Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/YJnreUgEb72jM_beYHS1vmHBf14.roa
File: YJnreUgEb72jM_beYHS1vmHBf14.roa (raw, json)
Hash identifier: ZipBJRCoUmXxLp+6aX5n8LTe7NHU+eE9zNGyNOqF6wA=
Subject key identifier: 60:99:EB:79:48:04:6F:BD:A3:33:F6:DE:60:74:B5:BE:61:C1:7F:5E
Certificate issuer: /CN=27618505d3b4c000217590f7b7b59bf61ff2f375
Certificate serial: 01857321C31556C5D1F29A6381E4B94FAE69
Authority key identifier: 27:61:85:05:D3:B4:C0:00:21:75:90:F7:B7:B5:9B:F6:1F:F2:F3:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J2GFBdO0wAAhdZD3t7Wb9h_y83U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/YJnreUgEb72jM_beYHS1vmHBf14.roa
Signing time: Mon 02 Jan 2023 15:37:50 +0000
ROA not before: Mon 02 Jan 2023 15:37:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43568
IP address blocks: 178.250.216.0/21 maxlen: 21
77.247.144.0/20 maxlen: 21
128.0.16.0/21 maxlen: 21
2a02:2470::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:c3:15:56:c5:d1:f2:9a:63:81:e4:b9:4f:ae:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27618505d3b4c000217590f7b7b59bf61ff2f375
Validity
Not Before: Jan 2 15:37:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6099eb7948046fbda333f6de6074b5be61c17f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0f:a2:d4:56:38:c5:10:c6:cb:7d:30:aa:80:
76:ab:4d:42:ba:7b:5d:15:a0:04:68:23:3a:6e:b9:
ed:44:c3:0e:18:e8:37:9b:d8:e9:a1:ef:87:57:1a:
e7:00:91:21:df:88:f0:8c:31:c4:1a:34:8e:1e:1a:
10:39:27:5e:11:ca:31:1e:11:c9:d0:45:02:ad:2e:
1f:08:7a:d9:e4:1f:b1:ea:2b:a4:9b:c7:c1:3f:65:
69:45:1f:66:3a:dd:5d:cd:6f:52:c5:d4:f7:08:25:
a8:ca:5f:de:09:5d:34:d1:f2:1f:62:85:18:44:ff:
5d:a8:93:37:f0:c5:e2:7a:dc:5b:af:6f:e3:4f:f5:
1c:7a:5b:6d:8d:3d:0f:54:ec:86:be:ab:91:3f:c8:
02:04:d9:78:89:ac:63:f4:5f:6e:b7:df:c6:bf:aa:
3f:a1:2b:06:c7:a6:16:fe:72:a0:3c:b0:32:03:40:
e9:81:6d:ca:bb:3e:67:b8:43:3e:79:b2:a8:6e:b0:
b8:eb:95:6a:b6:4d:e8:39:8b:44:cc:3c:86:99:36:
90:fb:e6:c6:2f:80:aa:3d:7c:ed:6c:16:bb:f4:f8:
a3:8c:a0:00:6b:1d:02:27:77:d8:d6:3e:6e:45:6a:
e7:8f:34:0b:54:a7:ce:97:c8:69:d4:9d:2b:aa:cd:
58:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:99:EB:79:48:04:6F:BD:A3:33:F6:DE:60:74:B5:BE:61:C1:7F:5E
X509v3 Authority Key Identifier:
keyid:27:61:85:05:D3:B4:C0:00:21:75:90:F7:B7:B5:9B:F6:1F:F2:F3:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J2GFBdO0wAAhdZD3t7Wb9h_y83U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/YJnreUgEb72jM_beYHS1vmHBf14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/J2GFBdO0wAAhdZD3t7Wb9h_y83U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.144.0/20
128.0.16.0/21
178.250.216.0/21
