Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/ypWz0fLoOaQO0B9YPgbYZLjzsaU.roa
File: ypWz0fLoOaQO0B9YPgbYZLjzsaU.roa (raw, json)
Hash identifier: 6Su+KAjcWdo6y2cMzocezWPP5LP1h45/cnOXogWczEc=
Subject key identifier: CA:95:B3:D1:F2:E8:39:A4:0E:D0:1F:58:3E:06:D8:64:B8:F3:B1:A5
Certificate issuer: /CN=712c99cc338f692da8f81b716bad79d1c9d7c820
Certificate serial: 0187BE7C2B8A6AEDD7266300561564CE98E1
Authority key identifier: 71:2C:99:CC:33:8F:69:2D:A8:F8:1B:71:6B:AD:79:D1:C9:D7:C8:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cSyZzDOPaS2o-Btxa6150cnXyCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/ypWz0fLoOaQO0B9YPgbYZLjzsaU.roa
Signing time: Wed 26 Apr 2023 16:53:41 +0000
ROA not before: Wed 26 Apr 2023 16:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201333
IP address blocks: 212.54.240.0/20 maxlen: 23
212.54.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:7c:2b:8a:6a:ed:d7:26:63:00:56:15:64:ce:98:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712c99cc338f692da8f81b716bad79d1c9d7c820
Validity
Not Before: Apr 26 16:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca95b3d1f2e839a40ed01f583e06d864b8f3b1a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:19:a0:57:50:3d:d8:48:e7:11:33:80:bc:
20:39:69:95:13:e3:03:26:33:a1:88:e9:0f:f8:dd:
32:f2:16:e2:13:da:e4:ed:7e:6f:15:5f:e6:16:26:
b0:15:4f:a9:b2:fa:ab:4f:46:79:ac:53:d4:e4:4a:
cb:48:8e:fd:d8:5e:00:fc:0e:1e:d0:8b:d7:d6:ab:
86:4f:30:89:b0:45:d8:09:b2:a9:0a:73:ab:c4:f1:
af:94:5e:20:9a:1d:80:d5:b2:03:86:61:6d:53:76:
57:1d:97:4e:ad:97:25:3d:bd:20:5e:a4:0a:f4:1f:
cc:cf:5b:2a:b7:30:e7:bc:6c:91:d7:74:a0:a9:e4:
ca:4d:5a:98:d1:b3:22:78:23:d4:c8:62:7c:4d:53:
6f:d0:8a:60:86:2a:51:e5:ea:14:76:8a:1f:bb:40:
bf:57:8c:b5:22:b1:ec:7e:fb:58:4b:6f:7b:10:b4:
46:05:cf:fa:b1:1b:b9:d0:bb:ad:07:e9:41:84:97:
fe:05:d3:dd:45:88:49:c2:90:9b:16:ba:a3:b2:b4:
a7:bf:a7:42:e2:34:81:7e:95:93:05:03:25:c9:60:
7d:64:c1:5b:ea:c8:2f:bb:f2:2c:6f:1f:2e:6e:2a:
0c:24:5a:2b:af:a3:a4:62:b4:fe:c4:47:25:f9:c2:
04:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:95:B3:D1:F2:E8:39:A4:0E:D0:1F:58:3E:06:D8:64:B8:F3:B1:A5
X509v3 Authority Key Identifier:
keyid:71:2C:99:CC:33:8F:69:2D:A8:F8:1B:71:6B:AD:79:D1:C9:D7:C8:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cSyZzDOPaS2o-Btxa6150cnXyCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/ypWz0fLoOaQO0B9YPgbYZLjzsaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/cSyZzDOPaS2o-Btxa6150cnXyCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.54.232.0-212.54.255.255
