Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/yh_TFGv62WCjfGOCg5WBC2nHG9o.roa
File: yh_TFGv62WCjfGOCg5WBC2nHG9o.roa (raw, json)
Hash identifier: 1vybMHsBwVzomC7K+i6F/LO/zgQzxXqKJd9E+8JRT9Y=
Subject key identifier: CA:1F:D3:14:6B:FA:D9:60:A3:7C:63:82:83:95:81:0B:69:C7:1B:DA
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 05D140C0
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/yh_TFGv62WCjfGOCg5WBC2nHG9o.roa
Signing time: Tue 08 Feb 2022 11:25:21 +0000
ROA not before: Tue 08 Feb 2022 11:25:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 94.26.89.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97599680 (0x5d140c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 8 11:25:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca1fd3146bfad960a37c63828395810b69c71bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2b:02:a6:8e:ca:e2:7a:ae:70:19:41:ce:39:
17:a9:bb:da:fc:db:ef:17:38:e4:e1:1d:96:3c:be:
f4:c4:02:3f:33:1e:de:ef:cc:d8:c2:5a:1e:76:af:
3f:bc:a0:f9:3c:93:d9:05:28:79:c5:b6:9d:9c:e3:
dc:92:7e:47:ac:80:34:ed:90:d9:dc:68:32:9f:69:
10:51:bd:81:f4:ad:bc:ca:2c:ba:b2:82:14:db:67:
85:e1:45:35:33:06:d2:63:9e:09:12:76:55:aa:81:
88:97:98:1a:db:8c:a5:31:fd:71:48:27:be:81:93:
e4:28:8a:8b:ba:6e:4c:07:bd:4c:39:48:2a:ce:70:
90:77:28:f2:1a:7c:ed:0e:52:4c:2d:92:89:40:b9:
23:b6:10:4c:90:6f:39:0b:0e:f5:1c:eb:a1:e1:a3:
4d:56:10:fe:b3:39:04:b2:b3:0f:07:fa:77:35:6c:
42:2c:22:7f:8c:28:26:be:b7:21:f5:d8:77:16:89:
9b:76:70:a6:40:37:a1:ff:0e:d0:59:85:2c:ac:74:
d6:b4:43:36:61:fa:e1:36:e8:7a:26:fc:82:2f:09:
bc:bf:e8:c8:74:46:14:da:26:c0:3d:12:2d:8e:7f:
3e:88:cc:2a:e1:e6:1c:cf:24:81:42:84:61:38:d2:
cd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1F:D3:14:6B:FA:D9:60:A3:7C:63:82:83:95:81:0B:69:C7:1B:DA
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/yh_TFGv62WCjfGOCg5WBC2nHG9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/22
91.92.34.0/24
94.26.89.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:ea:d6:b0:3a:ad:b3:43:84:e4:39:1d:cc:4f:fa:8f:ac:6a:
05:8f:ce:d8:a0:12:ff:f2:a3:4a:f2:b4:47:91:08:7c:f6:7b:
33:48:8e:e0:80:28:2b:5d:c8:4b:25:62:fa:70:d3:e9:38:4f:
e9:06:ff:13:0b:7e:c6:63:bc:3a:cf:13:1e:d6:e6:49:d9:0b:
93:64:45:94:72:de:e8:45:b4:b3:52:0c:78:e1:de:67:a8:eb:
23:b8:5d:93:c6:ac:cf:ea:78:10:fb:aa:c9:70:4b:5f:4c:7c:
71:0e:2d:87:20:c5:7e:cd:69:54:e2:83:5f:79:05:d7:2b:4a:
ac:0c:db:9a:dd:5d:e8:52:63:a0:43:49:00:94:e7:2f:10:ac:
e5:aa:8c:8c:54:ac:39:de:33:ba:9d:c2:7d:71:1c:24:f8:d0:
38:be:84:23:1a:60:a3:8d:25:e6:f5:31:80:ce:a7:ee:09:b8:
39:90:f0:27:f4:04:71:60:43:9a:19:63:be:6c:9e:51:a8:7f:
64:61:9a:12:3a:81:a7:49:1a:6c:5b:33:fa:15:32:42:e3:c2:
c5:74:2a:72:fe:fa:59:71:a4:e0:6e:5f:53:af:ee:d3:5e:6e:
eb:93:71:eb:99:14:4a:b6:eb:ce:d2:49:e1:a1:d1:ba:1e:de:
2a:84:21:ba
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBdFAwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDIw
ODExMjUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ExZmQzMTQ2YmZh
ZDk2MGEzN2M2MzgyODM5NTgxMGI2OWM3MWJkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIYrAqaOyuJ6rnAZQc45F6m72vzb7xc45OEdljy+9MQCPzMe
3u/M2MJaHnavP7yg+TyT2QUoecW2nZzj3JJ+R6yANO2Q2dxoMp9pEFG9gfStvMos
urKCFNtnheFFNTMG0mOeCRJ2VaqBiJeYGtuMpTH9cUgnvoGT5CiKi7puTAe9TDlI
Ks5wkHco8hp87Q5STC2SiUC5I7YQTJBvOQsO9RzroeGjTVYQ/rM5BLKzDwf6dzVs
Qiwif4woJr63IfXYdxaJm3ZwpkA3of8O0FmFLKx01rRDNmH64Tboeib8gi8JvL/o
yHRGFNomwD0SLY5/PojMKuHmHM8kgUKEYTjSzUsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTKH9MUa/rZYKN8Y4KDlYELaccb2jAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3loX1RGR3Y2MldDamZHT0NnNVdCQzJuSEc5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi2N6AMEAFtcIgMEAF4aWTANBgkq
hkiG9w0BAQsFAAOCAQEAqurWsDqts0OE5DkdzE/6j6xqBY/O2KAS//KjSvK0R5EI
fPZ7M0iO4IAoK13ISyVi+nDT6ThP6Qb/Ewt+xmO8Os8THtbmSdkLk2RFlHLe6EW0
s1IMeOHeZ6jrI7hdk8asz+p4EPuqyXBLX0x8cQ4thyDFfs1pVOKDX3kF1ytKrAzb
mt1d6FJjoENJAJTnLxCs5aqMjFSsOd4zup3CfXEcJPjQOL6EIxpgo40l5vUxgM6n
7gm4OZDwJ/QEcWBDmhljvmyeUah/ZGGaEjqBp0kabFsz+hUyQuPCxXQqcv76WXGk
4G5fU6/u015u65Nx65kUSrbrztJJ4aHRuh7eKoQhug==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:01:52 2025 by rpki-client