Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/yooWjE9yJUQNbpH5kKsYA0nkeQ0.roa
File: yooWjE9yJUQNbpH5kKsYA0nkeQ0.roa (raw, json)
Hash identifier: KyGXC6ry9rNj1cOsMrJ/QH+rZi0YePKPw+cnlb+Fx5c=
Subject key identifier: CA:8A:16:8C:4F:72:25:44:0D:6E:91:F9:90:AB:18:03:49:E4:79:0D
Certificate issuer: /CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Certificate serial: 03DB238D
Authority key identifier: 22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/yooWjE9yJUQNbpH5kKsYA0nkeQ0.roa
Signing time: Tue 22 Feb 2022 16:29:45 +0000
ROA not before: Tue 22 Feb 2022 16:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51333
IP address blocks: 185.58.4.0/22 maxlen: 24
188.65.80.0/21 maxlen: 24
194.36.72.0/22 maxlen: 24
2a0c:bdc0::/29 maxlen: 29
2a02:6120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64693133 (0x3db238d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Validity
Not Before: Feb 22 16:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca8a168c4f7225440d6e91f990ab180349e4790d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:9e:9a:76:42:22:b4:6e:28:1e:c9:29:52:
b4:59:e1:eb:a6:ac:b9:eb:7a:4e:39:57:53:50:c7:
1e:44:72:ba:12:a3:f5:97:6c:3a:a9:54:c1:11:59:
d1:83:ab:72:6f:1c:45:70:b3:d7:15:a6:b0:75:65:
35:a0:67:bc:b6:6d:35:42:2e:ce:f9:1a:19:5e:9d:
91:37:be:4e:6f:de:e7:84:c2:1e:95:a7:ed:b7:24:
3c:cd:28:ab:52:ff:6b:db:24:39:f5:ac:89:74:2b:
31:c5:52:84:ba:e9:14:16:68:11:9d:65:d8:74:1d:
7b:50:6f:fd:68:e4:94:b9:20:df:c1:45:57:6f:66:
3f:c0:b4:74:26:ee:01:5b:73:c3:09:96:8c:b1:e0:
20:1f:89:c7:e4:75:fe:19:32:cb:00:34:1e:0c:b2:
b8:9b:de:1f:0a:9d:0b:bb:0f:5a:42:a1:12:a7:ef:
7e:a4:d9:e1:3e:6c:9a:4b:fb:e3:1f:3a:71:92:db:
c9:26:75:37:42:88:61:8b:2a:50:ab:db:4d:e5:62:
d5:79:30:06:d3:1a:59:21:d3:17:20:cc:8c:ad:fc:
ce:86:d5:6c:9d:78:2c:10:d6:c1:a3:76:64:a5:64:
91:e4:e8:d7:87:72:ef:3f:1a:55:7b:e1:55:ac:79:
f2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8A:16:8C:4F:72:25:44:0D:6E:91:F9:90:AB:18:03:49:E4:79:0D
X509v3 Authority Key Identifier:
keyid:22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/yooWjE9yJUQNbpH5kKsYA0nkeQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/ItVN-JuP2SHa2j8Nqinv_1zOCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.4.0/22
188.65.80.0/21
194.36.72.0/22
IPv6:
2a02:6120::/32
2a0c:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:8d:77:d5:12:e8:8d:4a:c8:ed:83:98:32:b5:11:e6:85:2d:
66:17:d5:0a:84:14:90:f6:42:7d:ec:df:28:c0:58:0c:c8:71:
69:bc:e2:37:1d:59:1f:73:46:dc:6b:a7:1a:d9:74:8c:67:6e:
6f:b7:28:c1:90:3d:47:a0:49:f2:7c:47:e4:ec:4a:21:69:fb:
52:2d:f6:31:b2:3d:aa:42:d9:d3:c5:1a:63:97:60:39:41:93:
de:22:30:0e:9b:bd:9e:4c:63:5c:67:1d:cb:8f:68:66:78:68:
d5:cf:3c:92:dc:7a:56:21:f9:74:06:c8:42:3f:47:94:9e:e6:
14:8a:95:5c:a5:5d:ba:c7:31:a4:29:48:1a:ff:8e:66:e6:87:
f2:90:18:49:8e:8f:fa:35:d4:1b:c2:3d:1a:6d:4f:81:b0:c3:
54:87:6d:4c:b7:73:1e:c1:12:9d:b7:06:53:a4:c7:76:d7:33:
a7:16:c1:cf:79:dd:44:45:cf:e2:4c:f1:95:95:e8:6e:41:42:
2f:d6:0b:15:bc:e9:e0:4a:f4:de:2c:2b:0d:75:86:c1:90:42:
6a:5a:4e:80:52:f3:c1:83:3f:d7:f8:da:dc:fb:8a:5b:2d:2c:
fd:c3:2e:9c:a6:b0:cb:65:b4:05:82:a5:2f:27:66:55:6f:e4:
33:b7:9f:5f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEA9sjjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmQ1NGRmODliOGZkOTIxZGFkYTNmMGRhYTI5ZWZmZjVjY2UwYTc5MB4XDTIyMDIy
MjE2Mjk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E4YTE2OGM0Zjcy
MjU0NDBkNmU5MWY5OTBhYjE4MDM0OWU0NzkwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgqnpp2QiK0bigeySlStFnh66asuet6TjlXU1DHHkRyuhKj
9ZdsOqlUwRFZ0YOrcm8cRXCz1xWmsHVlNaBnvLZtNUIuzvkaGV6dkTe+Tm/e54TC
HpWn7bckPM0oq1L/a9skOfWsiXQrMcVShLrpFBZoEZ1l2HQde1Bv/WjklLkg38FF
V29mP8C0dCbuAVtzwwmWjLHgIB+Jx+R1/hkyywA0HgyyuJveHwqdC7sPWkKhEqfv
fqTZ4T5smkv74x86cZLbySZ1N0KIYYsqUKvbTeVi1XkwBtMaWSHTFyDMjK38zobV
bJ14LBDWwaN2ZKVkkeTo14dy7z8aVXvhVax58qUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTKihaMT3IlRA1ukfmQqxgDSeR5DTAfBgNVHSMEGDAWgBQi1U34m4/ZIdra
Pw2qKe//XM4KeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l0Vk4tSnVQMlNIYTJqOE5xaW52XzF6T0Nuay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvYjVjZjBiLWVjMzEtNDcwNS04ZjY4LTZmMWZlY2U4N2M4OS8x
L3lvb1dqRTl5SlVRTmJwSDVrS3NZQTBua2VRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
YjVjZjBiLWVjMzEtNDcwNS04ZjY4LTZmMWZlY2U4N2M4OS8xL0l0Vk4tSnVQMlNI
YTJqOE5xaW52XzF6T0Nuay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEArk6BAMEA7xBUAMEAsIkSDAUBAIA
AjAOAwUAKgJhIAMFAyoMvcAwDQYJKoZIhvcNAQELBQADggEBAD2Nd9US6I1KyO2D
mDK1EeaFLWYX1QqEFJD2Qn3s3yjAWAzIcWm84jcdWR9zRtxrpxrZdIxnbm+3KMGQ
PUegSfJ8R+TsSiFp+1It9jGyPapC2dPFGmOXYDlBk94iMA6bvZ5MY1xnHcuPaGZ4
aNXPPJLcelYh+XQGyEI/R5Se5hSKlVylXbrHMaQpSBr/jmbmh/KQGEmOj/o11BvC
PRptT4Gww1SHbUy3cx7BEp23BlOkx3bXM6cWwc953URFz+JM8ZWV6G5BQi/WCxW8
6eBK9N4sKw11hsGQQmpaToBS88GDP9f42tz7ilstLP3DLpymsMtltAWCpS8nZlVv
5DO3n18=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:10 2025 by rpki-client