Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/YL_teH0QBi5YjyrZrXpM1Ba0sTc.roa
File: YL_teH0QBi5YjyrZrXpM1Ba0sTc.roa (raw, json)
Hash identifier: HWqXOKfYb9L9EgoGr+RCLZosOHP6PkNvbFz2gb5tUTc=
Subject key identifier: 60:BF:ED:78:7D:10:06:2E:58:8F:2A:D9:AD:7A:4C:D4:16:B4:B1:37
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 035A0C26
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/YL_teH0QBi5YjyrZrXpM1Ba0sTc.roa
Signing time: Wed 02 Mar 2022 07:12:14 +0000
ROA not before: Wed 02 Mar 2022 07:12:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204348
IP address blocks: 185.252.112.0/24 maxlen: 24
185.252.115.0/24 maxlen: 24
185.252.113.0/24 maxlen: 24
185.252.114.0/24 maxlen: 24
185.249.255.0/24 maxlen: 24
2a0e:e7c3::/32 maxlen: 32
2a04:b804::/32 maxlen: 32
2a04:b800::/32 maxlen: 32
2a0e:e7c7::/32 maxlen: 32
2a04:b803::/32 maxlen: 32
2a0e:e7c0::/32 maxlen: 32
2a04:b805::/32 maxlen: 32
2a10:a6c0::/29 maxlen: 29
2a0e:e7c6::/32 maxlen: 32
2a04:b802::/32 maxlen: 32
2a0e:e7c1::/32 maxlen: 32
2a0e:e7c5::/32 maxlen: 32
2a04:b806::/32 maxlen: 32
2a0e:e7c4::/32 maxlen: 32
2a0e:e7c2::/32 maxlen: 32
2a04:b807::/32 maxlen: 32
2a04:b801::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56232998 (0x35a0c26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Mar 2 07:12:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60bfed787d10062e588f2ad9ad7a4cd416b4b137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ae:97:4c:17:95:26:ee:8b:ad:59:60:96:25:
e1:3d:6d:f0:45:ea:a2:6d:f0:b6:af:04:b6:d7:c3:
b4:ce:fa:18:6f:ae:22:42:bd:d9:c3:04:80:9a:92:
a1:d1:c8:b2:37:7f:f4:b9:b8:1a:2b:9e:38:54:fe:
9f:5d:99:5e:00:ae:2e:07:af:f1:fc:d7:84:ea:3f:
c5:6c:52:7f:e3:45:50:bc:10:c5:59:13:81:cb:fe:
ea:53:4b:7e:1c:b6:84:5d:2b:b4:b3:12:ae:e4:fe:
77:58:27:38:cc:b1:59:71:6b:1c:bc:e7:83:89:ac:
1b:55:28:d3:91:0f:7f:59:33:88:d4:12:69:77:44:
d7:fe:0d:73:82:f8:f5:59:b1:f3:b6:15:4e:c3:df:
b9:36:aa:3f:61:93:43:13:8f:37:21:ac:59:a8:aa:
95:42:88:b7:cd:7b:7f:a5:5f:b8:87:53:9e:4f:da:
89:b9:e5:50:94:dd:fd:82:1a:13:79:96:dc:2c:69:
f4:ba:c1:f8:1d:07:b3:75:d0:60:49:88:0e:95:98:
ac:bc:a8:28:85:44:e3:30:1b:4d:65:1c:85:5e:29:
a7:e0:24:d3:6f:49:6c:ea:3a:a1:9a:4f:44:6a:41:
c4:93:a2:2f:22:f9:ba:4c:ed:a8:c1:91:86:77:2d:
88:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BF:ED:78:7D:10:06:2E:58:8F:2A:D9:AD:7A:4C:D4:16:B4:B1:37
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/YL_teH0QBi5YjyrZrXpM1Ba0sTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.255.0/24
185.252.112.0/22
IPv6:
2a04:b800::/29
