Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/26761e-7c6f-488e-a21d-be3917c5e2f7/1/Y3sDIAUpv98_42RVier71oIDYMc.roa
File: Y3sDIAUpv98_42RVier71oIDYMc.roa (raw, json)
Hash identifier: a1yI10BEJpZ3arOdYjbK24p+amdiQs8FMNcE6zrZa1g=
Subject key identifier: 63:7B:03:20:05:29:BF:DF:3F:E3:64:55:89:EA:FB:D6:82:03:60:C7
Certificate issuer: /CN=1f430fc09a713b249acaa7678911e8d1e3233afd
Certificate serial: 01856F0B75C06F0BA179DD3C70EEFE6FA0C1
Authority key identifier: 1F:43:0F:C0:9A:71:3B:24:9A:CA:A7:67:89:11:E8:D1:E3:23:3A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0MPwJpxOySayqdniRHo0eMjOv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/26761e-7c6f-488e-a21d-be3917c5e2f7/1/Y3sDIAUpv98_42RVier71oIDYMc.roa
Signing time: Sun 01 Jan 2023 20:35:00 +0000
ROA not before: Sun 01 Jan 2023 20:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59933
IP address blocks: 185.39.248.0/22 maxlen: 23
2a01:4ae0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:75:c0:6f:0b:a1:79:dd:3c:70:ee:fe:6f:a0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f430fc09a713b249acaa7678911e8d1e3233afd
Validity
Not Before: Jan 1 20:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=637b03200529bfdf3fe3645589eafbd6820360c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:84:9d:af:5e:3c:46:99:ab:7c:4c:89:59:b3:
92:99:53:1a:81:1c:27:11:22:5f:3d:16:e1:8c:a4:
08:99:01:f5:1e:9f:6b:9a:55:80:20:6f:f2:a0:04:
9f:72:c8:7f:ed:37:ab:5c:fd:67:18:6f:d1:0d:ca:
2f:49:c3:df:dc:f4:9a:6d:98:af:12:bf:b6:e5:c7:
ea:4c:20:37:18:77:1b:2a:4e:e8:8a:e6:94:69:6f:
bf:88:77:55:e7:ab:01:c3:ed:97:73:56:82:ff:1d:
01:69:24:a4:6d:21:52:0d:f6:23:f0:1e:35:d0:79:
bf:38:f8:6e:4b:b7:fa:81:3c:58:8c:c6:a4:f7:fa:
f8:e3:b8:50:99:8b:0c:f5:10:65:e3:03:b8:66:60:
9d:ed:9d:1c:36:70:8b:e8:fa:ea:39:02:2f:fb:6a:
3f:8d:8d:b4:89:4e:b6:4f:68:ce:62:f3:73:2d:b6:
16:b4:65:d8:28:de:7d:e3:c0:48:5f:01:3f:bf:fe:
d6:5d:59:2b:d3:73:6d:ae:cd:26:03:20:a7:6c:44:
76:8b:da:55:81:c2:e8:e9:19:13:19:12:3b:1e:86:
61:8e:3a:ea:55:5c:ca:37:48:a7:47:4e:0f:02:95:
52:07:ae:21:de:c0:91:fa:1b:b3:41:97:51:b9:e2:
83:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7B:03:20:05:29:BF:DF:3F:E3:64:55:89:EA:FB:D6:82:03:60:C7
X509v3 Authority Key Identifier:
keyid:1F:43:0F:C0:9A:71:3B:24:9A:CA:A7:67:89:11:E8:D1:E3:23:3A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0MPwJpxOySayqdniRHo0eMjOv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/26761e-7c6f-488e-a21d-be3917c5e2f7/1/Y3sDIAUpv98_42RVier71oIDYMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/26761e-7c6f-488e-a21d-be3917c5e2f7/1/H0MPwJpxOySayqdniRHo0eMjOv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.248.0/22
