R2yueMxnja5L8k8DUnPxVYa4T
5aFtROSUMz/Yj9cpiIUTIahwoOR2qzWIDwXRG9UQUUY8rJ2G7u7miNnsAANc4L+v
s3KSnOmTu2F8Y+69OUX6GAQeVqaXaS9BxSmMMBuUT4VYGhEfBqFASUc48GvxSm/A
4WEk9cH2/Tpi6FNbZCBWzx+r0Km0KSAtTQC8Qu8LrY+Eworif8xIMHjdoVxDuYqx
RJjdMVYCfq0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:59 2025 by rpki-client