Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/yw-tX1GUcZywzz1mjuUfIuv9QEA.roa
File: yw-tX1GUcZywzz1mjuUfIuv9QEA.roa (raw, json)
Hash identifier: p25nsY82rsXGC8SSeZgaM0eOMf7tlIOPA/jky3I/qxQ=
Subject key identifier: CB:0F:AD:5F:51:94:71:9C:B0:CF:3D:66:8E:E5:1F:22:EB:FD:40:40
Certificate issuer: /CN=5673fa6842973edf62d579b4efec2fa64fdbf8c8
Certificate serial: 01856F6FFAE922428EBA79E807C794461F13
Authority key identifier: 56:73:FA:68:42:97:3E:DF:62:D5:79:B4:EF:EC:2F:A6:4F:DB:F8:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/yw-tX1GUcZywzz1mjuUfIuv9QEA.roa
Signing time: Sun 01 Jan 2023 22:24:47 +0000
ROA not before: Sun 01 Jan 2023 22:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 78.135.123.0/24 maxlen: 24
212.68.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:fa:e9:22:42:8e:ba:79:e8:07:c7:94:46:1f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5673fa6842973edf62d579b4efec2fa64fdbf8c8
Validity
Not Before: Jan 1 22:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb0fad5f5194719cb0cf3d668ee51f22ebfd4040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c6:7e:4b:e0:9d:28:ac:aa:e2:7b:f2:e8:90:
a8:3e:7a:72:09:b7:b7:1f:ef:b7:d1:ab:cd:59:ba:
92:b6:f0:b7:70:3c:1e:4e:9f:7e:ae:27:f9:90:5b:
29:37:2d:9a:bc:4f:5c:85:54:60:52:df:57:0f:c1:
de:95:04:e7:25:7e:30:56:35:c8:4f:8a:5d:4e:ea:
3c:8b:d3:3f:62:d2:c1:fd:2f:c2:bf:19:6b:b9:a7:
ff:e3:1c:ed:cf:3b:f5:bf:10:1f:b8:1f:36:5d:9f:
04:92:94:c1:ed:e6:1a:e3:57:2c:6a:4c:9f:3d:0e:
04:7b:ae:ba:50:9a:a9:e4:97:2c:0a:92:d5:6b:42:
04:97:98:ae:1e:0f:c9:7c:ea:e7:dc:a6:f1:e5:49:
bb:d3:61:fe:75:98:c4:17:cb:45:30:c4:b9:5a:22:
42:5b:21:3d:63:9a:1e:16:1f:8e:e6:00:c7:a7:45:
2a:7f:55:db:fe:25:89:e1:ac:9f:37:5a:17:38:05:
25:9a:a4:ea:2e:0a:c0:6e:fe:84:2a:a0:69:e2:cb:
ce:41:ee:39:00:2f:fb:a9:4d:9f:58:2f:e7:d6:ea:
a6:a8:70:7a:8f:d0:1e:cc:d0:41:8d:70:2a:61:4c:
1e:da:c0:d3:4e:59:b5:ac:de:f7:21:d3:54:78:67:
03:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0F:AD:5F:51:94:71:9C:B0:CF:3D:66:8E:E5:1F:22:EB:FD:40:40
X509v3 Authority Key Identifier:
keyid:56:73:FA:68:42:97:3E:DF:62:D5:79:B4:EF:EC:2F:A6:4F:DB:F8:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/yw-tX1GUcZywzz1mjuUfIuv9QEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.123.0/24
212.68.47.0/24
Signature Algorithm: sha256WithRSAEncryption
86:90:73:90:0b:04:c2:b1:99:d4:37:c4:f2:31:8d:fb:63:1a:
ef:b6:9e:3f:e9:02:c7:53:5d:91:db:e0:d3:ae:32:d8:3e:cc:
0e:6d:63:64:f5:3a:93:4e:9d:57:2f:74:ff:f8:90:ea:5d:7f:
a6:9a:67:72:eb:b0:fa:fb:25:37:31:65:fa:47:0f:95:21:f2:
91:b6:92:6c:97:5b:de:3f:d7:a3:cc:9e:74:d3:cc:ec:43:54:
e5:d7:ee:a6:fc:cc:c8:34:a7:26:22:1b:ed:a9:d8:f7:b8:26:
d9:6a:2e:3f:3c:76:88:00:90:fa:4d:d0:e6:08:8d:1b:87:08:
c5:b0:06:e2:4a:a8:5b:b3:1d:de:a8:e3:dc:2d:12:af:f4:ae:
60:33:7a:ed:3b:7a:28:d9:e4:6e:56:3e:1d:2c:95:ab:7f:a6:
69:3e:59:f3:c5:4c:65:b5:84:b4:e2:91:ca:5f:e6:e5:1c:71:
66:2a:88:76:3e:0c:9a:31:92:03:1d:2d:85:b1:81:b0:d1:90:
c8:6e:aa:fa:f4:6e:01:84:5e:28:44:f4:e4:87:09:f8:38:0f:
d6:7b:bd:a6:85:8a:49:78:ff:20:bb:17:77:18:5c:df:30:6f:
af:56:20:14:c5:0c:f0:17:1c:73:af:fb:b6:52:ff:47:ec:34:
db:24:c2:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvb/rpIkKOunnoB8eURh8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NzNmYTY4NDI5NzNlZGY2MmQ1NzliNGVmZWMyZmE2NGZk
YmY4YzgwHhcNMjMwMTAxMjIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBmYWQ1ZjUxOTQ3MTljYjBjZjNkNjY4ZWU1MWYyMmViZmQ0MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcZ+S+CdKKyq4nvy6JCoPnpyCbe3
H++30avNWbqStvC3cDweTp9+rif5kFspNy2avE9chVRgUt9XD8HelQTnJX4wVjXI
T4pdTuo8i9M/YtLB/S/Cvxlruaf/4xztzzv1vxAfuB82XZ8EkpTB7eYa41csakyf
PQ4Ee666UJqp5JcsCpLVa0IEl5iuHg/JfOrn3Kbx5Um702H+dZjEF8tFMMS5WiJC
WyE9Y5oeFh+O5gDHp0Uqf1Xb/iWJ4ayfN1oXOAUlmqTqLgrAbv6EKqBp4svOQe45
AC/7qU2fWC/n1uqmqHB6j9AezNBBjXAqYUwe2sDTTlm1rN73IdNUeGcDMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMsPrV9RlHGcsM89Zo7lHyLr/UBAMB8GA1UdIwQY
MBaAFFZz+mhClz7fYtV5tO/sL6ZP2/jIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5QNmFFS1hQdDlpMVhtMDctd3Zwa19iLU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83OGU1ZWItYzJhZi00NDYyLWI4NTkt
ODk4OTk2Yzg2MWRmLzEveXctdFgxR1VjWnl3enoxbWp1VWZJdXY5UUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83OGU1ZWItYzJhZi00NDYyLWI4NTktODk4OTk2Yzg2MWRm
LzEvVm5QNmFFS1hQdDlpMVhtMDctd3Zwa19iLU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATod7AwQA
1EQvMA0GCSqGSIb3DQEBCwUAA4IBAQCGkHOQCwTCsZnUN8TyMY37Yxrvtp4/6QLH
U12R2+DTrjLYPswObWNk9TqTTp1XL3T/+JDqXX+mmmdy67D6+yU3MWX6Rw+VIfKR
tpJsl1veP9ejzJ5008zsQ1Tl1+6m/MzINKcmIhvtqdj3uCbZai4/PHaIAJD6TdDm
CI0bhwjFsAbiSqhbsx3eqOPcLRKv9K5gM3rtO3oo2eRuVj4dLJWrf6ZpPlnzxUxl
tYS04pHKX+blHHFmKoh2PgyaMZIDHS2FsYGw0ZDIbqr69G4BhF4oRPTkhwn4OA/W
e72mhYpJeP8guxd3GFzfMG+vViAUxQzwFxxzr/u2Uv9H7DTbJMKN
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:40 2025 by rpki-client