Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/7YykORJtCHg4djAg7OTCV7kBRds.roa
File: 7YykORJtCHg4djAg7OTCV7kBRds.roa (raw, json)
Hash identifier: uARA4HEjTzndgC5skjDSvTEET4e9SoUO8WrtT33dZ7w=
Subject key identifier: ED:8C:A4:39:12:6D:08:78:38:76:30:20:EC:E4:C2:57:B9:01:45:DB
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 018987DE6C90C4DED930B0DA7B579BA800C7
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/7YykORJtCHg4djAg7OTCV7kBRds.roa
Signing time: Mon 24 Jul 2023 12:27:28 +0000
ROA not before: Mon 24 Jul 2023 12:27:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50633
IP address blocks: 185.249.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:de:6c:90:c4:de:d9:30:b0:da:7b:57:9b:a8:00:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Jul 24 12:27:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed8ca439126d087838763020ece4c257b90145db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c2:fa:44:f8:9b:6c:80:ba:65:27:36:32:bc:
91:7e:4e:95:ab:b1:ae:dd:cb:6f:0b:f6:8e:07:6d:
34:64:e5:bf:76:27:a0:fc:d0:e3:92:1d:64:a7:71:
48:48:47:4d:cb:bb:c0:97:b6:4a:5e:1f:15:07:24:
71:54:81:42:81:84:88:2b:c3:74:fe:31:52:e7:49:
74:7d:b2:68:d4:60:09:05:82:be:63:21:2a:41:83:
78:44:22:d9:04:30:c6:0a:d4:36:d6:81:68:59:2c:
42:ca:56:c7:2d:dd:d9:84:c2:62:40:ea:1d:f2:26:
e1:de:9f:cf:e0:dd:4a:60:87:0f:02:32:3d:7d:f1:
3c:30:cf:ae:e5:c3:5e:b2:bb:6a:2e:64:85:ad:b3:
0f:0a:ad:b0:ff:87:b6:48:e0:07:74:ec:bf:63:bd:
75:ba:43:99:b9:72:b5:dd:fb:f6:ab:e5:59:37:74:
61:c2:ca:a2:9d:48:5e:61:e0:e5:2c:d8:1a:00:3d:
9b:5d:43:d8:d3:7e:79:a0:24:12:b5:8e:ae:ec:57:
1d:8e:fc:b8:26:b9:22:6d:58:c5:90:ad:6e:2d:86:
b8:cb:6a:15:2a:dc:40:1a:24:75:05:e3:a5:2c:64:
06:eb:77:e6:6f:3c:cd:21:95:81:9c:19:df:6d:6f:
0b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:8C:A4:39:12:6D:08:78:38:76:30:20:EC:E4:C2:57:B9:01:45:DB
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/7YykORJtCHg4djAg7OTCV7kBRds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.161.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e2:61:c0:a6:7c:53:28:ee:dd:30:4a:6e:48:3a:40:7c:e1:
13:1e:7a:b0:59:05:c1:1a:5c:b5:29:74:ec:e5:ef:4d:e7:c9:
e3:98:6d:33:c8:11:75:8a:e8:f6:64:fc:f8:61:08:b9:1c:04:
84:f4:05:06:fb:d6:cc:b9:b0:a6:20:30:8c:56:0f:25:7f:0d:
91:2e:bf:d2:91:74:82:bc:1e:53:6b:a0:e3:3c:39:11:44:9d:
14:63:cf:e1:37:cd:15:ea:b9:00:2a:57:47:4c:02:b4:9a:f2:
e5:43:29:73:bb:3f:03:5e:d5:09:cc:70:9b:a7:74:b2:55:f0:
b1:33:e7:ca:5e:f6:6a:6d:69:b9:3b:7b:fe:ab:4f:83:d3:72:
e3:70:eb:39:1d:3e:c0:bf:79:40:f7:73:37:2e:02:e6:8b:18:
c1:2e:af:82:e4:30:25:c9:e2:6d:e3:70:44:f5:84:74:24:6e:
36:d7:56:72:d9:4d:d4:5a:61:5d:2f:63:41:4b:fa:63:ac:00:
a1:e2:30:c6:3a:9d:5a:be:9f:98:b8:89:db:23:8d:de:04:46:
23:af:fe:92:8a:4c:a3:ef:cd:cc:49:69:1d:3c:87:17:d1:f4:
1c:d0:64:76:11:c6:20:10:1b:d7:b7:ae:00:9e:51:a2:0b:72:
28:18:6d:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmH3myQxN7ZMLDae1ebqADHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTJiMDNlMWIwMTcwOTYzODk0MGQ5NTkyOTgzY2RlNzdl
Y2FiNzcwHhcNMjMwNzI0MTIyNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDhjYTQzOTEyNmQwODc4Mzg3NjMwMjBlY2U0YzI1N2I5MDE0NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsL6RPibbIC6ZSc2MryRfk6Vq7Gu
3ctvC/aOB200ZOW/dieg/NDjkh1kp3FISEdNy7vAl7ZKXh8VByRxVIFCgYSIK8N0
/jFS50l0fbJo1GAJBYK+YyEqQYN4RCLZBDDGCtQ21oFoWSxCylbHLd3ZhMJiQOod
8ibh3p/P4N1KYIcPAjI9ffE8MM+u5cNesrtqLmSFrbMPCq2w/4e2SOAHdOy/Y711
ukOZuXK13fv2q+VZN3RhwsqinUheYeDlLNgaAD2bXUPY0355oCQStY6u7Fcdjvy4
JrkibVjFkK1uLYa4y2oVKtxAGiR1BeOlLGQG63fmbzzNIZWBnBnfbW8L/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2MpDkSbQh4OHYwIOzkwle5AUXbMB8GA1UdIwQY
MBaAFIRSsD4bAXCWOJQNlZKYPN537Kt3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQt
MjAwZmMyNzRjYjAxLzEvN1l5a09SSnRDSGc0ZGpBZzdPVENWN2tCUmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQtMjAwZmMyNzRjYjAx
LzEvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufmhMA0G
CSqGSIb3DQEBCwUAA4IBAQA34mHApnxTKO7dMEpuSDpAfOETHnqwWQXBGly1KXTs
5e9N58njmG0zyBF1iuj2ZPz4YQi5HASE9AUG+9bMubCmIDCMVg8lfw2RLr/SkXSC
vB5Ta6DjPDkRRJ0UY8/hN80V6rkAKldHTAK0mvLlQylzuz8DXtUJzHCbp3SyVfCx
M+fKXvZqbWm5O3v+q0+D03LjcOs5HT7Av3lA93M3LgLmixjBLq+C5DAlyeJt43BE
9YR0JG4211Zy2U3UWmFdL2NBS/pjrACh4jDGOp1avp+YuInbI43eBEYjr/6Sikyj
783MSWkdPIcX0fQc0GR2EcYgEBvXt64AnlGiC3IoGG3Q
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:59:36 2025 by rpki-client