Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/YDLiVCGQ9GME-42eGq5v0wWm78A.roa
File: YDLiVCGQ9GME-42eGq5v0wWm78A.roa (raw, json)
Hash identifier: h8iTCq49oBHkU3wlPxT+9JL8b6DAARENBbbtGq0BD90=
Subject key identifier: 60:32:E2:54:21:90:F4:63:04:FB:8D:9E:1A:AE:6F:D3:05:A6:EF:C0
Certificate issuer: /CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Certificate serial: 1A0ADD0D
Authority key identifier: 01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/YDLiVCGQ9GME-42eGq5v0wWm78A.roa
Signing time: Sat 01 Jan 2022 15:05:01 +0000
ROA not before: Sat 01 Jan 2022 15:05:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20675
IP address blocks: 195.42.250.0/24 maxlen: 24
193.41.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436919565 (0x1a0add0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Validity
Not Before: Jan 1 15:05:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6032e2542190f46304fb8d9e1aae6fd305a6efc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:2c:91:3f:c5:e3:ae:e6:82:cf:a0:46:7c:
e6:04:25:12:fa:82:e8:de:fd:91:db:df:f4:0a:0e:
8d:8d:2c:da:83:33:33:ab:97:90:ea:b1:c0:f9:a5:
86:07:fb:42:c0:93:b3:c1:75:5a:82:d0:90:fc:d1:
8e:db:93:51:54:94:48:75:89:e4:87:d7:11:e4:63:
80:a5:b8:20:ff:00:71:71:77:b4:f3:cd:36:5a:c4:
0e:f6:62:40:e3:52:fb:ba:98:72:3a:51:b8:ac:55:
df:b1:4c:5f:8b:1b:bb:3e:ca:33:ed:25:af:fb:a1:
71:01:bf:00:a8:bb:b9:5f:a7:9b:25:b8:56:97:1c:
de:d1:6e:c8:d2:a5:36:41:be:01:71:6e:64:ae:ce:
ef:39:5d:7a:80:31:a8:a5:ff:66:1a:b7:bd:72:d7:
f0:c5:c7:a4:4b:94:16:c6:9c:0c:15:47:5b:51:b3:
d7:aa:f8:8c:f4:6b:19:b3:63:ba:e3:b6:65:c0:b1:
40:67:92:ba:0c:27:38:45:34:ef:61:57:e0:81:fa:
3e:8d:4b:e8:c2:c2:fb:35:c6:74:86:94:fb:04:a6:
89:90:4a:1e:cf:59:a5:9f:0b:c6:a2:fc:ff:54:1f:
e2:d7:b0:89:f3:cd:8b:b6:d1:76:9c:66:ad:0f:ec:
e0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:32:E2:54:21:90:F4:63:04:FB:8D:9E:1A:AE:6F:D3:05:A6:EF:C0
X509v3 Authority Key Identifier:
keyid:01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/YDLiVCGQ9GME-42eGq5v0wWm78A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/AcS3hNgWbovQ9H1yD95frsFkWzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.83.0/24
195.42.250.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:f8:32:7e:65:ea:86:82:90:1d:8f:44:cb:f5:58:80:2f:02:
e2:e8:a7:60:c7:61:d1:4e:01:df:84:b7:b7:a2:78:bf:ca:c8:
49:35:f1:62:81:22:29:c7:0e:0b:d1:aa:3c:19:ce:cd:2a:c6:
a6:87:d8:5d:e4:68:2c:bf:2c:9e:56:08:ae:33:1a:54:2f:c9:
a2:a8:ba:e1:b7:1f:62:ba:37:9b:00:22:19:7b:08:74:16:f6:
18:d8:f2:9c:c9:f4:a5:70:8d:9b:f2:a5:6d:8f:82:01:ce:75:
62:eb:3f:73:95:d5:07:45:01:2c:2b:49:a3:89:72:b5:b2:95:
f7:a6:7c:04:3c:05:1b:00:37:4d:07:1b:25:81:aa:19:f2:ff:
fe:05:7e:48:b7:89:f1:11:8e:e6:34:59:6a:11:a6:fd:78:cb:
e9:49:82:da:0f:b8:44:c3:c8:7f:61:fe:96:39:7e:4c:7a:52:
09:fa:1a:a5:88:5c:1c:98:6a:10:cf:3a:44:03:41:cd:3c:6e:
4a:39:dd:d2:f7:50:3c:68:65:6c:ec:ea:58:27:67:2d:b0:16:
cc:41:59:0e:d6:6b:e9:a2:2a:ec:47:24:29:03:11:9c:26:13:
70:5d:89:83:49:a8:00:88:4f:e0:8f:de:fc:12:18:7c:37:60:
27:5e:9d:41
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGgrdDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWM0Yjc4NGQ4MTY2ZThiZDBmNDdkNzIwZmRlNWZhZWMxNjQ1YjM0MB4XDTIyMDEw
MTE1MDUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjAzMmUyNTQyMTkw
ZjQ2MzA0ZmI4ZDllMWFhZTZmZDMwNWE2ZWZjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKu+LJE/xeOu5oLPoEZ85gQlEvqC6N79kdvf9AoOjY0s2oMz
M6uXkOqxwPmlhgf7QsCTs8F1WoLQkPzRjtuTUVSUSHWJ5IfXEeRjgKW4IP8AcXF3
tPPNNlrEDvZiQONS+7qYcjpRuKxV37FMX4sbuz7KM+0lr/uhcQG/AKi7uV+nmyW4
Vpcc3tFuyNKlNkG+AXFuZK7O7zldeoAxqKX/Zhq3vXLX8MXHpEuUFsacDBVHW1Gz
16r4jPRrGbNjuuO2ZcCxQGeSugwnOEU072FX4IH6Po1L6MLC+zXGdIaU+wSmiZBK
Hs9ZpZ8LxqL8/1Qf4tewifPNi7bRdpxmrQ/s4AMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRgMuJUIZD0YwT7jZ4arm/TBabvwDAfBgNVHSMEGDAWgBQBxLeE2BZui9D0
fXIP3l+uwWRbNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FjUzNoTmdXYm92UTlIMXlEOTVmcnNGa1d6US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZjJiODQwLTJjODUtNDY1Yi04YjkzLTViNWJlYjEwNTEzYi8x
L1lETGlWQ0dROUdNRS00MmVHcTV2MHdXbTc4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZjJiODQwLTJjODUtNDY1Yi04YjkzLTViNWJlYjEwNTEzYi8xL0FjUzNoTmdXYm92
UTlIMXlEOTVmcnNGa1d6US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMEpUwMEAMMq+jANBgkqhkiG9w0B
AQsFAAOCAQEAavgyfmXqhoKQHY9Ey/VYgC8C4uinYMdh0U4B34S3t6J4v8rISTXx
YoEiKccOC9GqPBnOzSrGpofYXeRoLL8snlYIrjMaVC/Joqi64bcfYro3mwAiGXsI
dBb2GNjynMn0pXCNm/KlbY+CAc51Yus/c5XVB0UBLCtJo4lytbKV96Z8BDwFGwA3
TQcbJYGqGfL//gV+SLeJ8RGO5jRZahGm/XjL6UmC2g+4RMPIf2H+ljl+THpSCfoa
pYhcHJhqEM86RANBzTxuSjnd0vdQPGhlbOzqWCdnLbAWzEFZDtZr6aIq7EckKQMR
nCYTcF2Jg0moAIhP4I/e/BIYfDdgJ16dQQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:22 2025 by rpki-client