Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/Ybo4hn9QDuF-07lQfvwD2aUJQSs.roa
File: Ybo4hn9QDuF-07lQfvwD2aUJQSs.roa (raw, json)
Hash identifier: 8z5ZEFDm55+NRhP2HdYqukerU4rJuZA8vUwiKmcYYBo=
Subject key identifier: 61:BA:38:86:7F:50:0E:E1:7E:D3:B9:50:7E:FC:03:D9:A5:09:41:2B
Certificate issuer: /CN=547841eeff20c78b33d411dae51a692adb892e31
Certificate serial: 0183B1DE93EC21C7460BBF092D2DF864B813
Authority key identifier: 54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/Ybo4hn9QDuF-07lQfvwD2aUJQSs.roa
Signing time: Fri 07 Oct 2022 09:54:57 +0000
ROA not before: Fri 07 Oct 2022 09:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205624
IP address blocks: 212.225.227.0/24 maxlen: 24
171.33.235.0/24 maxlen: 24
91.151.101.0/24 maxlen: 24
212.225.244.0/24 maxlen: 24
89.39.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:de:93:ec:21:c7:46:0b:bf:09:2d:2d:f8:64:b8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547841eeff20c78b33d411dae51a692adb892e31
Validity
Not Before: Oct 7 09:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61ba38867f500ee17ed3b9507efc03d9a509412b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d9:2a:16:c9:d2:a1:0b:37:59:fe:98:dd:30:
f9:40:8a:21:48:89:b9:df:7f:de:33:85:08:c6:d3:
da:9d:f2:f9:90:30:99:d1:34:3a:6c:44:5a:fd:b3:
b0:bd:ed:aa:dd:d9:3c:88:91:88:f2:77:ee:d6:7e:
01:db:df:50:71:ec:1c:48:8f:3a:0b:24:d3:23:c6:
c6:35:64:c8:f8:8b:d3:74:cf:dc:d8:9e:e0:e0:49:
c2:88:72:f3:9c:74:51:47:d1:28:09:70:e3:9c:5f:
5a:f9:cc:19:7a:ce:31:4f:b9:4e:81:98:33:54:01:
75:b0:28:5e:62:6f:7e:30:36:d4:24:73:0e:79:0d:
03:49:ef:04:81:8d:53:7c:3c:5d:74:21:09:83:3c:
33:70:cd:2f:a8:30:41:ea:f6:9e:2a:a6:a2:62:05:
07:ec:f8:d5:bc:db:3a:ef:15:16:cb:48:06:a2:b9:
26:d9:04:06:3d:c2:d0:1c:08:97:69:e9:a4:2b:66:
b9:01:a0:8b:c3:01:7d:46:c3:0f:d6:d1:d1:95:e9:
8e:f8:bf:be:47:ac:73:8b:5a:39:00:aa:1a:48:6f:
76:c8:5e:5a:90:04:c3:6f:e7:e7:92:42:ce:68:6c:
2d:88:b1:f3:39:35:6b:69:c4:8e:7e:9d:f1:c6:f9:
51:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BA:38:86:7F:50:0E:E1:7E:D3:B9:50:7E:FC:03:D9:A5:09:41:2B
X509v3 Authority Key Identifier:
keyid:54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/Ybo4hn9QDuF-07lQfvwD2aUJQSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.154.0/24
91.151.101.0/24
171.33.235.0/24
212.225.227.0/24
212.225.244.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:ed:27:f7:65:09:2d:68:62:43:7d:0e:37:eb:96:55:a8:76:
fd:e0:a8:3c:34:66:0c:c8:aa:5e:1f:25:e2:f8:e5:87:4d:f5:
4c:8f:c5:3a:a9:e2:54:30:07:7c:7e:c8:77:cd:41:83:97:c1:
cf:42:18:4b:25:f3:da:12:a3:ae:33:26:1f:36:24:d0:99:31:
22:2f:4d:06:64:c7:cd:85:5d:4d:7e:ab:e1:5b:cd:8c:59:e8:
0f:4c:14:f0:a2:68:95:0b:74:a0:62:6f:82:86:ae:7d:5d:81:
f3:e6:73:7c:06:38:c7:f1:b6:d2:7d:f6:47:dd:d3:46:95:f0:
f7:d7:47:b1:aa:5b:7a:85:fc:43:1b:58:d5:22:eb:d7:c0:9b:
24:bc:21:1f:09:56:6b:91:e2:53:f5:96:19:bd:5a:96:88:89:
af:83:61:f0:c0:8f:3e:af:9e:51:bc:95:a9:49:22:bf:7e:55:
84:64:c8:b0:7c:3b:02:8c:0a:bf:db:5a:b3:ba:1b:95:67:51:
db:4d:27:f6:10:dd:a7:b1:c3:7e:16:b9:81:63:a8:39:47:fe:
18:66:ae:2d:54:fe:bb:fe:2c:27:0b:78:40:1c:9f:d0:9b:3b:
b1:7b:12:79:91:1e:2a:02:48:33:15:d3:35:8e:09:0f:d9:00:
10:df:c7:a4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYOx3pPsIcdGC78JLS34ZLgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzg0MWVlZmYyMGM3OGIzM2Q0MTFkYWU1MWE2OTJhZGI4
OTJlMzEwHhcNMjIxMDA3MDk1NDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJhMzg4NjdmNTAwZWUxN2VkM2I5NTA3ZWZjMDNkOWE1MDk0MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dkqFsnSoQs3Wf6Y3TD5QIohSIm5
33/eM4UIxtPanfL5kDCZ0TQ6bERa/bOwve2q3dk8iJGI8nfu1n4B299QcewcSI86
CyTTI8bGNWTI+IvTdM/c2J7g4EnCiHLznHRRR9EoCXDjnF9a+cwZes4xT7lOgZgz
VAF1sCheYm9+MDbUJHMOeQ0DSe8EgY1TfDxddCEJgzwzcM0vqDBB6vaeKqaiYgUH
7PjVvNs67xUWy0gGorkm2QQGPcLQHAiXaemkK2a5AaCLwwF9RsMP1tHRlemO+L++
R6xzi1o5AKoaSG92yF5akATDb+fnkkLOaGwtiLHzOTVracSOfp3xxvlR+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGG6OIZ/UA7hftO5UH78A9mlCUErMB8GA1UdIwQY
MBaAFFR4Qe7/IMeLM9QR2uUaaSrbiS4xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmIt
MzY2YmExNzAwZmUwLzEvWWJvNGhuOVFEdUYtMDdsUWZ2d0QyYVVKUVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmItMzY2YmExNzAwZmUw
LzEvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSeaAwQA
W5dlAwQAqyHrAwQA1OHjAwQA1OH0MA0GCSqGSIb3DQEBCwUAA4IBAQCp7Sf3ZQkt
aGJDfQ4365ZVqHb94Kg8NGYMyKpeHyXi+OWHTfVMj8U6qeJUMAd8fsh3zUGDl8HP
QhhLJfPaEqOuMyYfNiTQmTEiL00GZMfNhV1NfqvhW82MWegPTBTwomiVC3SgYm+C
hq59XYHz5nN8BjjH8bbSffZH3dNGlfD310exqlt6hfxDG1jVIuvXwJskvCEfCVZr
keJT9ZYZvVqWiImvg2HwwI8+r55RvJWpSSK/flWEZMiwfDsCjAq/21qzuhuVZ1Hb
TSf2EN2nscN+FrmBY6g5R/4YZq4tVP67/iwnC3hAHJ/QmzuxexJ5kR4qAkgzFdM1
jgkP2QAQ38ek
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:44:43 2025 by rpki-client