Signature Algorithm: sha256WithRSAEncryption
8c:bf:9a:a1:48:f1:f3:05:d8:4e:8a:12:d3:bb:56:a2:55:48:
50:31:23:fa:15:cc:2f:89:50:ce:b2:17:d7:84:c2:58:fb:72:
7a:86:f6:8e:2e:be:69:43:c7:78:b3:9e:54:38:8c:70:e8:03:
89:08:fb:d6:27:af:fc:96:3c:81:3b:82:e5:4d:4e:a7:03:11:
2e:93:6b:32:22:d2:a1:d1:26:71:28:b0:7a:ac:f7:8a:e7:20:
ce:2b:a3:b9:0c:90:b0:40:55:aa:3f:49:4a:7f:ed:5a:2c:f1:
70:12:d0:6c:b4:99:1c:86:18:d7:6f:a7:36:06:11:9c:7e:4e:
17:88:e1:94:c2:90:52:87:89:1a:ef:37:f7:e8:d6:da:4e:8e:
8b:93:26:ba:2b:e5:71:53:43:7a:cc:55:f7:cb:89:f8:46:af:
e0:47:8e:35:9b:e3:38:f0:63:0b:cc:08:01:f6:eb:f1:da:d8:
21:37:f5:2c:95:95:06:ab:e1:ef:1d:bb:40:6e:6a:37:b7:11:
6c:a4:2b:b6:1b:0f:16:0c:56:74:31:c9:b9:64:61:af:7c:3b:
40:18:1b:60:71:c1:f8:85:c4:21:b6:ab:e8:11:f9:77:2a:59:
20:8c:63:e3:eb:4a:0c:28:44:d8:dd:e2:60:d4:ec:1e:55:3e:
65:1c:b7:86
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYe+fCuKau3XJmMAVhVkzpjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmM5OWNjMzM4ZjY5MmRhOGY4MWI3MTZiYWQ3OWQxYzlk
N2M4MjAwHhcNMjMwNDI2MTY1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTk1YjNkMWYyZTgzOWE0MGVkMDFmNTgzZTA2ZDg2NGI4ZjNiMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnsZoFdQPdhI5xEzgLwgOWmVE+MD
JjOhiOkP+N0y8hbiE9rk7X5vFV/mFiawFU+psvqrT0Z5rFPU5ErLSI792F4A/A4e
0IvX1quGTzCJsEXYCbKpCnOrxPGvlF4gmh2A1bIDhmFtU3ZXHZdOrZclPb0gXqQK
9B/Mz1sqtzDnvGyR13SgqeTKTVqY0bMieCPUyGJ8TVNv0IpghipR5eoUdoofu0C/
V4y1IrHsfvtYS297ELRGBc/6sRu50LutB+lBhJf+BdPdRYhJwpCbFrqjsrSnv6dC
4jSBfpWTBQMlyWB9ZMFb6sgvu/Isbx8ubioMJForr6OkYrT+xEcl+cIEZwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFMqVs9Hy6DmkDtAfWD4G2GS487GlMB8GA1UdIwQY
MBaAFHEsmcwzj2ktqPgbcWutedHJ18ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1N5WnpET1BhUzJvLUJ0eGE2MTUwY25YeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kOTVmMzItODIyYS00Y2ZlLTk4NTMt
NGViZWY4ODg0Mzk2LzEveXBXejBmTG9PYVFPMEI5WVBnYllaTGp6c2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kOTVmMzItODIyYS00Y2ZlLTk4NTMtNGViZWY4ODg0Mzk2
LzEvY1N5WnpET1BhUzJvLUJ0eGE2MTUwY25YeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAPUNugD
AwDUNjANBgkqhkiG9w0BAQsFAAOCAQEAjL+aoUjx8wXYTooS07tWolVIUDEj+hXM
L4lQzrIX14TCWPtyeob2ji6+aUPHeLOeVDiMcOgDiQj71iev/JY8gTuC5U1OpwMR
LpNrMiLSodEmcSiweqz3iucgziujuQyQsEBVqj9JSn/tWizxcBLQbLSZHIYY12+n
NgYRnH5OF4jhlMKQUoeJGu839+jW2k6Oi5MmuivlcVNDesxV98uJ+Eav4EeONZvj
OPBjC8wIAfbr8drYITf1LJWVBqvh7x27QG5qN7cRbKQrthsPFgxWdDHJuWRhr3w7
QBgbYHHB+IXEIbar6BH5dypZIIxj4+tKDChE2N3iYNTsHlU+ZRy3hg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:11 2025 by rpki-client