Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/yRDSNJm4q3JmRmJjEkgi9AI0Uvw.roa
File: yRDSNJm4q3JmRmJjEkgi9AI0Uvw.roa (raw, json)
Hash identifier: eopQg5Bc0Ie1oax3HTeSVMPa5ZfD8mRAs+Hnw8NISIA=
Subject key identifier: C9:10:D2:34:99:B8:AB:72:66:46:62:63:12:48:22:F4:02:34:52:FC
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018C1F21DA95737F5A8675F7770D934DDD64
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/yRDSNJm4q3JmRmJjEkgi9AI0Uvw.roa
Signing time: Thu 30 Nov 2023 07:29:21 +0000
ROA not before: Thu 30 Nov 2023 07:29:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12414
IP address blocks: 217.26.96.0/20 maxlen: 24
82.139.64.0/18 maxlen: 24
185.117.108.0/22 maxlen: 24
5.199.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:21:da:95:73:7f:5a:86:75:f7:77:0d:93:4d:dd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Nov 30 07:29:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c910d23499b8ab7266466263124822f4023452fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ac:32:d8:f4:c9:04:c4:ac:b6:97:90:aa:c8:
75:59:fe:ca:b3:bb:7b:f7:74:31:71:23:24:6c:6f:
a7:73:dc:53:a4:49:2e:21:01:4d:cb:5e:97:3f:57:
60:67:30:2e:b2:16:6c:18:24:b2:65:52:e4:47:e0:
6c:90:f9:05:5d:0c:57:19:a7:26:b5:c7:47:5b:ad:
38:f8:4c:c0:9f:1d:7d:87:1f:5b:26:84:57:54:7b:
f3:4d:48:f6:13:e4:52:13:d7:73:12:ad:4e:1d:1a:
09:af:45:dd:0e:eb:f3:53:83:59:bc:7d:b6:e2:7f:
6e:cb:e0:61:8c:60:61:c6:66:07:34:1f:81:f6:4b:
e6:48:b6:7d:40:dc:91:f8:77:ca:40:e6:82:09:eb:
f6:06:d1:39:9a:f9:a7:9c:f8:25:9b:b9:c2:b7:c3:
66:65:f3:c7:d6:aa:c1:4d:0a:63:4e:72:7f:72:df:
24:74:38:25:a2:74:7d:7a:72:84:c5:ab:1f:9f:91:
09:70:e8:06:c4:08:a3:1b:94:d6:ea:b2:a2:6a:5d:
05:97:e3:df:19:cd:5f:3f:4f:1b:29:ef:79:0a:e1:
77:da:63:41:c1:2a:20:68:a3:df:60:5e:63:fa:c2:
d3:e5:3c:6b:b1:ba:1d:82:56:0b:4e:60:f5:d6:d1:
b3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:10:D2:34:99:B8:AB:72:66:46:62:63:12:48:22:F4:02:34:52:FC
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/yRDSNJm4q3JmRmJjEkgi9AI0Uvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.144.0/20
82.139.64.0/18
185.117.108.0/22
217.26.96.0/20
Signature Algorithm: sha256WithRSAEncryption
62:48:ea:04:46:63:64:3a:95:e2:fc:30:14:43:20:b6:6f:7a:
c3:cd:ea:97:91:ae:b6:e6:80:68:e9:ea:f6:a3:d3:01:71:4b:
07:db:49:f3:58:af:8b:df:f9:5e:72:a2:8e:a7:18:37:5e:20:
f6:df:6c:f0:85:c7:38:9c:32:31:2b:d5:91:ab:be:f4:9b:65:
28:47:95:b5:ac:0b:9e:2f:1d:ec:5c:87:06:86:26:2c:3d:4d:
47:48:1a:05:98:94:db:62:51:61:45:85:3c:8d:65:2b:f5:81:
c3:25:4d:9a:da:d3:36:82:09:c3:d2:06:72:94:bb:0e:13:ab:
c4:5b:ed:95:81:24:26:dc:d9:07:fb:c7:8b:74:f2:1a:0d:c5:
52:71:4c:db:fc:34:43:cf:01:52:c0:27:70:e0:0f:d7:31:fc:
b6:05:b2:62:70:bb:af:9e:d4:79:8f:24:f0:26:e6:aa:00:d0:
fb:27:8c:92:d1:1a:3e:c9:94:37:7f:38:aa:43:11:be:47:b7:
31:f3:c7:0f:2b:6b:0c:0e:58:06:e7:ad:96:91:60:4d:2a:08:
1a:d7:24:55:c9:a8:8d:5e:18:8a:64:d3:aa:59:c2:1b:74:b3:
93:b6:b4:f4:a0:9b:e5:67:2b:5a:db:49:b0:b2:a7:8f:e9:f3:
68:1b:24:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwfIdqVc39ahnX3dw2TTd1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMxMTMwMDcyOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTEwZDIzNDk5YjhhYjcyNjY0NjYyNjMxMjQ4MjJmNDAyMzQ1MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Kwy2PTJBMSstpeQqsh1Wf7Ks7t7
93QxcSMkbG+nc9xTpEkuIQFNy16XP1dgZzAushZsGCSyZVLkR+BskPkFXQxXGacm
tcdHW604+EzAnx19hx9bJoRXVHvzTUj2E+RSE9dzEq1OHRoJr0XdDuvzU4NZvH22
4n9uy+BhjGBhxmYHNB+B9kvmSLZ9QNyR+HfKQOaCCev2BtE5mvmnnPglm7nCt8Nm
ZfPH1qrBTQpjTnJ/ct8kdDglonR9enKExasfn5EJcOgGxAijG5TW6rKial0Fl+Pf
Gc1fP08bKe95CuF32mNBwSogaKPfYF5j+sLT5TxrsbodglYLTmD11tGz7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMkQ0jSZuKtyZkZiYxJIIvQCNFL8MB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEveVJEU05KbTRxM0ptUm1KakVrZ2k5QUkwVXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBceQAwQG
UotAAwQCuXVsAwQE2RpgMA0GCSqGSIb3DQEBCwUAA4IBAQBiSOoERmNkOpXi/DAU
QyC2b3rDzeqXka625oBo6er2o9MBcUsH20nzWK+L3/lecqKOpxg3XiD232zwhcc4
nDIxK9WRq770m2UoR5W1rAueLx3sXIcGhiYsPU1HSBoFmJTbYlFhRYU8jWUr9YHD
JU2a2tM2ggnD0gZylLsOE6vEW+2VgSQm3NkH+8eLdPIaDcVScUzb/DRDzwFSwCdw
4A/XMfy2BbJicLuvntR5jyTwJuaqAND7J4yS0Ro+yZQ3fziqQxG+R7cx88cPK2sM
DlgG562WkWBNKgga1yRVyaiNXhiKZNOqWcIbdLOTtrT0oJvlZyta20mwsqeP6fNo
GyRM
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:09:16 2025 by rpki-client