Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/yPyqL78Q5iEVXJnjyRZpAT6SrdY.roa
File: yPyqL78Q5iEVXJnjyRZpAT6SrdY.roa (raw, json)
Hash identifier: lnK7OTyxansDQD6Hv5ZMjnp5PnCU2aPjJrqFmFhyOKg=
Subject key identifier: C8:FC:AA:2F:BF:10:E6:21:15:5C:99:E3:C9:16:69:01:3E:92:AD:D6
Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb
Certificate serial: 0B04D375
Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/yPyqL78Q5iEVXJnjyRZpAT6SrdY.roa
Signing time: Sat 01 Jan 2022 02:51:12 +0000
ROA not before: Sat 01 Jan 2022 02:51:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20559
IP address blocks: 185.122.116.0/22 maxlen: 22
185.113.84.0/22 maxlen: 22
2a06:6940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184865653 (0xb04d375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb
Validity
Not Before: Jan 1 02:51:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8fcaa2fbf10e621155c99e3c91669013e92add6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:52:f9:08:9c:07:77:c5:28:45:a8:78:a3:0e:
3b:11:04:b9:3c:d6:48:4b:1a:b0:88:4b:86:0d:60:
87:81:97:d4:65:f5:2f:d5:01:a4:52:ce:aa:40:ae:
ad:58:c8:5e:56:cb:83:86:7f:58:fd:a8:f1:e7:d1:
4f:e2:b8:9b:81:6e:78:7d:33:96:9d:cd:44:fa:46:
1f:49:f9:ee:ea:c7:af:f8:09:53:17:a0:e0:c1:f9:
d8:ac:1e:01:aa:f1:1c:ed:b3:d7:26:c3:c2:39:df:
97:db:96:1d:f9:67:fd:61:a5:e9:1b:d6:8a:61:5f:
14:05:f5:10:5c:69:67:8a:dc:85:44:b0:9d:7c:e9:
f6:67:ae:1e:f9:7f:36:63:d9:19:b4:e9:6c:47:6a:
22:95:b3:42:c5:dd:ce:0b:3f:39:55:16:95:1f:fe:
81:2c:25:cf:24:2b:d9:7f:e4:60:0e:83:83:2e:40:
c9:c8:57:aa:d7:19:79:c2:7b:39:2a:52:1b:d6:77:
3f:2f:33:ab:2d:b0:63:64:79:4c:e4:d3:7a:c4:a4:
98:6e:ad:4c:37:0a:70:b2:94:a8:b3:f8:a1:e5:d8:
b9:ae:ea:89:93:18:14:2a:14:ae:69:e5:62:ef:59:
39:6a:16:dc:7e:76:fd:7c:4c:bb:c7:43:55:2a:08:
56:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FC:AA:2F:BF:10:E6:21:15:5C:99:E3:C9:16:69:01:3E:92:AD:D6
X509v3 Authority Key Identifier:
keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/yPyqL78Q5iEVXJnjyRZpAT6SrdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.84.0/22
185.122.116.0/22
IPv6:
2a06:6940::/29
Signature Algorithm: sha256WithRSAEncryption
39:96:63:40:27:d3:ac:97:ac:c6:2e:01:1e:af:88:83:cb:bf:
20:6f:3d:3d:12:49:99:c3:4a:7b:46:1c:83:d8:b8:a2:6d:22:
1e:ed:3a:8e:00:00:52:4b:ab:94:73:33:a3:d5:c0:25:9b:0c:
3b:11:f5:13:fa:71:88:b6:d4:fe:da:29:de:c2:1c:f5:9f:f9:
3a:df:ec:e2:e4:b9:13:59:62:97:be:ba:f9:51:9c:ac:55:8b:
70:88:f0:03:e1:60:70:d0:28:e0:9f:f1:df:df:91:37:fd:39:
48:6a:e8:f5:83:a5:9a:84:3a:d1:e8:bf:83:aa:aa:e2:7f:27:
be:f8:3a:2d:14:78:37:77:24:4c:47:3c:96:5c:d1:a5:a6:89:
77:5a:96:f0:bf:9a:d2:e2:45:ab:8e:04:86:9e:48:88:7a:4d:
1c:aa:71:99:55:58:1a:0f:8a:f2:ad:bf:22:de:7a:97:5d:15:
fa:fe:5f:e9:f8:08:ee:45:05:e5:19:55:17:11:e4:7f:ce:69:
f4:0f:90:d9:9c:49:da:f4:d1:17:3c:40:26:bd:84:30:d7:d5:
e4:65:57:25:61:ab:4b:20:4e:3d:8c:c8:2b:e1:d0:b9:d5:82:
34:f2:e8:f8:87:5d:90:47:47:9d:bc:62:46:32:1b:32:0f:db:
da:c6:35:e0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECwTTdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjlkODYwOTZhNDkxMTBjZjliZjY3MDI0MGI1MTkzMTViNjZhYmNiMB4XDTIyMDEw
MTAyNTExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhmY2FhMmZiZjEw
ZTYyMTE1NWM5OWUzYzkxNjY5MDEzZTkyYWRkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1S+QicB3fFKEWoeKMOOxEEuTzWSEsasIhLhg1gh4GX1GX1
L9UBpFLOqkCurVjIXlbLg4Z/WP2o8efRT+K4m4FueH0zlp3NRPpGH0n57urHr/gJ
Uxeg4MH52KweAarxHO2z1ybDwjnfl9uWHfln/WGl6RvWimFfFAX1EFxpZ4rchUSw
nXzp9meuHvl/NmPZGbTpbEdqIpWzQsXdzgs/OVUWlR/+gSwlzyQr2X/kYA6Dgy5A
ychXqtcZecJ7OSpSG9Z3Py8zqy2wY2R5TOTTesSkmG6tTDcKcLKUqLP4oeXYua7q
iZMYFCoUrmnlYu9ZOWoW3H52/XxMu8dDVSoIVrcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTI/KovvxDmIRVcmePJFmkBPpKt1jAfBgNVHSMEGDAWgBQLnYYJakkRDPm/
ZwJAtRkxW2aryzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M1MkdDV3BKRVF6NXYyY0NRTFVaTVZ0bXE4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvMWUxYTk3LWYyNzYtNGE1MS1iMWI1LThjMTA5MDlhNDg1Yy8x
L3lQeXFMNzhRNWlFVlhKbmp5UlpwQVQ2U3JkWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
MWUxYTk3LWYyNzYtNGE1MS1iMWI1LThjMTA5MDlhNDg1Yy8xL0M1MkdDV3BKRVF6
NXYyY0NRTFVaTVZ0bXE4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlxVAMEArl6dDANBAIAAjAHAwUD
KgZpQDANBgkqhkiG9w0BAQsFAAOCAQEAOZZjQCfTrJesxi4BHq+Ig8u/IG89PRJJ
mcNKe0Ycg9i4om0iHu06jgAAUkurlHMzo9XAJZsMOxH1E/pxiLbU/top3sIc9Z/5
Ot/s4uS5E1lil766+VGcrFWLcIjwA+FgcNAo4J/x39+RN/05SGro9YOlmoQ60ei/
g6qq4n8nvvg6LRR4N3ckTEc8llzRpaaJd1qW8L+a0uJFq44Ehp5IiHpNHKpxmVVY
Gg+K8q2/It56l10V+v5f6fgI7kUF5RlVFxHkf85p9A+Q2ZxJ2vTRFzxAJr2EMNfV
5GVXJWGrSyBOPYzIK+HQudWCNPLo+IddkEdHnbxiRjIbMg/b2sY14A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:40:48 2025 by rpki-client