Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/yjNn9jYmpHrfwN4MmiWbgwJAlJ8.roa
File: yjNn9jYmpHrfwN4MmiWbgwJAlJ8.roa (raw, json)
Hash identifier: t+M15x9NlbpzpQ1+GlNNuxoG8nz7sunO7WsRRjjY09E=
Subject key identifier: CA:33:67:F6:36:26:A4:7A:DF:C0:DE:0C:9A:25:9B:83:02:40:94:9F
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 0DF2DD52
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/yjNn9jYmpHrfwN4MmiWbgwJAlJ8.roa
Signing time: Thu 03 Mar 2022 15:59:14 +0000
ROA not before: Thu 03 Mar 2022 15:59:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28836
IP address blocks: 185.194.84.0/24 maxlen: 24
185.194.85.0/24 maxlen: 24
91.230.171.0/24 maxlen: 24
91.230.170.0/24 maxlen: 24
91.230.176.0/24 maxlen: 24
91.230.177.0/24 maxlen: 24
91.230.178.0/24 maxlen: 24
194.213.114.0/24 maxlen: 24
194.213.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234020178 (0xdf2dd52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Mar 3 15:59:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca3367f63626a47adfc0de0c9a259b830240949f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:57:80:7b:3a:0e:fe:72:72:cb:fc:32:2c:d7:
7c:4d:ef:47:04:5c:a1:60:00:d4:9a:82:c7:e6:86:
18:84:79:69:1a:d2:30:5e:fb:61:17:39:b0:f2:f8:
89:1a:88:68:1a:83:a7:6e:f6:c3:f5:bc:c6:db:f5:
04:ea:d5:e2:90:db:e7:9c:92:7b:92:53:53:2a:f1:
06:e5:10:b3:d8:11:dc:94:c0:5b:2c:99:d4:96:7e:
95:4b:15:b2:f3:95:91:4a:5f:5e:32:79:5d:75:ad:
f0:37:fd:7b:ca:d7:91:48:93:74:29:1e:07:94:af:
40:76:31:88:27:ff:f9:2a:e0:05:b9:a2:90:88:34:
60:06:44:c8:0a:a8:2f:84:ea:a7:e8:22:41:00:16:
7e:59:04:c7:26:0b:84:2f:21:4a:5e:bb:72:bd:01:
e3:ec:2e:62:6c:d2:41:58:91:c9:e5:95:3b:6e:0c:
e4:94:c5:c2:e7:83:37:48:a3:0a:76:74:c4:f3:e1:
5b:e2:9c:66:0f:4c:4a:a8:56:39:fd:7c:a2:ff:5f:
12:b2:ed:b2:8c:4a:8a:64:12:0c:d9:32:ae:18:93:
9f:8c:96:f1:d2:27:b9:54:8b:0c:57:fd:35:44:6e:
63:d1:c0:5f:76:0a:0f:ed:a3:d4:d9:3d:9f:f1:85:
d5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:33:67:F6:36:26:A4:7A:DF:C0:DE:0C:9A:25:9B:83:02:40:94:9F
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/yjNn9jYmpHrfwN4MmiWbgwJAlJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.170.0/23
91.230.176.0-91.230.178.255
185.194.84.0/23
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
53:45:c8:c1:51:54:18:b2:d3:9c:95:42:54:08:9d:73:bb:c0:
b2:48:5a:46:0e:b5:46:37:c2:58:a9:35:ee:fc:5a:24:96:02:
1c:21:b7:26:d7:fb:3e:88:50:a8:d1:d3:1f:f0:0a:72:04:9f:
49:2a:df:17:4b:f5:36:6a:0c:95:27:bf:11:58:a9:61:25:79:
0a:58:a0:7d:2c:2c:63:4c:5f:99:a3:ec:2c:71:25:a7:7c:31:
74:ce:9d:33:72:e5:69:6b:61:1f:66:97:24:e9:12:16:e6:6c:
0a:0a:b6:5f:52:83:f3:b6:e6:11:a1:ec:1e:44:b6:a2:3e:cc:
db:66:2f:7f:96:e7:66:ad:21:67:28:b4:88:3a:f1:c1:50:d3:
09:16:e3:dc:a9:ff:dc:e8:c7:0c:4b:5c:8d:58:d0:2f:46:07:
cf:6b:db:49:27:ec:e0:8a:c2:01:5a:6d:71:14:f1:91:b4:d7:
48:36:7b:57:bc:96:73:ee:23:d7:68:8c:ca:1b:df:0d:5a:d3:
29:41:9d:38:a9:b9:a3:fe:2b:56:fd:0e:9c:73:60:b6:8a:32:
01:ab:6b:74:9c:38:ae:5c:06:d7:d3:a8:1a:2c:7d:06:f1:34:
f5:67:98:e4:92:00:a6:76:39:31:7a:ba:f7:0f:d7:de:95:9a:
13:b2:9f:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEDfLdUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWEyYzJlY2Y1OGM0NGIzNWEwZGEyOTU3ZmY0ZGNhMmU2MGI2ODZhMB4XDTIyMDMw
MzE1NTkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2EzMzY3ZjYzNjI2
YTQ3YWRmYzBkZTBjOWEyNTliODMwMjQwOTQ5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpXgHs6Dv5ycsv8MizXfE3vRwRcoWAA1JqCx+aGGIR5aRrS
MF77YRc5sPL4iRqIaBqDp272w/W8xtv1BOrV4pDb55ySe5JTUyrxBuUQs9gR3JTA
WyyZ1JZ+lUsVsvOVkUpfXjJ5XXWt8Df9e8rXkUiTdCkeB5SvQHYxiCf/+SrgBbmi
kIg0YAZEyAqoL4Tqp+giQQAWflkExyYLhC8hSl67cr0B4+wuYmzSQViRyeWVO24M
5JTFwueDN0ijCnZ0xPPhW+KcZg9MSqhWOf18ov9fErLtsoxKimQSDNkyrhiTn4yW
8dInuVSLDFf9NURuY9HAX3YKD+2j1Nk9n/GF1bMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTKM2f2Niaket/A3gyaJZuDAkCUnzAfBgNVHSMEGDAWgBSZosLs9YxEs1oN
opV/9Nyi5gtoajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21hTEM3UFdNUkxOYURhS1ZmX1Rjb3VZTGFHby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvYmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8x
L3lqTm45alltcEhyZndONE1taVdiZ3dKQWxKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
YmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8xL21hTEM3UFdNUkxO
YURhS1ZmX1Rjb3VZTGFHby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAVvmqjAMAwQEW+awAwQAW+ayAwQB
ucJUAwQBwtVyMA0GCSqGSIb3DQEBCwUAA4IBAQBTRcjBUVQYstOclUJUCJ1zu8Cy
SFpGDrVGN8JYqTXu/FoklgIcIbcm1/s+iFCo0dMf8ApyBJ9JKt8XS/U2agyVJ78R
WKlhJXkKWKB9LCxjTF+Zo+wscSWnfDF0zp0zcuVpa2EfZpck6RIW5mwKCrZfUoPz
tuYRoeweRLaiPszbZi9/ludmrSFnKLSIOvHBUNMJFuPcqf/c6McMS1yNWNAvRgfP
a9tJJ+zgisIBWm1xFPGRtNdINntXvJZz7iPXaIzKG98NWtMpQZ04qbmj/itW/Q6c
c2C2ijIBq2t0nDiuXAbX06gaLH0G8TT1Z5jkkgCmdjkxerr3D9felZoTsp8y
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:46:57 2025 by rpki-client