Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/yR_g7ptEecGNiu0eWZtpFKnuIPQ.roa
File: yR_g7ptEecGNiu0eWZtpFKnuIPQ.roa (raw, json)
Hash identifier: 7GLf+PebQRDqLkpmG7Hxhk18R4B5kb48ThSmmllWHc8=
Subject key identifier: C9:1F:E0:EE:9B:44:79:C1:8D:8A:ED:1E:59:9B:69:14:A9:EE:20:F4
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 01892547D2E541766BBC49250C95AC4EA2CD
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/yR_g7ptEecGNiu0eWZtpFKnuIPQ.roa
Signing time: Wed 05 Jul 2023 09:00:11 +0000
ROA not before: Wed 05 Jul 2023 09:00:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 185.110.62.0/24 maxlen: 24
123.253.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:47:d2:e5:41:76:6b:bc:49:25:0c:95:ac:4e:a2:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jul 5 09:00:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c91fe0ee9b4479c18d8aed1e599b6914a9ee20f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:39:25:5f:23:f9:df:9d:da:0b:8b:17:da:
9b:96:76:87:fe:de:b2:2a:08:0a:fd:46:d3:53:fd:
2b:8c:b7:a7:1d:17:d8:53:37:36:6c:0a:56:8a:99:
5c:1c:96:1d:90:be:86:60:42:d5:89:e8:15:eb:b5:
66:26:87:ff:26:0f:fa:ab:9c:40:3b:1b:bc:8a:7b:
e1:53:65:96:ea:d4:1b:75:36:86:4e:59:29:b1:c6:
c3:c1:05:30:15:7e:b5:81:88:fd:e1:61:07:fa:a3:
5f:6d:65:e7:c4:fe:ff:4a:bb:d7:ac:37:a0:0a:fa:
30:3d:7c:e9:a8:83:19:e1:5e:6c:3e:4d:d8:a0:6e:
dc:81:10:b3:2d:cb:32:60:c2:7b:dc:3b:39:fd:1c:
4e:ec:7e:b8:c0:95:61:8b:d2:b6:1a:41:ff:f7:34:
3a:a0:09:37:8b:76:54:6e:7a:54:ee:fb:db:46:8a:
47:ef:85:77:7c:bb:5d:f8:68:ed:37:6b:ff:08:e2:
f0:32:fa:50:20:6a:c1:6a:ba:5d:15:76:41:1b:eb:
79:a3:e5:60:85:d6:96:72:8b:6a:09:95:05:02:47:
75:0d:2b:58:ff:6e:3a:af:6c:e6:fa:8e:92:f3:78:
57:da:b7:0c:98:95:7e:6d:6c:83:c3:91:52:cd:96:
fd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:1F:E0:EE:9B:44:79:C1:8D:8A:ED:1E:59:9B:69:14:A9:EE:20:F4
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/yR_g7ptEecGNiu0eWZtpFKnuIPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.253.213.0/24
185.110.62.0/24
Signature Algorithm: sha256WithRSAEncryption
05:3f:8e:24:94:a4:7e:bb:d0:5d:cc:f9:4c:60:eb:b3:f7:d8:
ec:81:7c:b3:1a:f6:dd:fc:3e:00:b3:1f:3f:cb:05:d9:59:b8:
9d:dd:c0:8b:b7:eb:c2:9f:76:67:34:73:26:33:0b:2c:fb:3d:
ba:e3:f5:ac:11:5c:9b:8d:0f:ef:bc:21:9c:26:e3:24:c7:a8:
e3:46:34:a6:7d:8e:c2:0f:84:b9:83:6b:d0:bf:c2:25:b1:c4:
5d:ca:5e:60:37:97:3d:d3:cb:02:5d:e7:a7:ae:91:41:70:a2:
52:c5:74:fc:5a:9a:87:c0:40:60:2b:54:43:9f:51:d9:0b:b2:
06:cd:f1:51:95:f8:7e:18:85:1b:b3:71:5d:aa:52:bf:cb:15:
db:2b:04:1d:5d:a3:88:98:f5:ee:c9:9b:9b:f5:20:f8:eb:f8:
56:69:c2:ac:ff:e6:2a:06:87:fd:bb:77:81:b5:75:88:c5:e2:
c4:37:87:01:fa:f2:21:b6:de:e4:a1:71:97:e3:62:1e:29:a8:
df:03:4e:31:51:76:bd:e4:5a:17:e4:e9:5e:5b:f9:4c:c7:7a:
7a:1c:45:f3:e5:d8:e4:6a:34:e6:e3:fe:21:f1:fd:bd:28:c5:
bd:90:c2:9a:00:49:38:2c:ec:2e:b0:52:94:f4:2f:08:d1:22:
0b:93:28:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYklR9LlQXZrvEklDJWsTqLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwNzA1MDkwMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTFmZTBlZTliNDQ3OWMxOGQ4YWVkMWU1OTliNjkxNGE5ZWUyMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPI5JV8j+d+d2guLF9qblnaH/t6y
KggK/UbTU/0rjLenHRfYUzc2bApWiplcHJYdkL6GYELViegV67VmJof/Jg/6q5xA
Oxu8invhU2WW6tQbdTaGTlkpscbDwQUwFX61gYj94WEH+qNfbWXnxP7/SrvXrDeg
CvowPXzpqIMZ4V5sPk3YoG7cgRCzLcsyYMJ73Ds5/RxO7H64wJVhi9K2GkH/9zQ6
oAk3i3ZUbnpU7vvbRopH74V3fLtd+GjtN2v/COLwMvpQIGrBarpdFXZBG+t5o+Vg
hdaWcotqCZUFAkd1DStY/246r2zm+o6S83hX2rcMmJV+bWyDw5FSzZb95wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMkf4O6bRHnBjYrtHlmbaRSp7iD0MB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEveVJfZzdwdEVlY0dOaXUwZVdadHBGS251SVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAe/3VAwQA
uW4+MA0GCSqGSIb3DQEBCwUAA4IBAQAFP44klKR+u9BdzPlMYOuz99jsgXyzGvbd
/D4Asx8/ywXZWbid3cCLt+vCn3ZnNHMmMwss+z264/WsEVybjQ/vvCGcJuMkx6jj
RjSmfY7CD4S5g2vQv8IlscRdyl5gN5c908sCXeenrpFBcKJSxXT8WpqHwEBgK1RD
n1HZC7IGzfFRlfh+GIUbs3FdqlK/yxXbKwQdXaOImPXuyZub9SD46/hWacKs/+Yq
Bof9u3eBtXWIxeLEN4cB+vIhtt7koXGX42IeKajfA04xUXa95FoX5OleW/lMx3p6
HEXz5djkajTm4/4h8f29KMW9kMKaAEk4LOwusFKU9C8I0SILkygm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:45 2025 by rpki-client