Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Ylsn0bBWFjcKXYmUA9iX98u7Qdk.roa
File: Ylsn0bBWFjcKXYmUA9iX98u7Qdk.roa (raw, json)
Hash identifier: dr2TEZag+Mhfa585t4hS7gcPn/30ctVDRWSYp+XvHYM=
Subject key identifier: 62:5B:27:D1:B0:56:16:37:0A:5D:89:94:03:D8:97:F7:CB:BB:41:D9
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018616F1C9B22B422D24D270209C74F25238
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Ylsn0bBWFjcKXYmUA9iX98u7Qdk.roa
Signing time: Fri 03 Feb 2023 11:03:09 +0000
ROA not before: Fri 03 Feb 2023 11:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212157
IP address blocks: 185.52.4.0/22 maxlen: 24
2a04:9a00:1010::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:f1:c9:b2:2b:42:2d:24:d2:70:20:9c:74:f2:52:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 3 11:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=625b27d1b05616370a5d899403d897f7cbbb41d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0f:12:f6:e8:33:fc:fb:7a:27:72:68:83:9e:
74:20:af:64:6c:70:dc:b5:aa:bd:d2:4e:35:b5:43:
3e:d8:f8:05:96:c7:d8:24:ca:0f:5c:b4:af:b1:26:
db:cf:2e:42:72:5d:07:52:dd:29:7e:5e:b5:57:d8:
00:6a:dd:5d:42:ee:92:d5:f5:1b:29:4f:de:90:55:
62:8d:20:d6:2e:b0:04:2d:89:fc:ef:66:3a:64:5c:
27:83:8d:ad:5d:ca:6d:ed:4a:47:6c:79:1e:49:aa:
75:76:30:77:db:02:69:49:2e:f1:1a:8e:0c:b9:37:
f9:93:9a:81:b7:6f:06:74:10:77:e5:70:b0:0d:1a:
43:ce:d2:f9:7a:43:00:5b:78:e7:cf:a5:be:dd:22:
a8:62:52:00:11:95:27:1f:c4:54:a4:95:11:9f:81:
3f:9e:25:15:fb:a9:52:6e:9e:a4:98:e3:dd:67:38:
94:7c:bd:6a:be:a4:c6:39:60:91:08:96:53:f2:34:
ea:b8:a6:67:cd:d2:1f:20:c1:02:f5:cc:e8:63:f8:
1b:1b:2f:5f:87:f2:d6:65:8f:1b:70:30:44:a0:82:
05:5e:da:b3:3e:75:7e:9b:a4:b8:e8:b4:e4:d2:2a:
80:b5:7a:34:ef:cc:44:d2:f4:11:a6:d2:bf:c0:cc:
9f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5B:27:D1:B0:56:16:37:0A:5D:89:94:03:D8:97:F7:CB:BB:41:D9
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Ylsn0bBWFjcKXYmUA9iX98u7Qdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.4.0/22
IPv6:
2a04:9a00:1010::/44
Signature Algorithm: sha256WithRSAEncryption
64:53:d0:3c:1f:19:43:69:a2:6d:0b:a1:b7:81:7a:68:3f:4a:
58:ea:34:2f:4b:1c:83:53:87:db:33:be:58:7d:e5:31:87:6b:
b3:1b:72:b9:39:73:f0:c7:77:02:85:fd:1d:94:82:ca:60:d1:
69:49:7c:b6:76:96:8c:d2:be:9e:44:c1:4f:c6:7d:4f:c1:9f:
1b:a1:66:68:9d:70:65:ef:1f:10:91:d8:58:1a:b6:f8:6c:99:
b7:b8:3c:4e:4c:fd:1e:9f:55:94:60:b3:99:65:89:89:e0:fb:
98:d0:9f:70:8a:83:44:b2:b0:cd:bd:dd:5d:78:10:54:89:23:
fa:86:fd:9e:7a:71:3c:7c:80:e5:f8:9a:2a:26:a3:29:f6:14:
bd:3e:00:b1:69:f1:c3:5b:d3:19:bb:44:2c:71:9f:a6:d9:4d:
e4:71:6e:0a:34:b7:ca:b7:87:bb:46:90:d3:13:1e:6c:c0:5b:
df:c7:5d:ba:41:08:8c:8a:5b:1b:fd:7a:2f:8b:62:4a:bc:40:
93:b2:fd:67:2c:92:ba:e1:bb:86:00:5b:6d:bb:d5:3c:82:2a:
eb:a8:6c:99:cc:3c:24:3a:27:e1:e6:39:a4:54:3c:b9:7b:7f:
ed:ba:4a:02:33:8f:b8:dc:f0:62:8d:a8:76:03:93:63:5d:7c:
32:5b:14:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYW8cmyK0ItJNJwIJx08lI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMjAzMTEwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjViMjdkMWIwNTYxNjM3MGE1ZDg5OTQwM2Q4OTdmN2NiYmI0MWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ8S9ugz/Pt6J3Jog550IK9kbHDc
taq90k41tUM+2PgFlsfYJMoPXLSvsSbbzy5Ccl0HUt0pfl61V9gAat1dQu6S1fUb
KU/ekFVijSDWLrAELYn872Y6ZFwng42tXcpt7UpHbHkeSap1djB32wJpSS7xGo4M
uTf5k5qBt28GdBB35XCwDRpDztL5ekMAW3jnz6W+3SKoYlIAEZUnH8RUpJURn4E/
niUV+6lSbp6kmOPdZziUfL1qvqTGOWCRCJZT8jTquKZnzdIfIMEC9czoY/gbGy9f
h/LWZY8bcDBEoIIFXtqzPnV+m6S46LTk0iqAtXo078xE0vQRptK/wMyfmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGJbJ9GwVhY3Cl2JlAPYl/fLu0HZMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvWWxzbjBiQldGamNLWFltVUE5aVg5OHU3UWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuTQEMA8E
AgACMAkDBwQqBJoAEBAwDQYJKoZIhvcNAQELBQADggEBAGRT0DwfGUNpom0LobeB
emg/SljqNC9LHINTh9szvlh95TGHa7Mbcrk5c/DHdwKF/R2Ugspg0WlJfLZ2lozS
vp5EwU/GfU/BnxuhZmidcGXvHxCR2Fgatvhsmbe4PE5M/R6fVZRgs5lliYng+5jQ
n3CKg0SysM293V14EFSJI/qG/Z56cTx8gOX4miomoyn2FL0+ALFp8cNb0xm7RCxx
n6bZTeRxbgo0t8q3h7tGkNMTHmzAW9/HXbpBCIyKWxv9ei+LYkq8QJOy/Wcskrrh
u4YAW2271TyCKuuobJnMPCQ6J+HmOaRUPLl7f+26SgIzj7jc8GKNqHYDk2NdfDJb
FMo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:51 2025 by rpki-client