Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/yhPP3AKMa8zc5cD6J7e3jzwJhyk.roa
File: yhPP3AKMa8zc5cD6J7e3jzwJhyk.roa (raw, json)
Hash identifier: 1yYPe/7vChD/yhSflJS5p4SdXcK0Xq8eJ9WQOuE+/Nw=
Subject key identifier: CA:13:CF:DC:02:8C:6B:CC:DC:E5:C0:FA:27:B7:B7:8F:3C:09:87:29
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0181FE353983C9AE97A71E7CB6191F22C8B9
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/yhPP3AKMa8zc5cD6J7e3jzwJhyk.roa
Signing time: Thu 14 Jul 2022 19:35:09 +0000
ROA not before: Thu 14 Jul 2022 19:35:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204010
IP address blocks: 185.66.178.0/24 maxlen: 24
2a05:900:5::/48 maxlen: 48
2a05:900:8::/48 maxlen: 48
2a05:900:6::/48 maxlen: 48
2a05:900:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fe:35:39:83:c9:ae:97:a7:1e:7c:b6:19:1f:22:c8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jul 14 19:35:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca13cfdc028c6bccdce5c0fa27b7b78f3c098729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:2c:a0:07:b7:a9:30:0e:f1:51:fb:c1:8c:
b6:f6:ae:cf:11:bd:42:60:01:c9:44:8b:2f:99:3d:
4f:89:a5:a0:a8:a4:c7:3d:ab:f4:32:f7:97:af:39:
f6:ce:e6:97:73:99:35:e3:22:18:6c:51:49:7e:66:
64:96:87:0c:fc:e1:91:53:0f:5b:6c:38:1b:72:7f:
64:38:a5:13:3d:cb:a4:5b:34:9d:ab:2a:0a:ae:8d:
c8:f4:88:40:5b:00:4c:d4:98:21:0a:27:86:1d:78:
25:13:06:95:64:54:92:99:fd:cc:19:2f:c8:39:b7:
75:45:a4:5b:12:3d:87:99:79:44:ea:e9:90:89:3c:
75:ec:0d:24:f1:ee:84:2a:ad:2f:19:79:cd:63:46:
15:b7:cc:f7:b2:f4:6c:f6:b1:c6:af:f0:6e:95:fc:
76:82:c2:6f:98:35:43:09:a6:ee:88:34:d1:ea:a2:
48:11:5f:31:1d:91:ff:7f:da:2e:25:90:38:3c:a1:
64:11:c2:55:e2:04:63:fe:56:11:4d:c3:6e:e5:f0:
ef:41:4f:2d:48:0a:3d:b2:42:e0:51:4c:db:8c:d4:
70:36:1f:d4:2e:ea:0c:7e:17:6d:2f:11:c0:49:07:
1a:2a:c0:78:53:a6:b2:0d:fa:c1:6f:a6:6c:a9:b7:
0e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:13:CF:DC:02:8C:6B:CC:DC:E5:C0:FA:27:B7:B7:8F:3C:09:87:29
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/yhPP3AKMa8zc5cD6J7e3jzwJhyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.178.0/24
IPv6:
2a05:900:5::-2a05:900:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:9f:d6:be:6d:27:83:61:a2:1b:51:2b:1a:d0:5f:54:09:e5:
0c:e4:d9:3f:27:4d:ed:c9:41:b3:0d:c7:b7:09:b7:25:4b:32:
65:ab:22:9c:00:9a:08:32:e0:48:26:a9:ba:13:e0:7c:5f:ad:
cd:14:3d:c6:9b:b2:8c:e9:4b:0e:6c:37:e2:12:a5:74:ee:38:
74:4e:43:1d:b8:56:71:14:cf:58:cf:5b:b8:04:6a:62:52:61:
09:6c:d2:47:1e:21:ee:48:8e:e0:ec:02:7d:21:e5:88:ec:95:
66:28:ee:21:e4:de:1f:58:1f:2e:d4:af:32:14:56:8b:4a:9c:
33:4d:cf:29:8e:94:93:e6:6c:f3:ad:5b:37:7e:dd:50:8e:57:
86:53:3b:5a:11:47:dc:4f:65:10:c1:6f:fd:17:33:00:8d:55:
dd:d1:5d:be:36:10:68:1e:8c:68:e3:c4:1f:a5:26:ec:7d:a4:
b8:dd:86:35:68:73:8b:b9:5a:14:f1:cb:fc:9f:a9:93:d6:ad:
51:f9:1a:d7:0f:9c:c3:b2:1e:0a:fa:a7:c8:28:a0:ac:64:b3:
c1:8a:74:7a:6f:14:3f:bd:75:26:d1:2f:69:db:15:67:70:5f:
ec:c1:2c:1a:aa:7b:18:cd:49:62:92:c9:a3:1e:31:72:b9:22:
1d:58:99:55
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYH+NTmDya6Xpx58thkfIsi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwNzE0MTkzNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTEzY2ZkYzAyOGM2YmNjZGNlNWMwZmEyN2I3Yjc4ZjNjMDk4NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWQsoAe3qTAO8VH7wYy29q7PEb1C
YAHJRIsvmT1PiaWgqKTHPav0MveXrzn2zuaXc5k14yIYbFFJfmZklocM/OGRUw9b
bDgbcn9kOKUTPcukWzSdqyoKro3I9IhAWwBM1JghCieGHXglEwaVZFSSmf3MGS/I
Obd1RaRbEj2HmXlE6umQiTx17A0k8e6EKq0vGXnNY0YVt8z3svRs9rHGr/Bulfx2
gsJvmDVDCabuiDTR6qJIEV8xHZH/f9ouJZA4PKFkEcJV4gRj/lYRTcNu5fDvQU8t
SAo9skLgUUzbjNRwNh/ULuoMfhdtLxHASQcaKsB4U6ayDfrBb6ZsqbcOnQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMoTz9wCjGvM3OXA+ie3t488CYcpMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEveWhQUDNBS01hOHpjNWNENko3ZTNqendKaHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuUKyMBoE
AgACMBQwEgMHACoFCQAABQMHACoFCQAACDANBgkqhkiG9w0BAQsFAAOCAQEAOp/W
vm0ng2GiG1ErGtBfVAnlDOTZPydN7clBsw3Htwm3JUsyZasinACaCDLgSCapuhPg
fF+tzRQ9xpuyjOlLDmw34hKldO44dE5DHbhWcRTPWM9buARqYlJhCWzSRx4h7kiO
4OwCfSHliOyVZijuIeTeH1gfLtSvMhRWi0qcM03PKY6Uk+Zs861bN37dUI5XhlM7
WhFH3E9lEMFv/RczAI1V3dFdvjYQaB6MaOPEH6Um7H2kuN2GNWhzi7laFPHL/J+p
k9atUfka1w+cw7IeCvqnyCigrGSzwYp0em8UP711JtEvadsVZ3Bf7MEsGqp7GM1J
YpLJox4xcrkiHViZVQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:17:04 2025 by rpki-client