Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/Yko36E0YU-gyPU9-krIg4PhNf3M.roa
File: Yko36E0YU-gyPU9-krIg4PhNf3M.roa (raw, json)
Hash identifier: ImGQKfew8T8he2Px9+JXJRPgTXKUHah6VbzWHFmjKRY=
Subject key identifier: 62:4A:37:E8:4D:18:53:E8:32:3D:4F:7E:92:B2:20:E0:F8:4D:7F:73
Certificate issuer: /CN=8293905afa134944f0630c949f3abda40646dac1
Certificate serial: 018C10392B8CC9BE168524EA9D81BF3DD812
Authority key identifier: 82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/Yko36E0YU-gyPU9-krIg4PhNf3M.roa
Signing time: Mon 27 Nov 2023 10:00:31 +0000
ROA not before: Mon 27 Nov 2023 10:00:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201333
IP address blocks: 194.156.8.0/22 maxlen: 24
185.78.48.0/22 maxlen: 24
193.243.184.0/24 maxlen: 24
185.54.212.0/22 maxlen: 24
45.11.116.0/22 maxlen: 24
2a02:4720::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:39:2b:8c:c9:be:16:85:24:ea:9d:81:bf:3d:d8:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8293905afa134944f0630c949f3abda40646dac1
Validity
Not Before: Nov 27 10:00:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=624a37e84d1853e8323d4f7e92b220e0f84d7f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e0:d2:da:b2:7f:1d:bb:f1:bd:4b:2a:34:b4:
a9:ba:ec:c5:0d:cd:9c:8b:69:91:10:79:ad:b6:b5:
14:ac:3f:b2:db:a5:43:ba:ae:9f:99:e9:21:07:b6:
f4:18:47:8b:5d:aa:d4:87:fb:64:22:16:ff:14:ca:
d8:82:56:77:33:f9:4a:dd:4d:82:96:50:75:77:71:
cb:fe:d7:7d:e0:92:b4:2f:a0:cb:d6:1d:26:5b:6b:
4d:95:f1:84:dc:08:7d:2f:d4:93:c0:ca:23:0b:52:
ff:b1:6e:be:15:4f:9f:a3:c8:ff:12:6f:3e:04:47:
33:92:b4:0e:a1:47:b8:60:9b:c9:93:2c:4d:06:ea:
ed:59:f5:60:6b:8f:c8:3a:eb:1c:7f:54:72:7f:19:
09:1d:6a:e4:5d:ea:61:82:17:38:26:8b:66:f5:b0:
7f:33:a1:49:b2:81:ae:b5:b9:49:19:7f:0f:02:4d:
ab:35:1c:0b:db:0e:bc:37:e3:7e:3b:c6:4a:76:26:
5f:2f:b9:7b:a1:0a:ae:cc:86:2e:57:94:b6:dd:fd:
e7:67:6c:54:3b:77:73:d0:64:4e:c1:2c:2c:12:dd:
36:4f:b7:60:ec:e9:e5:61:bd:23:20:a6:f6:49:57:
99:cc:03:7a:f1:ea:cd:b1:c6:6c:36:9d:ad:f2:db:
9e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:37:E8:4D:18:53:E8:32:3D:4F:7E:92:B2:20:E0:F8:4D:7F:73
X509v3 Authority Key Identifier:
keyid:82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/Yko36E0YU-gyPU9-krIg4PhNf3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.116.0/22
185.54.212.0/22
185.78.48.0/22
193.243.184.0/24
194.156.8.0/22
IPv6:
2a02:4720::/29
Signature Algorithm: sha256WithRSAEncryption