IPv6:
2a01:4ae0::/32
Signature Algorithm: sha256WithRSAEncryption
76:5e:cb:ad:ca:05:1b:f4:90:03:33:56:fb:7d:75:33:83:79:
f9:23:91:8c:24:86:e7:ed:08:8f:ac:8c:1d:f6:d0:fb:18:3b:
55:8a:7f:69:cf:6f:51:7b:e3:4e:6e:e7:6a:e7:80:3f:1d:c9:
46:7b:57:72:7b:f9:5d:8f:7a:da:33:d2:d1:7a:61:00:11:5c:
e6:21:53:30:1a:53:8e:10:19:75:8f:77:d6:5b:c4:5f:4b:2b:
a1:f2:6f:e4:86:82:52:08:fb:48:7c:2f:bd:9f:80:45:96:ad:
49:6f:c1:ab:d9:ca:8c:55:56:65:16:8c:be:cf:8f:83:b3:17:
a4:c8:f7:fb:d9:f1:32:f7:9d:7a:b1:47:10:a9:3a:72:88:5f:
91:76:20:f0:ba:35:f1:1f:3e:64:23:a4:2d:ff:4b:5e:fb:5b:
9f:80:07:8d:d9:5e:16:42:4e:5c:37:99:69:e6:c6:9c:94:c8:
55:6b:25:cb:c5:fe:44:60:8c:b4:12:77:b2:2f:e2:9e:70:39:
b0:b3:83:3d:40:6a:b5:7f:fa:98:10:3a:ef:af:a3:c8:14:e6:
f1:6a:24:9d:1e:4d:fc:4e:d6:38:94:77:e0:8d:d4:a5:87:3b:
49:83:01:a4:ab:c4:33:75:29:5d:75:be:a6:f1:8f:0d:75:ac:
2a:ef:54:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC3XAbwuhed08cO7+b6DBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDMwZmMwOWE3MTNiMjQ5YWNhYTc2Nzg5MTFlOGQxZTMy
MzNhZmQwHhcNMjMwMTAxMjAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdiMDMyMDA1MjliZmRmM2ZlMzY0NTU4OWVhZmJkNjgyMDM2MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoSdr148RpmrfEyJWbOSmVMagRwn
ESJfPRbhjKQImQH1Hp9rmlWAIG/yoASfcsh/7TerXP1nGG/RDcovScPf3PSabZiv
Er+25cfqTCA3GHcbKk7oiuaUaW+/iHdV56sBw+2Xc1aC/x0BaSSkbSFSDfYj8B41
0Hm/OPhuS7f6gTxYjMak9/r447hQmYsM9RBl4wO4ZmCd7Z0cNnCL6PrqOQIv+2o/
jY20iU62T2jOYvNzLbYWtGXYKN5948BIXwE/v/7WXVkr03Ntrs0mAyCnbER2i9pV
gcLo6RkTGRI7HoZhjjrqVVzKN0inR04PApVSB64h3sCR+huzQZdRueKDZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGN7AyAFKb/fP+NkVYnq+9aCA2DHMB8GA1UdIwQY
MBaAFB9DD8CacTskmsqnZ4kR6NHjIzr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBNUHdKcHhPeVNheXFkbmlSSG8wZU1qT3YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8yNjc2MWUtN2M2Zi00ODhlLWEyMWQt
YmUzOTE3YzVlMmY3LzEvWTNzRElBVXB2OThfNDJSVmllcjcxb0lEWU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8yNjc2MWUtN2M2Zi00ODhlLWEyMWQtYmUzOTE3YzVlMmY3
LzEvSDBNUHdKcHhPeVNheXFkbmlSSG8wZU1qT3YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSf4MA0E
AgACMAcDBQAqAUrgMA0GCSqGSIb3DQEBCwUAA4IBAQB2XsutygUb9JADM1b7fXUz
g3n5I5GMJIbn7QiPrIwd9tD7GDtVin9pz29Re+NObudq54A/HclGe1dye/ldj3ra
M9LRemEAEVzmIVMwGlOOEBl1j3fWW8RfSyuh8m/khoJSCPtIfC+9n4BFlq1Jb8Gr
2cqMVVZlFoy+z4+DsxekyPf72fEy9516sUcQqTpyiF+RdiDwujXxHz5kI6Qt/0te
+1ufgAeN2V4WQk5cN5lp5saclMhVayXLxf5EYIy0EneyL+KecDmws4M9QGq1f/qY
EDrvr6PIFObxaiSdHk38TtY4lHfgjdSlhztJgwGkq8QzdSlddb6m8Y8Ndawq71TD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:28 2025 by rpki-client