2a0e:e7c0::/29
2a10:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:f5:73:77:25:fd:b8:e7:2c:ef:a9:45:bf:1a:ec:df:4c:66:
71:8c:d0:cb:8a:e9:da:30:e3:a0:55:9e:cb:b6:b2:ab:8e:e4:
95:7a:d5:b0:bb:77:40:60:a1:ec:01:79:97:c5:3a:dc:a8:0c:
d1:36:43:c6:79:a0:d8:fc:4e:4f:2c:02:54:44:fc:5b:d0:f5:
cd:4f:6f:80:17:3e:35:5d:ee:7e:8f:75:c6:fa:98:b1:d6:29:
c6:9a:be:43:e5:d0:96:7c:ae:84:47:3d:a7:ab:60:02:00:80:
bf:17:44:ff:8b:ae:24:49:19:32:ae:0c:32:aa:e9:9f:d4:20:
bf:5b:08:2a:81:ac:aa:7a:0f:57:d5:69:cd:57:d2:7e:7e:7e:
de:d2:02:6d:94:c3:fa:7c:eb:f3:ce:9a:78:a8:a8:9a:6c:55:
ca:60:55:fd:d9:dc:a0:c8:94:c0:e1:5d:0d:dd:ed:53:34:87:
e5:33:f7:5b:47:6d:9a:1b:fb:a7:18:5f:71:41:f2:30:fb:39:
6d:4e:21:cb:e5:c6:e1:22:5f:e6:91:92:47:13:1a:ca:30:7b:
6e:cd:c5:6a:d4:26:5d:23:c9:e3:8c:51:ae:0c:d9:f1:4d:9c:
ac:2c:e7:33:30:31:79:e6:8c:f7:36:19:ab:e7:4f:5c:b7:e7:
cc:03:a5:9c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEA1oMJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGIyMmVlYTRhNGEzYjgxNjU0YTIyN2VkYTk0ZTBlNzU5MzdiMDE1MB4XDTIyMDMw
MjA3MTIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBiZmVkNzg3ZDEw
MDYyZTU4OGYyYWQ5YWQ3YTRjZDQxNmI0YjEzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+ul0wXlSbui61ZYJYl4T1t8EXqom3wtq8EttfDtM76GG+u
IkK92cMEgJqSodHIsjd/9Lm4GiueOFT+n12ZXgCuLgev8fzXhOo/xWxSf+NFULwQ
xVkTgcv+6lNLfhy2hF0rtLMSruT+d1gnOMyxWXFrHLzng4msG1Uo05EPf1kziNQS
aXdE1/4Nc4L49Vmx87YVTsPfuTaqP2GTQxOPNyGsWaiqlUKIt817f6VfuIdTnk/a
ibnlUJTd/YIaE3mW3Cxp9LrB+B0Hs3XQYEmIDpWYrLyoKIVE4zAbTWUchV4pp+Ak
029JbOo6oZpPRGpBxJOiLyL5ukztqMGRhnctiM8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRgv+14fRAGLliPKtmtekzUFrSxNzAfBgNVHSMEGDAWgBRosi7qSko7gWVK
In7alODnWTewFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMSXU2a3BLTzRGbFNpSi0ycFRnNTFrM3NCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8x
L1lMX3RlSDBRQmk1WWp5clpyWHBNMUJhMHNUYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8xL2FMSXU2a3BLTzRG
bFNpSi0ycFRnNTFrM3NCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwEgQCAAEwDAMEALn5/wMEArn8cDAbBAIAAjAVAwUD
KgS4AAMFAyoO58ADBQMqEKbAMA0GCSqGSIb3DQEBCwUAA4IBAQBs9XN3Jf245yzv
qUW/GuzfTGZxjNDLiunaMOOgVZ7LtrKrjuSVetWwu3dAYKHsAXmXxTrcqAzRNkPG
eaDY/E5PLAJURPxb0PXNT2+AFz41Xe5+j3XG+pix1inGmr5D5dCWfK6ERz2nq2AC
AIC/F0T/i64kSRkyrgwyqumf1CC/Wwgqgayqeg9X1WnNV9J+fn7e0gJtlMP6fOvz
zpp4qKiabFXKYFX92dygyJTA4V0N3e1TNIflM/dbR22aG/unGF9xQfIw+zltTiHL
5cbhIl/mkZJHExrKMHtuzcVq1CZdI8njjFGuDNnxTZysLOczMDF55oz3Nhmr509c
t+fMA6Wc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:26 2025 by rpki-client