Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa
File: yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa (raw, json)
Hash identifier: Pk37ItECyAaL5DQd33spf2oTWwwjfyo8th8AzNIYF1U=
Subject key identifier: C9:2D:32:07:47:09:DA:17:42:61:C5:66:51:1B:65:11:83:92:3F:23
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 01828399F6F8109B83C68A790136B3324DC4
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa
Signing time: Tue 09 Aug 2022 17:14:41 +0000
ROA not before: Tue 09 Aug 2022 17:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 185.191.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:83:99:f6:f8:10:9b:83:c6:8a:79:01:36:b3:32:4d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Aug 9 17:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c92d32074709da174261c566511b651183923f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d9:74:36:c5:ab:75:5c:ea:e0:eb:68:f9:32:
75:c0:22:99:34:d8:b0:8f:86:f6:d7:49:97:be:79:
94:da:c8:ea:0a:5a:04:02:42:95:37:3e:11:58:e1:
d0:00:c1:64:dc:4e:b7:c9:5f:4d:10:71:43:d6:d5:
71:9b:16:b4:b9:b1:7d:13:72:22:34:60:d8:9e:4e:
2e:84:b0:3b:18:d7:4a:d3:50:60:65:60:5d:f1:df:
58:f5:4d:1a:1e:69:76:6f:88:77:53:b9:7d:56:7a:
a4:ea:c7:d4:d2:24:e7:13:b8:58:99:82:af:6b:24:
c8:5b:76:81:13:a6:0d:b7:04:01:ac:42:98:d2:90:
dc:bd:9f:f8:c5:be:8d:1d:d3:39:b3:f4:65:fa:4e:
65:5e:39:e4:89:9a:73:2d:d4:4b:65:d5:a5:4a:ab:
38:31:d8:1f:b9:e7:c6:20:df:d7:b5:4c:2b:67:b4:
e6:b3:43:3d:da:02:61:7c:f0:b9:60:1a:f6:23:20:
80:5b:e5:59:23:45:cc:40:bd:57:f5:fc:4a:8a:b8:
46:db:c0:71:b2:86:53:5f:9c:ca:1b:bf:46:ef:f1:
aa:d0:5d:4f:be:46:96:0a:a7:b4:6f:a4:f2:b9:f9:
51:95:d8:e8:98:c0:90:8d:39:36:27:ee:c9:22:fd:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2D:32:07:47:09:DA:17:42:61:C5:66:51:1B:65:11:83:92:3F:23
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.146.0/24
Signature Algorithm: sha256WithRSAEncryption
34:63:ec:b8:e8:9b:49:69:08:fb:ab:b6:b8:c3:94:dd:71:c0:
ac:2d:45:d5:60:c1:0c:c7:66:a1:73:bc:63:70:29:31:59:56:
dc:22:6c:4a:16:4b:6c:ca:60:2f:3d:1d:ea:0b:d7:8f:95:e4:
3b:47:81:c7:c1:35:32:ac:3b:3c:f9:f7:05:d5:82:40:cd:0a:
8a:de:8c:29:74:45:fb:0f:71:d5:c2:69:38:98:8a:88:8c:bc:
13:09:2d:fd:c1:c7:72:e6:f3:d2:ce:d6:fe:eb:6d:06:c3:61:
08:c5:a8:b1:29:93:4e:70:ab:18:f1:f9:c5:83:2b:09:72:aa:
57:30:f7:65:29:23:1b:fc:13:35:f3:86:5b:82:e8:10:9e:2a:
c4:49:16:38:d5:b7:4d:6f:9a:fa:f4:cb:48:f1:1b:a0:80:fe:
a5:c6:81:24:52:ac:aa:db:71:40:14:42:1e:2a:9d:0d:16:10:
bf:eb:28:e7:5c:73:8c:37:e6:c0:f5:16:ce:4e:15:31:52:e7:
7c:d3:22:e5:48:d3:84:21:41:b9:11:ba:25:c1:7b:81:42:c1:
a0:08:93:5c:4a:5d:29:e9:ac:51:9b:8b:d1:8a:d6:be:5b:c4:
dd:1f:62:f7:60:36:b4:19:a5:7c:1d:a6:91:a3:ab:70:70:5e:
aa:33:63:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKDmfb4EJuDxop5ATazMk3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIwODA5MTcxNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJkMzIwNzQ3MDlkYTE3NDI2MWM1NjY1MTFiNjUxMTgzOTIzZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNl0NsWrdVzq4Oto+TJ1wCKZNNiw
j4b210mXvnmU2sjqCloEAkKVNz4RWOHQAMFk3E63yV9NEHFD1tVxmxa0ubF9E3Ii
NGDYnk4uhLA7GNdK01BgZWBd8d9Y9U0aHml2b4h3U7l9Vnqk6sfU0iTnE7hYmYKv
ayTIW3aBE6YNtwQBrEKY0pDcvZ/4xb6NHdM5s/Rl+k5lXjnkiZpzLdRLZdWlSqs4
MdgfuefGIN/XtUwrZ7Tms0M92gJhfPC5YBr2IyCAW+VZI0XMQL1X9fxKirhG28Bx
soZTX5zKG79G7/Gq0F1PvkaWCqe0b6TyuflRldjomMCQjTk2J+7JIv2D7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMktMgdHCdoXQmHFZlEbZRGDkj8jMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEveVMweUIwY0oyaGRDWWNWbVVSdGxFWU9TUHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQA0Y+y46JtJaQj7q7a4w5TdccCsLUXVYMEMx2ahc7xj
cCkxWVbcImxKFktsymAvPR3qC9ePleQ7R4HHwTUyrDs8+fcF1YJAzQqK3owpdEX7
D3HVwmk4mIqIjLwTCS39wcdy5vPSztb+620Gw2EIxaixKZNOcKsY8fnFgysJcqpX
MPdlKSMb/BM184ZbgugQnirESRY41bdNb5r69MtI8RuggP6lxoEkUqyq23FAFEIe
Kp0NFhC/6yjnXHOMN+bA9RbOThUxUud80yLlSNOEIUG5EbolwXuBQsGgCJNcSl0p
6axRm4vRita+W8TdH2L3YDa0GaV8HaaRo6twcF6qM2NI
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:02:12 2025 by rpki-client