Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/yFcLjoidmuoeNY6dNf02j66xKus.roa
File: yFcLjoidmuoeNY6dNf02j66xKus.roa (raw, json)
Hash identifier: CCYTRCMevEZ57Xj2NrubNo9goJ16LSFRumYoWbsNPvw=
Subject key identifier: C8:57:0B:8E:88:9D:9A:EA:1E:35:8E:9D:35:FD:36:8F:AE:B1:2A:EB
Certificate issuer: /CN=73fdae1505049e446d5b0d144acc860d6c18167c
Certificate serial: 01856E38E96825EA542BA97146778F9A2725
Authority key identifier: 73:FD:AE:15:05:04:9E:44:6D:5B:0D:14:4A:CC:86:0D:6C:18:16:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_2uFQUEnkRtWw0USsyGDWwYFnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/yFcLjoidmuoeNY6dNf02j66xKus.roa
Signing time: Sun 01 Jan 2023 16:45:01 +0000
ROA not before: Sun 01 Jan 2023 16:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201601
IP address blocks: 94.177.25.0/24 maxlen: 24
176.112.144.0/22 maxlen: 22
176.112.152.0/22 maxlen: 22
176.112.148.0/22 maxlen: 22
185.68.208.0/22 maxlen: 22
176.112.156.0/22 maxlen: 22
2a05:1cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:e9:68:25:ea:54:2b:a9:71:46:77:8f:9a:27:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73fdae1505049e446d5b0d144acc860d6c18167c
Validity
Not Before: Jan 1 16:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8570b8e889d9aea1e358e9d35fd368faeb12aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:41:5f:ce:49:af:bf:2a:13:16:3c:15:7c:b6:
01:0c:12:18:6a:11:9d:90:ee:8d:ae:38:1f:3f:e1:
bf:35:f7:16:61:7b:40:58:95:ed:2d:e0:01:aa:58:
53:89:c2:d6:26:f4:61:d5:01:b9:ad:57:01:ab:60:
b7:a4:79:6f:92:e6:ac:99:95:fb:ab:04:db:5a:d8:
77:bc:b1:33:c2:62:03:c3:f5:7d:26:04:5b:df:29:
ea:49:a8:a1:d0:5f:2b:6a:61:ae:7c:58:b7:fa:d5:
d8:d3:0f:2a:ac:0a:f6:17:c1:37:5d:97:18:69:52:
34:ed:79:e6:fe:7c:c6:dc:26:be:d1:bc:3f:ea:47:
79:54:eb:24:c1:78:c6:6b:a2:be:b3:06:6f:d2:ec:
f4:46:f8:63:32:8c:ca:8f:08:ad:fa:a0:dc:75:19:
7c:a3:68:a5:5d:15:91:7a:50:5f:68:c8:a3:f5:d7:
ec:8a:94:0d:7d:0d:17:50:a3:44:80:e5:33:41:d8:
5d:50:48:83:a4:ce:e8:56:33:eb:d4:a1:84:19:7e:
d2:70:29:b7:d5:b7:2c:36:31:40:90:f6:45:87:ff:
b1:30:bf:1d:fb:fd:6e:1b:f2:93:31:5d:35:a0:32:
0b:b7:75:a7:18:0d:8f:10:b5:1e:7e:a3:f6:a9:3c:
9f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:57:0B:8E:88:9D:9A:EA:1E:35:8E:9D:35:FD:36:8F:AE:B1:2A:EB
X509v3 Authority Key Identifier:
keyid:73:FD:AE:15:05:04:9E:44:6D:5B:0D:14:4A:CC:86:0D:6C:18:16:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_2uFQUEnkRtWw0USsyGDWwYFnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/yFcLjoidmuoeNY6dNf02j66xKus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c3fcd9-00c8-436b-8c01-a5fea604ad53/1/c_2uFQUEnkRtWw0USsyGDWwYFnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.25.0/24