c0:97:8f:b3:36:78:3c:89:7f:83:71:0a:c7:32:3c:c7:ec:2e:
15:56:ea:0f:4c:52:5d:3f:75:9a:02:88:18:5b:37:94:47:7b:
e5:21:d5:5e:21:1b:5c:9b:03:10:37:fb:3e:c2:d1:b7:a1:5e:
0a:7c:e2:37:c1:37:54:4d:dd:a4:23:ec:1c:12:d7:33:b2:2d:
d5:80:69:b4:78:a5:59:51:0b:c3:8a:d1:d5:d9:98:63:f7:2e:
cc:bb:fc:e6:62:92:3b:b6:62:4d:ad:25:d8:ec:f6:b5:2a:cc:
dc:2a:b2:cc:6b:7a:cf:00:e9:f3:6f:d4:c4:03:e7:64:70:9f:
63:e5:83:5e:c3:95:6f:ff:24:a0:9b:8c:20:82:e1:57:9c:ed:
3d:55:11:c9:14:ef:f2:f9:76:32:15:b3:56:d5:a2:01:b9:d3:
cf:fa:e5:0f:14:72:e8:47:83:e2:e4:82:a0:cf:c1:0c:c9:de:
21:53:9f:a6:2c:b4:25:0e:0b:d4:ad:c6:26:f2:dc:8d:bc:49:
5e:3e:af:da:45:77:3e:98:8f:b7:9c:62:a9:f8:42:cc:e9:62:
b5:35:30:75:af:2b:75:16:76:2e:10:5a:4f:55:08:4d:29:2d:
ce:a2:ad:79:b3:b9:6e:0f:e9:a6:a9:bb:c1:38:4b:82:a4:11:
b6:87:30:39
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYwQOSuMyb4WhSTqnYG/PdgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOTM5MDVhZmExMzQ5NDRmMDYzMGM5NDlmM2FiZGE0MDY0
NmRhYzEwHhcNMjMxMTI3MTAwMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhMzdlODRkMTg1M2U4MzIzZDRmN2U5MmIyMjBlMGY4NGQ3ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uDS2rJ/HbvxvUsqNLSpuuzFDc2c
i2mREHmttrUUrD+y26VDuq6fmekhB7b0GEeLXarUh/tkIhb/FMrYglZ3M/lK3U2C
llB1d3HL/td94JK0L6DL1h0mW2tNlfGE3Ah9L9STwMojC1L/sW6+FU+fo8j/Em8+
BEczkrQOoUe4YJvJkyxNBurtWfVga4/IOuscf1RyfxkJHWrkXephghc4Jotm9bB/
M6FJsoGutblJGX8PAk2rNRwL2w68N+N+O8ZKdiZfL7l7oQquzIYuV5S23f3nZ2xU
O3dz0GROwSwsEt02T7dg7OnlYb0jIKb2SVeZzAN68erNscZsNp2t8tuetwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGJKN+hNGFPoMj1PfpKyIOD4TX9zMB8GA1UdIwQY
MBaAFIKTkFr6E0lE8GMMlJ86vaQGRtrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQt
ODEwOTVhMTNiOWRlLzEvWWtvMzZFMFlVLWd5UFU5LWtySWc0UGhOZjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQtODEwOTVhMTNiOWRl
LzEvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLQt0AwQC
uTbUAwQCuU4wAwQAwfO4AwQCwpwIMA0EAgACMAcDBQMqAkcgMA0GCSqGSIb3DQEB
CwUAA4IBAQDAl4+zNng8iX+DcQrHMjzH7C4VVuoPTFJdP3WaAogYWzeUR3vlIdVe
IRtcmwMQN/s+wtG3oV4KfOI3wTdUTd2kI+wcEtczsi3VgGm0eKVZUQvDitHV2Zhj
9y7Mu/zmYpI7tmJNrSXY7Pa1KszcKrLMa3rPAOnzb9TEA+dkcJ9j5YNew5Vv/ySg
m4wgguFXnO09VRHJFO/y+XYyFbNW1aIBudPP+uUPFHLoR4Pi5IKgz8EMyd4hU5+m
LLQlDgvUrcYm8tyNvElePq/aRXc+mI+3nGKp+ELM6WK1NTB1ryt1FnYuEFpPVQhN
KS3Ooq15s7luD+mmqbvBOEuCpBG2hzA5
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:11:25 2025 by rpki-client