Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/jYmf9MVKT1pcJhLwLoX07pUvT-k.roa
File: jYmf9MVKT1pcJhLwLoX07pUvT-k.roa (raw, json)
Hash identifier: TjnxNzyxLX34ZA/yLSI6VSqEE2KjGtfC+sj9mMhK+vc=
Subject key identifier: 8D:89:9F:F4:C5:4A:4F:5A:5C:26:12:F0:2E:85:F4:EE:95:2F:4F:E9
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 018B8069BFC8D8FDA14F9DCF3DE773EF9A90
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/jYmf9MVKT1pcJhLwLoX07pUvT-k.roa
Signing time: Mon 30 Oct 2023 11:48:15 +0000
ROA not before: Mon 30 Oct 2023 11:48:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57752
IP address blocks: 185.54.36.0/22 maxlen: 22
185.167.220.0/22 maxlen: 22
185.17.56.0/24 maxlen: 24
185.17.56.0/22 maxlen: 22
185.17.57.0/24 maxlen: 24
45.130.236.0/22 maxlen: 22
45.130.236.0/24 maxlen: 24
45.130.238.0/24 maxlen: 24
45.130.237.0/24 maxlen: 24
45.130.239.0/24 maxlen: 24
185.234.48.0/22 maxlen: 22
109.205.64.0/21 maxlen: 21
2a03:dc00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:69:bf:c8:d8:fd:a1:4f:9d:cf:3d:e7:73:ef:9a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Oct 30 11:48:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d899ff4c54a4f5a5c2612f02e85f4ee952f4fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:8d:1c:96:5d:22:c2:92:57:f4:22:19:bd:
08:ba:14:61:5b:22:f8:5c:60:66:d2:4b:85:e2:50:
9c:b0:a7:40:fe:22:3f:90:2b:3f:25:cd:a4:56:b2:
4f:90:8a:04:da:2c:6d:8a:1c:44:75:c1:d1:8d:7d:
c9:c4:b9:33:99:fa:89:3e:cb:8f:bd:37:92:fc:5c:
67:b0:b5:34:5b:08:28:2b:28:b5:ec:f0:7f:15:38:
86:eb:54:de:43:66:df:84:b3:86:11:fd:fa:73:dc:
d2:19:3b:ef:0b:10:73:bb:7a:0b:44:2b:f8:76:98:
c0:41:36:22:e7:62:b2:c1:8a:2e:ee:c6:04:f4:da:
50:9a:a2:52:7a:96:23:31:dc:ac:d3:3d:27:d4:ca:
53:0b:e7:6f:6e:4d:e1:fc:4c:22:55:e3:e0:22:a7:
81:cd:77:c3:b6:5e:5b:2a:d5:f5:8c:6d:57:3b:1c:
cb:51:53:de:4b:73:38:7d:7e:0a:00:ac:c7:30:42:
70:d4:2a:9a:ef:0f:24:31:5d:34:89:79:9a:a6:74:
99:2e:b0:73:ce:ec:77:3b:96:30:a4:9a:e0:5b:96:
6b:35:21:82:b1:6f:ee:e2:db:00:27:ba:48:0a:9a:
88:bf:0a:08:6e:11:68:af:05:86:7e:a6:30:c1:21:
16:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:89:9F:F4:C5:4A:4F:5A:5C:26:12:F0:2E:85:F4:EE:95:2F:4F:E9
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/jYmf9MVKT1pcJhLwLoX07pUvT-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.236.0/22
109.205.64.0/21
185.17.56.0/22
185.54.36.0/22
185.167.220.0/22
185.234.48.0/22
IPv6:
2a03:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
91:c2:67:d5:43:7c:6f:ca:1b:48:27:43:77:7f:16:b3:3a:e1:
81:77:fe:f5:f7:1a:1f:28:45:c5:89:78:be:d8:30:40:29:a1:
d9:0c:e4:02:60:9e:9a:47:68:40:29:ff:f3:da:28:4a:ef:79:
90:fe:c3:d7:7c:16:b7:a8:9c:47:91:25:41:ae:88:41:f3:f1:
8e:8a:69:0a:93:44:54:8d:f7:6e:af:55:a4:b4:23:3f:61:4d:
30:f2:4c:50:10:ac:76:19:47:30:9e:4e:3f:c0:f8:0d:b1:29:
dc:f1:71:65:d8:23:98:84:62:d0:c4:8b:12:99:76:e1:4f:59:
5a:87:8c:5b:80:16:e9:69:fa:f0:54:7b:e6:47:c8:45:c8:32:
01:4f:0f:2e:0f:ca:d3:a8:e9:c9:d7:78:64:67:c7:77:75:49:
5c:ef:71:72:b1:98:d0:27:08:d7:29:c9:e2:52:35:16:a6:45:
c3:cf:0a:d2:7c:79:ec:a3:9d:50:e9:4b:6d:9c:be:df:8e:45:
10:04:12:26:2d:1a:7a:f8:a8:5f:fb:59:22:1d:4b:51:e8:12:
96:35:ea:70:9f:7d:79:61:52:c1:6f:b9:04:87:77:42:4f:9b:
80:83:a1:87:28:27:a3:c5:71:d3:25:e7:c2:05:56:43:c3:ef:
56:f8:92:ab
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYuAab/I2P2hT53PPedz75qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjMxMDMwMTE0ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDg5OWZmNGM1NGE0ZjVhNWMyNjEyZjAyZTg1ZjRlZTk1MmY0ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnuNHJZdIsKSV/QiGb0IuhRhWyL4
XGBm0kuF4lCcsKdA/iI/kCs/Jc2kVrJPkIoE2ixtihxEdcHRjX3JxLkzmfqJPsuP
vTeS/FxnsLU0WwgoKyi17PB/FTiG61TeQ2bfhLOGEf36c9zSGTvvCxBzu3oLRCv4
dpjAQTYi52KywYou7sYE9NpQmqJSepYjMdys0z0n1MpTC+dvbk3h/EwiVePgIqeB
zXfDtl5bKtX1jG1XOxzLUVPeS3M4fX4KAKzHMEJw1Cqa7w8kMV00iXmapnSZLrBz
zux3O5YwpJrgW5ZrNSGCsW/u4tsAJ7pICpqIvwoIbhForwWGfqYwwSEWjwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFI2Jn/TFSk9aXCYS8C6F9O6VL0/pMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEvalltZjlNVktUMXBjSmhMd0xvWDA3cFV2VC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYLsAwQD
bc1AAwQCuRE4AwQCuTYkAwQCuafcAwQCueowMA0EAgACMAcDBQAqA9wAMA0GCSqG
SIb3DQEBCwUAA4IBAQCRwmfVQ3xvyhtIJ0N3fxazOuGBd/719xofKEXFiXi+2DBA
KaHZDOQCYJ6aR2hAKf/z2ihK73mQ/sPXfBa3qJxHkSVBrohB8/GOimkKk0RUjfdu
r1WktCM/YU0w8kxQEKx2GUcwnk4/wPgNsSnc8XFl2COYhGLQxIsSmXbhT1lah4xb
gBbpafrwVHvmR8hFyDIBTw8uD8rTqOnJ13hkZ8d3dUlc73FysZjQJwjXKcniUjUW
pkXDzwrSfHnso51Q6UttnL7fjkUQBBImLRp6+Khf+1kiHUtR6BKWNepwn315YVLB
b7kEh3dCT5uAg6GHKCejxXHTJefCBVZDw+9W+JKr
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:05 2025 by rpki-client