176.112.144.0/20
185.68.208.0/22
IPv6:
2a05:1cc0::/29
Signature Algorithm: sha256WithRSAEncryption
04:01:a6:34:66:60:38:73:98:8b:94:57:dc:60:05:3a:90:a5:
44:92:16:28:1d:86:ad:d1:17:74:3e:2b:a9:bc:12:e1:72:82:
f4:90:cf:46:90:31:1f:e8:08:90:b5:36:37:90:90:a5:92:9e:
a7:03:cc:4e:82:c5:aa:29:45:9b:1f:5c:27:cd:52:4f:63:a0:
0d:c6:4e:fb:e4:20:5a:e6:d7:8b:2f:f9:11:35:dd:e9:c4:f7:
55:3f:07:b0:9f:82:fc:41:d0:b9:9e:be:0c:a8:89:22:48:11:
67:15:25:1f:b6:1f:04:3e:76:1a:c8:37:23:1c:48:cc:97:5f:
20:44:75:b6:52:84:b1:fc:b0:03:71:7a:2f:15:8e:f0:ca:32:
de:57:76:f7:d7:69:f8:71:ca:38:b2:c7:f3:3e:49:15:4a:c4:
22:db:cf:25:b2:2c:7f:a8:f3:f2:e6:27:54:f2:a6:9f:51:e8:
97:78:c3:81:62:e5:40:66:63:28:f0:db:c9:42:10:25:12:8e:
6a:2d:d9:fa:c0:6e:39:08:29:2c:5e:2d:a1:66:72:9c:d5:e5:
49:c9:56:e4:c6:8e:fb:23:b5:74:05:cd:95:02:03:c0:9f:7e:
8b:b9:22:8a:32:6d:02:c0:c0:e7:b3:05:cb:d3:16:90:3a:60:
d5:bd:b0:d6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuOOloJepUK6lxRnePmiclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZmRhZTE1MDUwNDllNDQ2ZDViMGQxNDRhY2M4NjBkNmMx
ODE2N2MwHhcNMjMwMTAxMTY0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODU3MGI4ZTg4OWQ5YWVhMWUzNThlOWQzNWZkMzY4ZmFlYjEyYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUFfzkmvvyoTFjwVfLYBDBIYahGd
kO6NrjgfP+G/NfcWYXtAWJXtLeABqlhTicLWJvRh1QG5rVcBq2C3pHlvkuasmZX7
qwTbWth3vLEzwmIDw/V9JgRb3ynqSaih0F8ramGufFi3+tXY0w8qrAr2F8E3XZcY
aVI07Xnm/nzG3Ca+0bw/6kd5VOskwXjGa6K+swZv0uz0RvhjMozKjwit+qDcdRl8
o2ilXRWRelBfaMij9dfsipQNfQ0XUKNEgOUzQdhdUEiDpM7oVjPr1KGEGX7ScCm3
1bcsNjFAkPZFh/+xML8d+/1uG/KTMV01oDILt3WnGA2PELUefqP2qTyfbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMhXC46InZrqHjWOnTX9No+usSrrMB8GA1UdIwQY
MBaAFHP9rhUFBJ5EbVsNFErMhg1sGBZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY18ydUZRVUVua1J0V3cwVVNzeUdEV3dZRm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jM2ZjZDktMDBjOC00MzZiLThjMDEt
YTVmZWE2MDRhZDUzLzEveUZjTGpvaWRtdW9lTlk2ZE5mMDJqNjZ4S3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jM2ZjZDktMDBjOC00MzZiLThjMDEtYTVmZWE2MDRhZDUz
LzEvY18ydUZRVUVua1J0V3cwVVNzeUdEV3dZRm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXrEZAwQE
sHCQAwQCuUTQMA0EAgACMAcDBQMqBRzAMA0GCSqGSIb3DQEBCwUAA4IBAQAEAaY0
ZmA4c5iLlFfcYAU6kKVEkhYoHYat0Rd0PiupvBLhcoL0kM9GkDEf6AiQtTY3kJCl
kp6nA8xOgsWqKUWbH1wnzVJPY6ANxk775CBa5teLL/kRNd3pxPdVPwewn4L8QdC5
nr4MqIkiSBFnFSUfth8EPnYayDcjHEjMl18gRHW2UoSx/LADcXovFY7wyjLeV3b3
12n4cco4ssfzPkkVSsQi288lsix/qPPy5idU8qafUeiXeMOBYuVAZmMo8NvJQhAl
Eo5qLdn6wG45CCksXi2hZnKc1eVJyVbkxo77I7V0Bc2VAgPAn36LuSKKMm0CwMDn
swXL0xaQOmDVvbDW
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:09:25 2025 by rpki-client