Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/y4VKMpmrYgYIe9sDH-E6IZbV7aQ.roa
File: y4VKMpmrYgYIe9sDH-E6IZbV7aQ.roa (raw, json)
Hash identifier: QEpxBIf9lGO9jLfDWDcYWXnRtPChUJJMRPC1O1DlfiM=
Subject key identifier: CB:85:4A:32:99:AB:62:06:08:7B:DB:03:1F:E1:3A:21:96:D5:ED:A4
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0186038622DAA95ED0279A71C04400A19C76
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/y4VKMpmrYgYIe9sDH-E6IZbV7aQ.roa
Signing time: Mon 30 Jan 2023 16:32:47 +0000
ROA not before: Mon 30 Jan 2023 16:32:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 152.89.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:86:22:da:a9:5e:d0:27:9a:71:c0:44:00:a1:9c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 30 16:32:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb854a3299ab6206087bdb031fe13a2196d5eda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:40:10:a4:76:6d:be:31:5a:2b:87:1c:44:f8:
f7:6c:0c:ff:66:9d:d4:ea:1c:12:b0:fd:8a:32:94:
17:66:65:38:94:a5:c8:b2:de:51:12:c1:79:83:07:
90:84:4b:ef:5b:b1:28:5b:a2:74:9d:a5:7e:a3:b6:
41:5b:69:ff:12:15:59:41:a6:d0:62:eb:04:74:f8:
3b:ab:0d:4c:f6:ff:0e:15:40:44:c0:73:7b:e9:40:
f3:2c:6f:d4:a3:60:76:71:df:71:51:7e:0a:ec:f6:
54:d0:d0:5e:85:31:0d:6e:ca:d7:f6:f2:8e:74:8c:
38:0c:9b:5a:41:2f:1d:0f:13:07:98:af:75:d0:bf:
bb:c5:b4:7d:d0:b8:80:30:3f:93:e6:27:e4:77:24:
0a:8c:f4:83:2c:26:92:a6:02:38:1c:a7:e1:0f:d2:
cc:3d:bf:03:d0:99:52:24:03:e0:a1:43:49:94:5f:
94:44:29:b7:e7:9f:c7:74:e0:18:81:8b:ed:df:b1:
27:b6:44:53:9e:19:ba:d8:a8:94:63:48:f7:a8:b3:
76:5e:68:1b:39:96:e7:73:96:e3:af:95:36:32:e7:
ce:3e:3d:7e:ad:b5:11:30:45:4d:7c:15:2b:2c:ec:
4c:a6:0c:6f:41:53:20:8a:8f:90:a0:9a:9e:fe:ee:
36:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:85:4A:32:99:AB:62:06:08:7B:DB:03:1F:E1:3A:21:96:D5:ED:A4
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/y4VKMpmrYgYIe9sDH-E6IZbV7aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
90:ec:53:49:ba:eb:81:e3:ed:77:bf:15:16:8d:5b:9b:80:f2:
57:c0:f8:02:92:e8:4e:e7:b1:74:d6:97:e2:47:b8:28:d3:b6:
14:df:e0:de:da:48:0a:5d:c1:10:49:8c:eb:2e:eb:e3:d6:ef:
cd:20:6b:81:e8:73:6b:b0:1e:97:29:9f:73:d3:e4:d7:52:d3:
02:37:46:6c:ac:2f:cc:b8:17:56:ec:08:82:ab:92:99:fe:9f:
4f:ff:20:34:96:e7:e9:ed:7a:2f:b4:20:94:41:d4:5b:fd:ea:
dc:e9:d2:2e:af:5f:5d:55:c9:ea:4f:9b:93:a8:ef:74:9e:47:
11:40:70:77:bf:56:95:d9:33:e9:bb:f7:48:bb:a9:9b:7e:dc:
69:72:6c:d0:39:3c:26:d7:95:20:39:9a:d6:6d:29:90:8d:08:
9d:39:60:a3:15:27:d7:3c:d1:e9:7c:67:5e:36:90:47:02:e8:
8a:d1:29:11:2d:75:31:7c:32:11:b2:c0:57:94:e6:b3:ed:68:
67:44:5f:e9:21:54:56:30:5d:1a:03:c0:09:64:5e:4f:af:8a:
bd:36:3b:17:58:5b:06:ee:2f:84:ad:cb:5f:89:7e:33:c2:18:
ea:7c:cd:9f:dc:76:ac:d1:86:be:59:06:d5:28:b0:9a:c6:84:
59:90:49:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYDhiLaqV7QJ5pxwEQAoZx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwMTMwMTYzMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjg1NGEzMjk5YWI2MjA2MDg3YmRiMDMxZmUxM2EyMTk2ZDVlZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0AQpHZtvjFaK4ccRPj3bAz/Zp3U
6hwSsP2KMpQXZmU4lKXIst5REsF5gweQhEvvW7EoW6J0naV+o7ZBW2n/EhVZQabQ
YusEdPg7qw1M9v8OFUBEwHN76UDzLG/Uo2B2cd9xUX4K7PZU0NBehTENbsrX9vKO
dIw4DJtaQS8dDxMHmK910L+7xbR90LiAMD+T5ifkdyQKjPSDLCaSpgI4HKfhD9LM
Pb8D0JlSJAPgoUNJlF+URCm355/HdOAYgYvt37EntkRTnhm62KiUY0j3qLN2Xmgb
OZbnc5bjr5U2MufOPj1+rbURMEVNfBUrLOxMpgxvQVMgio+QoJqe/u42xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuFSjKZq2IGCHvbAx/hOiGW1e2kMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEveTRWS01wbXJZZ1lJZTlzREgtRTZJWmJWN2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFkcMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ7FNJuuuB4+13vxUWjVubgPJXwPgCkuhO57F01pfi
R7go07YU3+De2kgKXcEQSYzrLuvj1u/NIGuB6HNrsB6XKZ9z0+TXUtMCN0ZsrC/M
uBdW7AiCq5KZ/p9P/yA0lufp7XovtCCUQdRb/erc6dIur19dVcnqT5uTqO90nkcR
QHB3v1aV2TPpu/dIu6mbftxpcmzQOTwm15UgOZrWbSmQjQidOWCjFSfXPNHpfGde
NpBHAuiK0SkRLXUxfDIRssBXlOaz7WhnRF/pIVRWMF0aA8AJZF5Pr4q9NjsXWFsG
7i+ErctfiX4zwhjqfM2f3Has0Ya+WQbVKLCaxoRZkEmF
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:40 2025 by rpki-client