Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/YwROFqG-7dA4qmGynE2aELb4r3g.roa
File: YwROFqG-7dA4qmGynE2aELb4r3g.roa (raw, json)
Hash identifier: gHUb0yAsayT5GeBwGFxFB3yiwBPZfV38yxMhfjnogao=
Subject key identifier: 63:04:4E:16:A1:BE:ED:D0:38:AA:61:B2:9C:4D:9A:10:B6:F8:AF:78
Certificate issuer: /CN=08af091858bb99651764399c6565df7a0834dbad
Certificate serial: 01879A77024621E45FB56CF4270AFCB30CC0
Authority key identifier: 08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/YwROFqG-7dA4qmGynE2aELb4r3g.roa
Signing time: Wed 19 Apr 2023 17:01:43 +0000
ROA not before: Wed 19 Apr 2023 17:01:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52045
IP address blocks: 185.41.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:77:02:46:21:e4:5f:b5:6c:f4:27:0a:fc:b3:0c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08af091858bb99651764399c6565df7a0834dbad
Validity
Not Before: Apr 19 17:01:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63044e16a1beedd038aa61b29c4d9a10b6f8af78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:87:74:21:92:ea:f7:56:5b:7f:c5:cc:b2:ef:
16:9a:81:ab:4f:69:86:20:74:b1:d9:70:dd:76:f0:
90:82:2a:03:de:43:e0:be:d2:9a:e1:ad:f9:97:ae:
ab:83:2d:76:8a:10:0a:02:3f:af:67:ef:92:01:9f:
1d:e5:9c:ca:2c:59:f6:ef:f2:9c:c7:2a:c8:90:46:
0c:73:25:30:88:70:56:1a:0e:8b:4a:93:96:04:85:
c0:22:6c:87:5c:e5:92:c3:b0:a8:1c:f5:3b:94:a8:
d1:88:c7:3b:de:46:ed:82:8f:bf:d0:bd:79:6e:6f:
77:54:47:16:71:4f:93:2f:74:f4:08:ad:1a:42:fc:
3b:ae:03:12:c5:9c:aa:f8:91:7a:01:47:b5:8a:ef:
99:60:ca:88:ba:3d:5a:03:34:23:8b:69:01:53:18:
34:c3:2d:20:26:05:15:3b:33:8c:98:03:fa:9f:d4:
a8:ef:83:be:4f:38:66:0a:c1:c5:f2:48:88:95:8f:
3f:6e:27:67:b9:35:c3:6e:0a:a9:78:b7:a6:ec:12:
2c:26:3f:3d:ba:93:69:ca:b2:d9:a2:2b:74:a8:b0:
2d:da:c2:c7:a3:27:72:58:99:90:e5:42:24:b0:a6:
eb:db:f8:bb:3a:98:3f:f1:c1:82:42:6f:ed:b5:44:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:04:4E:16:A1:BE:ED:D0:38:AA:61:B2:9C:4D:9A:10:B6:F8:AF:78
X509v3 Authority Key Identifier:
keyid:08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/YwROFqG-7dA4qmGynE2aELb4r3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.21.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:67:72:b8:a5:ab:d3:cb:d6:7b:b4:ec:58:40:df:b8:93:e3:
40:47:25:50:85:74:d0:50:77:b1:93:94:bc:6f:d2:0d:c2:bf:
1d:03:3a:03:09:1e:8d:a3:ff:15:65:56:e0:56:b4:62:ec:c3:
52:5d:5d:df:d4:15:c1:32:f1:17:81:8f:2f:5e:24:aa:18:5c:
fa:5e:59:6c:7c:c9:fd:4f:1d:60:fd:9c:3b:88:e9:5d:3d:cc:
54:96:40:21:47:1d:87:1a:53:72:51:81:ba:c0:ba:fc:31:73:
66:c9:6b:ad:44:f5:83:c8:4d:04:17:5b:9a:48:15:96:ff:1f:
51:db:7e:83:b0:45:e4:62:2b:70:fa:38:f5:7c:58:4b:13:f0:
73:59:fe:73:e8:94:a7:16:98:58:83:bf:b8:13:06:e8:2e:a4:
f2:1d:53:e9:3e:bb:83:12:eb:6d:9c:6e:11:36:f1:12:d2:a9:
e0:82:07:37:79:f1:12:6a:63:89:d3:5c:63:72:d1:05:a6:48:
4d:9e:c8:63:a6:0f:1a:47:6c:aa:59:76:df:7d:b4:c8:56:86:
7c:b2:47:b3:73:a1:a4:1e:5a:4d:f6:55:03:eb:3b:68:4f:5e:
e1:e4:77:7d:af:d8:93:52:1a:2a:77:f9:38:a0:9d:38:d3:36:
de:3f:1f:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeadwJGIeRftWz0Jwr8swzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YWYwOTE4NThiYjk5NjUxNzY0Mzk5YzY1NjVkZjdhMDgz
NGRiYWQwHhcNMjMwNDE5MTcwMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA0NGUxNmExYmVlZGQwMzhhYTYxYjI5YzRkOWExMGI2ZjhhZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYd0IZLq91Zbf8XMsu8WmoGrT2mG
IHSx2XDddvCQgioD3kPgvtKa4a35l66rgy12ihAKAj+vZ++SAZ8d5ZzKLFn27/Kc
xyrIkEYMcyUwiHBWGg6LSpOWBIXAImyHXOWSw7CoHPU7lKjRiMc73kbtgo+/0L15
bm93VEcWcU+TL3T0CK0aQvw7rgMSxZyq+JF6AUe1iu+ZYMqIuj1aAzQji2kBUxg0
wy0gJgUVOzOMmAP6n9So74O+TzhmCsHF8kiIlY8/bidnuTXDbgqpeLem7BIsJj89
upNpyrLZoit0qLAt2sLHoydyWJmQ5UIksKbr2/i7Opg/8cGCQm/ttUS6eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMEThahvu3QOKphspxNmhC2+K94MB8GA1UdIwQY
MBaAFAivCRhYu5llF2Q5nGVl33oINNutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYt
NTYxMjliN2RjMDE4LzEvWXdST0ZxRy03ZEE0cW1HeW5FMmFFTGI0cjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYtNTYxMjliN2RjMDE4
LzEvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSkVMA0G
CSqGSIb3DQEBCwUAA4IBAQC8Z3K4pavTy9Z7tOxYQN+4k+NARyVQhXTQUHexk5S8
b9INwr8dAzoDCR6No/8VZVbgVrRi7MNSXV3f1BXBMvEXgY8vXiSqGFz6XllsfMn9
Tx1g/Zw7iOldPcxUlkAhRx2HGlNyUYG6wLr8MXNmyWutRPWDyE0EF1uaSBWW/x9R
236DsEXkYitw+jj1fFhLE/BzWf5z6JSnFphYg7+4EwboLqTyHVPpPruDEuttnG4R
NvES0qngggc3efESamOJ01xjctEFpkhNnshjpg8aR2yqWXbffbTIVoZ8skezc6Gk
HlpN9lUD6ztoT17h5Hd9r9iTUhoqd/k4oJ040zbePx+M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:37 2025 by rpki-client