IPv6:
2a02:2470::/29
Signature Algorithm: sha256WithRSAEncryption
0a:0e:42:84:e9:2f:57:ac:68:6b:b7:81:d7:98:e4:39:4c:ed:
4f:bf:c7:34:c7:3d:db:2b:6e:98:eb:59:fe:b8:ef:3b:77:15:
ea:7c:54:14:76:b5:6f:9f:a0:0f:0d:03:8c:5e:b5:e1:f8:2f:
3f:74:36:31:79:bc:bc:f8:02:cf:68:fa:5e:e5:c1:c9:7a:7a:
e5:24:d5:2a:77:12:d6:3c:2f:3e:70:46:63:13:d1:86:dc:3d:
80:05:6f:c5:7c:df:cb:f9:d2:c8:24:d4:e8:18:60:99:fd:d4:
cb:9f:41:ee:6e:75:0f:9d:41:8c:5a:38:2b:d7:aa:54:dd:49:
2f:21:c9:c6:20:03:8e:61:72:66:75:74:7b:57:1b:2f:b7:4b:
a3:2c:5c:89:90:81:95:ba:13:cc:c0:15:4f:63:3e:02:dd:f3:
a2:9c:b4:b8:fd:73:f4:7d:c7:64:e7:db:ea:ff:c9:53:b4:f0:
5d:7f:af:61:f1:74:4c:7e:0b:6c:dc:a7:29:95:27:d8:14:cf:
26:a8:4b:3a:c3:d9:1b:b7:61:f5:00:49:40:01:7f:3f:03:c4:
b1:dc:aa:b8:96:8f:01:72:93:f9:85:88:d0:b7:4a:67:cf:69:
cd:ac:e8:cb:62:f7:58:55:55:6c:4c:33:ec:62:88:e1:00:eb:
6c:14:81:bb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzIcMVVsXR8ppjgeS5T65pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NjE4NTA1ZDNiNGMwMDAyMTc1OTBmN2I3YjU5YmY2MWZm
MmYzNzUwHhcNMjMwMTAyMTUzNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDk5ZWI3OTQ4MDQ2ZmJkYTMzM2Y2ZGU2MDc0YjViZTYxYzE3ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg+i1FY4xRDGy30wqoB2q01Cuntd
FaAEaCM6brntRMMOGOg3m9jpoe+HVxrnAJEh34jwjDHEGjSOHhoQOSdeEcoxHhHJ
0EUCrS4fCHrZ5B+x6iukm8fBP2VpRR9mOt1dzW9SxdT3CCWoyl/eCV000fIfYoUY
RP9dqJM38MXietxbr2/jT/UcelttjT0PVOyGvquRP8gCBNl4iaxj9F9ut9/Gv6o/
oSsGx6YW/nKgPLAyA0DpgW3Kuz5nuEM+ebKobrC465Vqtk3oOYtEzDyGmTaQ++bG
L4CqPXztbBa79PijjKAAax0CJ3fY1j5uRWrnjzQLVKfOl8hp1J0rqs1YvwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGCZ63lIBG+9ozP23mB0tb5hwX9eMB8GA1UdIwQY
MBaAFCdhhQXTtMAAIXWQ97e1m/Yf8vN1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjJHRkJkTzB3QUFoZFpEM3Q3V2I5aF95ODNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83ZTYyNjItZWNkZC00MzM0LThiOWYt
OWQ1ZTU5Zjc2ZTZiLzEvWUpucmVVZ0ViNzJqTV9iZVlIUzF2bUhCZjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83ZTYyNjItZWNkZC00MzM0LThiOWYtOWQ1ZTU5Zjc2ZTZi
LzEvSjJHRkJkTzB3QUFoZFpEM3Q3V2I5aF95ODNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETfeQAwQD
gAAQAwQDsvrYMA0EAgACMAcDBQMqAiRwMA0GCSqGSIb3DQEBCwUAA4IBAQAKDkKE
6S9XrGhrt4HXmOQ5TO1Pv8c0xz3bK26Y61n+uO87dxXqfFQUdrVvn6APDQOMXrXh
+C8/dDYxeby8+ALPaPpe5cHJenrlJNUqdxLWPC8+cEZjE9GG3D2ABW/FfN/L+dLI
JNToGGCZ/dTLn0HubnUPnUGMWjgr16pU3UkvIcnGIAOOYXJmdXR7Vxsvt0ujLFyJ
kIGVuhPMwBVPYz4C3fOinLS4/XP0fcdk59vq/8lTtPBdf69h8XRMfgts3KcplSfY
FM8mqEs6w9kbt2H1AElAAX8/A8Sx3Kq4lo8BcpP5hYjQt0pnz2nNrOjLYvdYVVVs
TDPsYojhAOtsFIG7
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:56 2025 by rpki-client