Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YCkYva0nRkbwV7xcLD5ArdMQqBw.roa
File: YCkYva0nRkbwV7xcLD5ArdMQqBw.roa (raw, json)
Hash identifier: SvYwYj6J87KobL5U2KwqTH96ObN06LEh014diI6f+MQ=
Subject key identifier: 60:29:18:BD:AD:27:46:46:F0:57:BC:5C:2C:3E:40:AD:D3:10:A8:1C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4DD9E85663AF70FE92619D561F5A8
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YCkYva0nRkbwV7xcLD5ArdMQqBw.roa
Signing time: Sun 01 Jan 2023 19:35:22 +0000
ROA not before: Sun 01 Jan 2023 19:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8263
IP address blocks: 178.176.225.0/24 maxlen: 24
178.176.224.0/24 maxlen: 24
178.176.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:dd:9e:85:66:3a:f7:0f:e9:26:19:d5:61:f5:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=602918bdad274646f057bc5c2c3e40add310a81c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:30:82:1f:ed:30:8c:83:b0:b4:d6:df:97:41:
9a:09:7a:ab:af:3c:d3:16:25:57:e2:ee:c6:14:d5:
e7:f1:02:b1:78:cb:39:90:df:71:5f:17:77:ae:f2:
55:4c:70:5a:fa:ee:71:29:c4:a0:93:e5:ff:29:49:
26:9d:f8:a9:49:6d:35:d7:8a:e6:1f:2d:e9:57:d0:
b9:63:11:b7:9e:dd:79:ce:7f:aa:57:63:f7:c7:92:
de:10:aa:83:33:0e:32:f4:07:d5:1e:bd:61:6b:e6:
62:f8:ba:63:5d:a0:6c:01:d7:75:ed:c9:38:31:66:
53:9a:05:5c:dd:d5:98:3e:fb:75:a0:3e:8d:11:bd:
44:fe:57:36:44:be:25:49:42:a6:73:3e:77:40:6f:
69:97:8e:41:67:07:5d:ea:61:98:78:f8:e3:50:ce:
7f:b0:6e:b1:7b:44:d5:2b:a4:92:90:12:2b:f0:b3:
f5:c1:27:0c:f7:1d:ec:00:f7:a1:08:f4:b3:71:bd:
1b:3d:04:07:03:fb:5b:dd:e5:28:64:d6:b9:d8:36:
7f:ea:fb:7f:2c:7c:76:06:41:31:f2:a0:ef:d4:74:
82:6d:88:45:17:f8:39:a5:81:36:a0:51:d2:c2:1d:
05:ca:81:84:34:db:67:dc:91:c5:c0:8f:eb:05:5f:
23:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:29:18:BD:AD:27:46:46:F0:57:BC:5C:2C:3E:40:AD:D3:10:A8:1C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YCkYva0nRkbwV7xcLD5ArdMQqBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.224.0-178.176.226.255
Signature Algorithm: sha256WithRSAEncryption
88:8b:5a:8f:62:6b:b6:99:00:58:a6:8a:1b:fa:cb:01:fa:d1:
22:5c:53:fc:8c:fb:3c:e1:2b:35:4a:ef:1b:8a:8f:0f:1e:9e:
30:0a:4f:14:66:1f:71:19:fb:a4:f2:e5:2c:47:d6:1b:4d:1f:
e1:ea:e2:f7:eb:7a:e5:98:f0:97:67:14:74:54:f1:79:af:ab:
6c:dc:16:4f:81:a6:e9:f5:b9:50:46:db:57:a3:16:30:81:b9:
19:17:71:bf:31:23:3b:89:f8:6f:59:b7:8b:b0:57:a2:09:11:
cb:b8:f0:df:30:36:f9:83:be:96:c1:36:b1:25:60:66:c1:ff:
d2:f4:c2:8b:f7:df:64:8c:ba:91:fe:b2:49:d6:be:c9:a1:df:
50:7a:ef:7c:cb:d3:c0:a1:06:9f:bd:2c:26:e3:ee:68:02:ce:
51:44:81:0c:47:80:07:0b:fb:53:18:8f:73:3b:a9:22:73:69:
66:a7:b1:86:79:51:5d:dd:82:00:2e:1c:ac:46:59:c8:d1:01:
a2:c7:70:0e:fd:ee:27:15:79:fb:25:41:0e:a0:32:3c:97:8f:
ee:b3:2f:2f:a6:1a:53:71:f4:1f:79:f0:f1:07:2c:c4:3d:f3:
80:15:65:72:4e:33:04:47:1c:ea:9c:7e:31:51:0b:36:9f:56:
6d:84:56:59
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVu1N2ehWY69w/pJhnVYfWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI5MThiZGFkMjc0NjQ2ZjA1N2JjNWMyYzNlNDBhZGQzMTBhODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TCCH+0wjIOwtNbfl0GaCXqrrzzT
FiVX4u7GFNXn8QKxeMs5kN9xXxd3rvJVTHBa+u5xKcSgk+X/KUkmnfipSW0114rm
Hy3pV9C5YxG3nt15zn+qV2P3x5LeEKqDMw4y9AfVHr1ha+Zi+LpjXaBsAdd17ck4
MWZTmgVc3dWYPvt1oD6NEb1E/lc2RL4lSUKmcz53QG9pl45BZwdd6mGYePjjUM5/
sG6xe0TVK6SSkBIr8LP1wScM9x3sAPehCPSzcb0bPQQHA/tb3eUoZNa52DZ/6vt/
LHx2BkEx8qDv1HSCbYhFF/g5pYE2oFHSwh0FyoGENNtn3JHFwI/rBV8jEQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGApGL2tJ0ZG8Fe8XCw+QK3TEKgcMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWUNrWXZhMG5Sa2J3Vjd4Y0xENUFyZE1RcUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWysOAD
BACysOIwDQYJKoZIhvcNAQELBQADggEBAIiLWo9ia7aZAFimihv6ywH60SJcU/yM
+zzhKzVK7xuKjw8enjAKTxRmH3EZ+6Ty5SxH1htNH+Hq4vfreuWY8JdnFHRU8Xmv
q2zcFk+Bpun1uVBG21ejFjCBuRkXcb8xIzuJ+G9Zt4uwV6IJEcu48N8wNvmDvpbB
NrElYGbB/9L0wov332SMupH+sknWvsmh31B673zL08ChBp+9LCbj7mgCzlFEgQxH
gAcL+1MYj3M7qSJzaWansYZ5UV3dggAuHKxGWcjRAaLHcA797icVefslQQ6gMjyX
j+6zLy+mGlNx9B958PEHLMQ984AVZXJOMwRHHOqcfjFRCzafVm2EVlk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:06 2025 by rpki-client