Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/cyVUk9xtr_Y6dHG1LjuGnidGmxg.roa
File: cyVUk9xtr_Y6dHG1LjuGnidGmxg.roa (raw, json)
Hash identifier: QXDe/RAGM0T2XYo4pJ4fd2ObFcYtO2sDYc6ZMWBlLoM=
Subject key identifier: 73:25:54:93:DC:6D:AF:F6:3A:74:71:B5:2E:3B:86:9E:27:46:9B:18
Certificate issuer: /CN=2e5664e02936cb5b5454d595c5382b7e7a0c7944
Certificate serial: 023E5ECF
Authority key identifier: 2E:56:64:E0:29:36:CB:5B:54:54:D5:95:C5:38:2B:7E:7A:0C:79:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LlZk4Ck2y1tUVNWVxTgrfnoMeUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/cyVUk9xtr_Y6dHG1LjuGnidGmxg.roa
Signing time: Sat 01 Jan 2022 04:56:56 +0000
ROA not before: Sat 01 Jan 2022 04:56:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29687
IP address blocks: 128.140.188.0/24 maxlen: 24
128.140.189.0/24 maxlen: 24
128.140.188.0/22 maxlen: 22
128.140.188.0/23 maxlen: 23
128.140.191.0/24 maxlen: 24
128.140.190.0/23 maxlen: 23
128.140.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37641935 (0x23e5ecf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e5664e02936cb5b5454d595c5382b7e7a0c7944
Validity
Not Before: Jan 1 04:56:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73255493dc6daff63a7471b52e3b869e27469b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:3a:38:54:f1:77:ea:34:b9:78:a6:5e:07:
ee:20:35:59:a2:58:b9:72:d1:6e:76:7b:aa:d8:2a:
8f:13:43:5f:ac:0f:ea:3c:cd:ce:c2:ea:02:45:af:
7d:45:29:6a:bb:2e:ff:70:df:ee:fc:d1:63:aa:87:
19:fe:d5:4a:d4:df:24:49:fe:48:16:91:3e:c6:46:
5f:f5:3c:af:59:58:18:20:40:bf:09:1f:98:11:e6:
7d:ec:4b:e4:ee:8c:77:60:be:28:1f:20:89:e1:8a:
71:03:3b:fb:d9:bf:95:43:82:73:41:c8:c1:12:ad:
f0:fa:c1:5e:16:fd:fe:32:eb:73:8b:80:e8:de:35:
2b:a2:c0:49:71:ec:a3:71:7a:e5:d9:db:3a:f4:94:
c1:78:57:10:1f:c3:ed:5d:01:a9:eb:d6:26:8b:a1:
c1:19:8e:16:56:99:b8:16:a7:3d:b0:72:15:f1:0a:
9d:e2:59:31:3c:3d:4c:56:48:bd:37:1d:91:aa:8e:
aa:78:af:24:e9:bd:de:1a:5a:e2:59:5c:f3:fa:73:
fe:b2:63:f8:ae:7b:30:5c:d1:55:87:e0:d3:20:44:
7d:2a:f6:02:bd:b7:cd:56:84:cd:28:cd:c4:a0:c3:
00:a7:08:0a:67:a9:6f:ac:e3:25:32:3f:1a:26:97:
67:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:25:54:93:DC:6D:AF:F6:3A:74:71:B5:2E:3B:86:9E:27:46:9B:18
X509v3 Authority Key Identifier:
keyid:2E:56:64:E0:29:36:CB:5B:54:54:D5:95:C5:38:2B:7E:7A:0C:79:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LlZk4Ck2y1tUVNWVxTgrfnoMeUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/cyVUk9xtr_Y6dHG1LjuGnidGmxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/27c919-ccce-46a9-84b3-ef81fca63029/1/LlZk4Ck2y1tUVNWVxTgrfnoMeUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:25:f3:cf:81:03:7c:72:a2:c7:72:5b:cd:bd:70:87:dd:3d:
