Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y75TLNocIqaVJuCzBNTmDJmbPtY.roa
File: Y75TLNocIqaVJuCzBNTmDJmbPtY.roa (raw, json)
Hash identifier: tb2dQBed/tOhp3yaR9xsXWfguOn8fdC9GFcuV3acaRQ=
Subject key identifier: 63:BE:53:2C:DA:1C:22:A6:95:26:E0:B3:04:D4:E6:0C:99:9B:3E:D6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BCCFF7CA51533EC87BD7F30779B2CBCA2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y75TLNocIqaVJuCzBNTmDJmbPtY.roa
Signing time: Tue 14 Nov 2023 08:42:57 +0000
ROA not before: Tue 14 Nov 2023 08:42:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 194.33.32.0/24 maxlen: 24
2a0f:7f00::/29 maxlen: 29
2a13:2cc0::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
2a13:200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:ff:7c:a5:15:33:ec:87:bd:7f:30:77:9b:2c:bc:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 14 08:42:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63be532cda1c22a69526e0b304d4e60c999b3ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3c:90:85:7b:de:d4:79:ec:4a:e7:fb:09:f2:
e7:3f:6c:83:85:10:16:1c:9c:c3:57:fe:1e:48:18:
41:fe:fb:b5:36:d3:cb:ad:80:2e:42:2c:2a:4b:ea:
83:98:a7:95:e7:c4:25:98:a8:c2:d0:10:0b:41:96:
93:5e:08:76:20:60:b2:f6:e5:8b:75:0e:79:74:9b:
df:22:b7:18:a2:af:ca:72:6a:90:62:d6:45:e7:27:
31:27:16:8c:e5:9f:5f:fe:05:60:c8:96:1c:49:8e:
4e:38:31:28:6e:d2:9a:ec:bf:c8:34:89:d7:41:ac:
9e:0c:66:59:70:4b:50:90:72:46:e9:98:b5:16:76:
9d:ad:64:ae:f0:86:25:46:ec:a6:4c:f1:9d:e2:a3:
cf:52:3e:83:39:b0:2b:b4:5a:8e:bc:8a:3f:f0:8f:
f6:99:37:ac:89:76:eb:9f:70:f9:21:fd:9a:80:13:
58:f9:a3:df:32:d9:ce:82:27:54:99:f6:75:67:bb:
a4:5f:43:82:ec:df:8c:06:5e:75:5c:f4:1b:79:84:
c8:c0:1b:08:24:6c:d3:02:37:9c:63:93:8a:e4:0e:
7b:b9:11:c5:f8:38:7a:56:41:eb:7f:0a:eb:e8:c7:
40:e6:4e:e6:1c:99:b0:32:1b:75:5c:c2:cd:b6:4b:
8f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BE:53:2C:DA:1C:22:A6:95:26:E0:B3:04:D4:E6:0C:99:9B:3E:D6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Y75TLNocIqaVJuCzBNTmDJmbPtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.32.0/24
IPv6:
2a06:dfc0::/29
2a0f:7f00::/29
2a13:200::/29
2a13:2b40::/29
2a13:2cc0::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
3b:6e:5e:2e:74:8e:25:16:96:b5:cd:87:d5:d4:88:d5:12:48:
56:e7:fd:c8:01:69:dc:73:ef:63:68:89:91:88:a6:61:a7:6d:
7d:d9:b4:e4:4b:f6:c0:3d:fc:53:31:e7:a1:1d:19:0a:6a:c0:
9d:cc:61:d0:eb:44:d0:ab:fb:76:4a:c0:98:30:a7:a6:33:e0:
a2:4f:9d:d1:e1:11:03:39:1b:29:40:2b:ee:96:af:bf:69:b5:
3e:9d:f7:05:bb:05:ff:31:bb:17:e1:df:e9:13:f5:d6:8e:b0:
4b:f3:f8:0d:54:a5:34:5b:b0:64:9b:b5:b6:64:be:16:ac:a9:
6c:79:ab:f9:1f:6f:f6:fc:29:de:c6:c3:03:2f:86:c7:51:30:
21:d9:9a:4b:5c:ea:d0:44:05:72:4a:54:85:af:57:4c:28:b9:
82:22:73:20:13:7f:20:aa:13:76:0b:6c:c6:3c:c6:32:f1:4b:
07:c1:6a:b7:db:4b:e8:8c:89:2d:34:4d:03:29:3f:69:ca:41:
3c:a2:79:af:3f:d8:9e:a5:45:35:a1:f0:4e:61:67:13:45:41:
a9:c1:cb:73:e8:8a:c0:0b:37:29:76:4a:4b:2a:80:d4:86:29:
fc:64:6f:01:8d:0a:bc:24:9d:55:b6:6c:0d:bc:8e:02:6a:9c:
ec:aa:42:5f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYvM/3ylFTPsh71/MHebLLyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTE0MDg0MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2JlNTMyY2RhMWMyMmE2OTUyNmUwYjMwNGQ0ZTYwYzk5OWIzZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDyQhXve1HnsSuf7CfLnP2yDhRAW
HJzDV/4eSBhB/vu1NtPLrYAuQiwqS+qDmKeV58QlmKjC0BALQZaTXgh2IGCy9uWL
dQ55dJvfIrcYoq/KcmqQYtZF5ycxJxaM5Z9f/gVgyJYcSY5OODEobtKa7L/INInX
QayeDGZZcEtQkHJG6Zi1FnadrWSu8IYlRuymTPGd4qPPUj6DObArtFqOvIo/8I/2
mTesiXbrn3D5If2agBNY+aPfMtnOgidUmfZ1Z7ukX0OC7N+MBl51XPQbeYTIwBsI
JGzTAjecY5OK5A57uRHF+Dh6VkHrfwrr6MdA5k7mHJmwMht1XMLNtkuPTwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGO+UyzaHCKmlSbgswTU5gyZmz7WMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWTc1VExOb2NJcWFWSnVDekJOVG1ESm1iUHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAMBAIAATAGAwQAwiEgMDAE
AgACMCoDBQMqBt/AAwUDKg9/AAMFAyoTAgADBQMqEytAAwUDKhMswAMFAyoT0wAw
DQYJKoZIhvcNAQELBQADggEBADtuXi50jiUWlrXNh9XUiNUSSFbn/cgBadxz72No
iZGIpmGnbX3ZtORL9sA9/FMx56EdGQpqwJ3MYdDrRNCr+3ZKwJgwp6Yz4KJPndHh
EQM5GylAK+6Wr79ptT6d9wW7Bf8xuxfh3+kT9daOsEvz+A1UpTRbsGSbtbZkvhas
qWx5q/kfb/b8Kd7GwwMvhsdRMCHZmktc6tBEBXJKVIWvV0wouYIicyATfyCqE3YL
bMY8xjLxSwfBarfbS+iMiS00TQMpP2nKQTyiea8/2J6lRTWh8E5hZxNFQanBy3Po
isALNyl2SksqgNSGKfxkbwGNCrwknVW2bA28jgJqnOyqQl8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:11 2025 by rpki-client