Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/ytbjsO3TZ6pcZIidIAn5u2HI1f4.roa
File: ytbjsO3TZ6pcZIidIAn5u2HI1f4.roa (raw, json)
Hash identifier: SngaW8yGOvU2rxmZffIwVo9CuvWQ233k+gL4ouIiWB4=
Subject key identifier: CA:D6:E3:B0:ED:D3:67:AA:5C:64:88:9D:20:09:F9:BB:61:C8:D5:FE
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 01870E53357EB40D1CF8BA408DCF9DCDD4B2
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/ytbjsO3TZ6pcZIidIAn5u2HI1f4.roa
Signing time: Thu 23 Mar 2023 11:55:46 +0000
ROA not before: Thu 23 Mar 2023 11:55:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39216
IP address blocks: 188.72.63.0/24 maxlen: 24
188.72.62.0/24 maxlen: 24
188.72.61.0/24 maxlen: 24
188.72.60.0/24 maxlen: 24
188.72.59.0/24 maxlen: 24
188.72.35.0/24 maxlen: 24
188.72.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:53:35:7e:b4:0d:1c:f8:ba:40:8d:cf:9d:cd:d4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Mar 23 11:55:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad6e3b0edd367aa5c64889d2009f9bb61c8d5fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:42:55:28:bf:6b:89:fd:ae:05:ca:9a:8f:11:
4c:22:e2:a7:0c:83:3c:ff:56:4f:c7:2c:73:81:9d:
03:d3:6a:c4:ff:f2:dd:61:3d:a7:e7:d3:1f:4c:91:
31:36:75:85:ca:36:16:31:f2:0a:43:e8:2e:de:1b:
32:af:ce:2c:b5:72:f3:40:fa:86:be:b1:98:db:35:
ef:3a:e0:41:af:11:54:3f:75:8e:54:32:51:6f:f0:
c3:57:29:99:8e:04:c4:4b:41:23:d5:51:f6:e7:6c:
c3:d3:39:ed:8f:38:fe:7c:85:1a:b2:db:c7:06:50:
7a:81:fc:5d:ae:e3:50:36:28:bc:34:98:b8:16:fd:
ee:14:a1:7d:33:ae:80:e3:bd:6d:55:2e:45:e2:f6:
b4:29:f6:2a:1d:bc:3b:75:fb:c5:26:8d:79:3b:6d:
65:e3:47:bf:10:e6:db:e6:83:a2:b3:35:c7:03:6e:
56:ea:63:86:a7:35:32:84:6f:b0:3b:9f:2f:d4:d3:
a3:97:45:f7:08:b2:d3:06:fc:98:fb:6b:2f:a2:47:
74:73:1b:cc:ab:d7:87:14:b3:80:67:3e:be:d8:cc:
9f:da:29:f7:86:86:ea:89:92:ff:85:99:7e:f4:80:
5f:fc:0e:0e:d8:1b:1f:9a:23:94:7a:ea:69:df:09:
74:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D6:E3:B0:ED:D3:67:AA:5C:64:88:9D:20:09:F9:BB:61:C8:D5:FE
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/ytbjsO3TZ6pcZIidIAn5u2HI1f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.34.0/23
188.72.59.0-188.72.63.255
Signature Algorithm: sha256WithRSAEncryption
d0:0d:3b:c2:4a:8a:17:b5:d2:85:e7:c2:d0:ab:6a:b2:da:09:
bf:28:dd:63:7a:cd:ab:e6:d2:12:e0:2e:03:a1:2f:77:b3:59:
30:4c:5f:ad:be:bd:c2:be:46:80:b9:1d:21:46:2f:45:95:76:
b4:5c:12:c4:dd:b9:2c:8f:72:25:eb:e5:7e:8e:0f:ee:b0:b7:
11:22:26:ed:a7:a8:b3:4b:5e:70:e5:fb:fe:f5:db:d2:c7:90:
8e:f3:8f:bf:81:74:52:6a:04:a6:b9:8e:66:70:8c:16:08:9d:
a4:1e:b3:cf:d0:a6:a4:3b:ae:de:91:35:55:25:e4:55:96:fb:
6a:cc:cd:c7:67:03:c7:33:bf:c7:03:fa:60:07:33:a9:35:82:
6f:6d:cf:52:14:eb:51:1c:34:f3:71:09:4b:72:6f:bd:9b:90:
22:c6:91:4d:7a:4b:8f:58:b6:6f:cf:ab:ff:96:4d:f5:d3:e0:
f5:2c:10:ea:2f:c3:fb:06:9a:80:07:ec:69:a4:f8:75:7a:ae:
df:b2:42:7b:cb:68:52:14:f9:c3:37:2e:0f:59:ed:57:b4:34:
04:cd:62:32:85:4d:4a:77:63:ed:31:68:17:7f:f3:d6:3b:03:
df:aa:30:7c:53:c5:96:2d:0f:fb:e6:1c:0d:8c:fa:36:96:11:
2c:ff:cf:82
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYcOUzV+tA0c+LpAjc+dzdSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMwMzIzMTE1NTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQ2ZTNiMGVkZDM2N2FhNWM2NDg4OWQyMDA5ZjliYjYxYzhkNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kJVKL9rif2uBcqajxFMIuKnDIM8
/1ZPxyxzgZ0D02rE//LdYT2n59MfTJExNnWFyjYWMfIKQ+gu3hsyr84stXLzQPqG
vrGY2zXvOuBBrxFUP3WOVDJRb/DDVymZjgTES0Ej1VH252zD0zntjzj+fIUastvH
BlB6gfxdruNQNii8NJi4Fv3uFKF9M66A471tVS5F4va0KfYqHbw7dfvFJo15O21l
40e/EObb5oOiszXHA25W6mOGpzUyhG+wO58v1NOjl0X3CLLTBvyY+2svokd0cxvM
q9eHFLOAZz6+2Myf2in3hobqiZL/hZl+9IBf/A4O2BsfmiOUeupp3wl0xwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMrW47Dt02eqXGSInSAJ+bthyNX+MB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEveXRianNPM1RaNnBjWklpZElBbjV1MkhJMWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBvEgiMAwD
BAC8SDsDBAa8SAAwDQYJKoZIhvcNAQELBQADggEBANANO8JKihe10oXnwtCrarLa
Cb8o3WN6zavm0hLgLgOhL3ezWTBMX62+vcK+RoC5HSFGL0WVdrRcEsTduSyPciXr
5X6OD+6wtxEiJu2nqLNLXnDl+/7129LHkI7zj7+BdFJqBKa5jmZwjBYInaQes8/Q
pqQ7rt6RNVUl5FWW+2rMzcdnA8czv8cD+mAHM6k1gm9tz1IU61EcNPNxCUtyb72b
kCLGkU16S49Ytm/Pq/+WTfXT4PUsEOovw/sGmoAH7Gmk+HV6rt+yQnvLaFIU+cM3
Lg9Z7Ve0NATNYjKFTUp3Y+0xaBd/89Y7A9+qMHxTxZYtD/vmHA2M+jaWESz/z4I=
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:27:58 2025 by rpki-client