77:69:0e:23:c8:fa:c9:89:e8:56:10:30:bb:52:37:41:95:72:
ce:ef:e9:7f:c8:6b:85:7e:37:26:a5:01:b5:4d:f4:e4:61:91:
e5:f2:81:66:a9:83:f1:62:cf:05:1b:58:66:34:4f:1d:a0:f0:
c4:b6:ee:cb:51:17:22:e4:ea:78:5e:fd:89:2b:be:a4:c9:f4:
00:6c:a0:94:33:32:e7:54:e7:a6:99:4a:7d:8a:b2:dd:39:df:
0d:61:6e:50:c6:cb:a2:a2:96:8a:7f:f1:5a:a0:74:2d:4b:31:
11:e1:43:d7:72:a0:a8:4b:6d:2b:eb:b2:1a:ee:06:3e:19:35:
f8:66:5e:df:22:f8:f3:0d:ee:92:eb:4d:86:4b:34:33:2b:a3:
c9:d6:27:18:c8:ff:c8:ad:55:9d:b6:c4:8d:63:76:cf:f5:c1:
7e:ce:72:b0:55:43:e3:cc:e1:f0:e2:c1:47:d1:3e:71:c9:be:
27:f0:0e:2e:13:44:01:68:f2:f3:59:36:8d:d6:5e:1e:f5:bf:
7c:81:6e:b7:87:a8:40:a3:11:19:e2:72:c4:f2:a3:20:d0:97:
35:ec:8f:92:a6:c0:6d:c8:5b:61:f3:4e:a0:2c:f6:c6:8e:b8:
0b:8c:7c:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAj5ezzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTU2NjRlMDI5MzZjYjViNTQ1NGQ1OTVjNTM4MmI3ZTdhMGM3OTQ0MB4XDTIyMDEw
MTA0NTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzMyNTU0OTNkYzZk
YWZmNjNhNzQ3MWI1MmUzYjg2OWUyNzQ2OWIxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVLOjhU8XfqNLl4pl4H7iA1WaJYuXLRbnZ7qtgqjxNDX6wP
6jzNzsLqAkWvfUUparsu/3Df7vzRY6qHGf7VStTfJEn+SBaRPsZGX/U8r1lYGCBA
vwkfmBHmfexL5O6Md2C+KB8gieGKcQM7+9m/lUOCc0HIwRKt8PrBXhb9/jLrc4uA
6N41K6LASXHso3F65dnbOvSUwXhXEB/D7V0BqevWJouhwRmOFlaZuBanPbByFfEK
neJZMTw9TFZIvTcdkaqOqnivJOm93hpa4llc8/pz/rJj+K57MFzRVYfg0yBEfSr2
Ar23zVaEzSjNxKDDAKcICmepb6zjJTI/GiaXZxUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRzJVST3G2v9jp0cbUuO4aeJ0abGDAfBgNVHSMEGDAWgBQuVmTgKTbLW1RU
1ZXFOCt+egx5RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xsWms0Q2syeTF0VVZOV1Z4VGdyZm5vTWVVUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvMjdjOTE5LWNjY2UtNDZhOS04NGIzLWVmODFmY2E2MzAyOS8x
L2N5VlVrOXh0cl9ZNmRIRzFManVHbmlkR214Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
MjdjOTE5LWNjY2UtNDZhOS04NGIzLWVmODFmY2E2MzAyOS8xL0xsWms0Q2syeTF0
VVZOV1Z4VGdyZm5vTWVVUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoCMvDANBgkqhkiG9w0BAQsFAAOC
AQEALyXzz4EDfHKix3Jbzb1wh909d2kOI8j6yYnoVhAwu1I3QZVyzu/pf8hrhX43
JqUBtU305GGR5fKBZqmD8WLPBRtYZjRPHaDwxLbuy1EXIuTqeF79iSu+pMn0AGyg
lDMy51TnpplKfYqy3TnfDWFuUMbLoqKWin/xWqB0LUsxEeFD13KgqEttK+uyGu4G
Phk1+GZe3yL48w3ukutNhks0MyujydYnGMj/yK1VnbbEjWN2z/XBfs5ysFVD48zh
8OLBR9E+ccm+J/AOLhNEAWjy81k2jdZeHvW/fIFut4eoQKMRGeJyxPKjINCXNeyP
kqbAbchbYfNOoCz2xo64C4x82Q==
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:45:35 2025 by rpki-client