Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/v_ykc1bpGnypmQMbgynObritNhU.roa
File: v_ykc1bpGnypmQMbgynObritNhU.roa (raw, json)
Hash identifier: 2I7xaymtsID6laji4ZVm9BR/qwxhtKBtqqwnyEeaheM=
Subject key identifier: BF:FC:A4:73:56:E9:1A:7C:A9:99:03:1B:83:29:CE:6E:B8:AD:36:15
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018BA8873825E2BB1DAE71C6096DF27860CB
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/v_ykc1bpGnypmQMbgynObritNhU.roa
Signing time: Tue 07 Nov 2023 06:45:15 +0000
ROA not before: Tue 07 Nov 2023 06:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 152.89.28.0/22 maxlen: 22
45.138.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:87:38:25:e2:bb:1d:ae:71:c6:09:6d:f2:78:60:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Nov 7 06:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bffca47356e91a7ca999031b8329ce6eb8ad3615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c2:50:13:b8:d9:7e:17:8b:de:20:b4:33:12:
14:5e:f1:f0:5b:5a:df:0d:f0:0c:76:bb:07:23:b2:
bb:d4:48:41:bb:05:61:8d:6c:ef:8a:2e:70:e6:80:
d7:e5:1c:9f:1d:1c:3a:ff:d7:6d:a2:36:46:22:69:
5b:1a:60:b7:81:74:99:d2:b6:ff:b2:08:73:ff:d3:
78:23:68:e9:a7:df:b0:21:ba:b1:c3:86:11:a1:59:
ed:ad:24:fa:8b:3d:79:29:ba:27:d3:71:5b:31:0a:
20:a5:a0:ba:ca:70:3d:81:ec:b8:9d:24:c9:29:b9:
ac:e6:90:42:57:d1:36:b8:73:83:de:a5:1d:62:a2:
c0:9a:5b:95:17:fa:d8:30:a1:32:59:17:27:39:b8:
e2:60:02:b9:4a:16:b4:6e:2d:1d:06:b4:16:b0:c5:
9c:03:49:1b:bd:2b:06:b7:c4:53:6e:53:a3:ca:90:
cf:10:36:da:a4:76:39:5c:eb:05:80:59:3d:a6:17:
f5:72:4b:4f:1e:7b:da:f9:5d:77:fd:78:38:51:02:
a0:3e:c0:f9:ac:19:c1:f7:db:72:a4:e8:ec:bf:78:
12:1f:67:61:99:5c:14:3c:60:6b:b8:a4:a2:13:e9:
c7:cb:87:63:71:32:0b:65:2d:d6:21:b0:e3:24:1b:
32:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FC:A4:73:56:E9:1A:7C:A9:99:03:1B:83:29:CE:6E:B8:AD:36:15
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/v_ykc1bpGnypmQMbgynObritNhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:3c:a1:e1:c8:5f:7a:61:29:ad:ef:67:84:85:a6:e0:57:7d:
9e:70:8e:99:d7:76:ef:1a:a3:3d:b1:ec:d4:1f:11:f9:55:0e:
04:54:56:f0:cb:9d:ca:b6:85:0e:20:7b:0d:00:1f:cb:1e:94:
ec:8f:bf:a9:c7:6e:ed:03:0e:f8:59:d9:ec:ef:23:a0:e7:62:
11:fa:87:e8:5c:4e:2c:d4:86:ca:e1:e4:07:85:55:a7:e5:c6:
80:34:80:81:91:4d:e1:fa:35:91:15:db:ce:91:ab:d7:5e:f4:
fe:b7:d3:6c:bc:55:a3:fc:e6:66:55:45:6d:30:f4:fa:dd:e4:
0c:8a:64:e5:16:2b:e0:ed:f1:cd:64:88:bb:a4:36:41:db:8e:
e9:f3:c4:e9:d0:88:34:3e:e6:72:60:b6:de:77:28:66:17:08:
bd:58:6e:c2:99:f3:f9:19:bc:d9:c2:c1:59:ef:88:1b:3f:b0:
66:76:59:4d:c0:f1:73:54:12:f3:7f:ca:d2:37:fd:b4:0e:0f:
82:fc:7d:ea:c7:43:1c:57:ec:09:5e:d8:ef:8b:2b:8d:f3:8b:
bb:6f:90:73:f7:45:5e:bb:df:d6:81:19:33:0d:89:7d:11:99:
c7:ff:2a:cb:a0:63:9e:fb:49:c8:a7:4a:ed:7e:fd:6f:89:bf:
45:32:86:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuohzgl4rsdrnHGCW3yeGDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMxMTA3MDY0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmZjYTQ3MzU2ZTkxYTdjYTk5OTAzMWI4MzI5Y2U2ZWI4YWQzNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8JQE7jZfheL3iC0MxIUXvHwW1rf
DfAMdrsHI7K71EhBuwVhjWzvii5w5oDX5RyfHRw6/9dtojZGImlbGmC3gXSZ0rb/
sghz/9N4I2jpp9+wIbqxw4YRoVntrST6iz15Kbon03FbMQogpaC6ynA9gey4nSTJ
Kbms5pBCV9E2uHOD3qUdYqLAmluVF/rYMKEyWRcnObjiYAK5Sha0bi0dBrQWsMWc
A0kbvSsGt8RTblOjypDPEDbapHY5XOsFgFk9phf1cktPHnva+V13/Xg4UQKgPsD5
rBnB99typOjsv3gSH2dhmVwUPGBruKSiE+nHy4djcTILZS3WIbDjJBsy0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL/8pHNW6Rp8qZkDG4Mpzm64rTYVMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvdl95a2MxYnBHbnlwbVFNYmd5bk9icml0TmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYoMAwQC
mFkcMA0GCSqGSIb3DQEBCwUAA4IBAQAtPKHhyF96YSmt72eEhabgV32ecI6Z13bv
GqM9sezUHxH5VQ4EVFbwy53KtoUOIHsNAB/LHpTsj7+px27tAw74Wdns7yOg52IR
+ofoXE4s1IbK4eQHhVWn5caANICBkU3h+jWRFdvOkavXXvT+t9NsvFWj/OZmVUVt
MPT63eQMimTlFivg7fHNZIi7pDZB247p88Tp0Ig0PuZyYLbedyhmFwi9WG7CmfP5
GbzZwsFZ74gbP7BmdllNwPFzVBLzf8rSN/20Dg+C/H3qx0McV+wJXtjviyuN84u7
b5Bz90Veu9/WgRkzDYl9EZnH/yrLoGOe+0nIp0rtfv1vib9FMoaK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:58 2025 by rpki-client