Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/y3jlw5RFjxnB3Lb7zNSMwTHKwDU.roa
File: y3jlw5RFjxnB3Lb7zNSMwTHKwDU.roa (raw, json)
Hash identifier: 1qMA1dJBRNznxKKBxD1jwRlBFatyUw6TJF0PSlWaFY4=
Subject key identifier: CB:78:E5:C3:94:45:8F:19:C1:DC:B6:FB:CC:D4:8C:C1:31:CA:C0:35
Certificate issuer: /CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Certificate serial: 01856F0249D80E41BDDCFCB617538668BEBE
Authority key identifier: 1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/y3jlw5RFjxnB3Lb7zNSMwTHKwDU.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 94.16.128.0/17 maxlen: 24
185.74.160.0/22 maxlen: 22
2a00:9fe0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:49:d8:0e:41:bd:dc:fc:b6:17:53:86:68:be:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb78e5c394458f19c1dcb6fbccd48cc131cac035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:21:97:e3:a3:e5:92:a1:30:80:de:46:dd:54:
d4:0f:dd:84:e8:0b:89:3a:46:9b:a5:24:c8:2f:8b:
bb:5b:b4:b7:f5:d7:d2:03:f7:18:34:c0:57:b7:17:
2b:e6:42:0e:29:c8:1c:df:be:f4:9b:23:27:0a:4b:
d0:06:84:21:f7:2c:c4:ef:06:be:f6:b7:5c:28:34:
b0:cf:8b:0e:b4:4b:7b:1d:c6:0e:5d:1f:c4:a0:07:
f1:b9:54:81:32:b9:14:b3:61:20:7e:37:f7:3a:6e:
e1:1d:30:f4:a7:37:d5:aa:ca:ea:fd:f4:38:30:32:
0b:6c:5a:2f:54:ec:93:d3:06:04:fd:87:47:07:76:
64:b7:a2:8f:b7:53:0b:ee:cd:65:d5:56:4a:1d:dc:
40:49:32:5e:00:8b:bb:6c:6c:4a:1b:94:52:00:44:
68:19:2c:72:28:72:41:00:1b:51:43:b4:96:5b:bd:
ae:cb:04:0e:92:9e:b7:15:f0:b5:4c:1f:e6:00:dc:
23:00:10:64:2d:1f:0f:82:e0:58:df:ea:81:8d:5a:
f2:09:45:6a:71:e3:a6:78:39:cb:d2:5f:d5:9b:9d:
2d:94:3c:a1:a5:3d:ab:4e:84:d4:a2:c9:29:2d:bc:
97:59:0a:bb:cf:57:dd:9d:25:83:ed:38:fb:eb:25:
04:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:78:E5:C3:94:45:8F:19:C1:DC:B6:FB:CC:D4:8C:C1:31:CA:C0:35
X509v3 Authority Key Identifier:
keyid:1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/y3jlw5RFjxnB3Lb7zNSMwTHKwDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.128.0/17
185.74.160.0/22
IPv6:
2a00:9fe0::/29
Signature Algorithm: sha256WithRSAEncryption
12:f3:04:26:47:d0:86:d6:ee:d3:a4:ab:7b:f8:37:36:34:e1:
2f:c0:22:17:fd:d7:76:57:3e:54:7d:99:a5:ee:1f:48:8f:d7:
f3:b2:7d:7a:9e:aa:b6:33:d9:c5:bb:7f:4d:cc:30:13:25:3c:
3e:ec:b1:d8:17:cf:64:e4:d8:ee:eb:83:ea:0b:25:f3:77:85:
26:b4:c4:fa:20:bb:be:07:d2:e0:33:bc:88:b8:b2:17:b0:e4:
29:7b:bd:9c:dc:60:d3:2b:ac:fe:44:55:73:aa:2f:d4:9e:cd:
f8:4e:1c:70:04:5b:9a:00:2c:ea:fd:1a:50:d4:66:ef:d2:00:
dc:bd:aa:03:47:84:24:87:3e:d6:ca:f5:44:84:16:82:00:60:
f4:e1:50:bc:c8:53:35:4a:c0:16:ec:0a:94:68:2c:a6:9b:68:
38:7f:25:0a:66:85:1c:6a:6e:69:e1:ba:9c:99:b4:00:9e:d8:
5a:0b:f7:1b:6f:35:1c:cf:ad:fe:6a:6c:1e:01:87:02:1c:89:
4a:12:2c:ff:1a:ee:c2:43:d3:58:87:4e:29:56:de:6a:14:ff:
25:51:78:b1:61:3e:2d:0e:64:99:91:76:bf:36:54:6a:d0:ea:
4b:93:7b:63:74:f8:7b:68:0e:cd:96:6d:08:11:68:e0:94:eb:
22:d4:92:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvAknYDkG93Py2F1OGaL6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzVjMDZhOGMwNmQ1ZGQ2NGZlNzZiMDkwYTNlMWUyYTQ5
OTZkYzgwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjc4ZTVjMzk0NDU4ZjE5YzFkY2I2ZmJjY2Q0OGNjMTMxY2FjMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSGX46PlkqEwgN5G3VTUD92E6AuJ
OkabpSTIL4u7W7S39dfSA/cYNMBXtxcr5kIOKcgc3770myMnCkvQBoQh9yzE7wa+
9rdcKDSwz4sOtEt7HcYOXR/EoAfxuVSBMrkUs2Egfjf3Om7hHTD0pzfVqsrq/fQ4
MDILbFovVOyT0wYE/YdHB3Zkt6KPt1ML7s1l1VZKHdxASTJeAIu7bGxKG5RSAERo
GSxyKHJBABtRQ7SWW72uywQOkp63FfC1TB/mANwjABBkLR8PguBY3+qBjVryCUVq
ceOmeDnL0l/Vm50tlDyhpT2rToTUoskpLbyXWQq7z1fdnSWD7Tj76yUEawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMt45cOURY8Zwdy2+8zUjMExysA1MB8GA1UdIwQY
MBaAFB41wGqMBtXdZP52sJCj4eKkmW3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgt
OWI1ZDc2YTk0OWY0LzEveTNqbHc1UkZqeG5CM0xiN3pOU013VEhLd0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgtOWI1ZDc2YTk0OWY0
LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHXhCAAwQC
uUqgMA0EAgACMAcDBQMqAJ/gMA0GCSqGSIb3DQEBCwUAA4IBAQAS8wQmR9CG1u7T
pKt7+Dc2NOEvwCIX/dd2Vz5UfZml7h9Ij9fzsn16nqq2M9nFu39NzDATJTw+7LHY
F89k5Nju64PqCyXzd4UmtMT6ILu+B9LgM7yIuLIXsOQpe72c3GDTK6z+RFVzqi/U
ns34ThxwBFuaACzq/RpQ1Gbv0gDcvaoDR4Qkhz7WyvVEhBaCAGD04VC8yFM1SsAW
7AqUaCymm2g4fyUKZoUcam5p4bqcmbQAnthaC/cbbzUcz63+amweAYcCHIlKEiz/
Gu7CQ9NYh04pVt5qFP8lUXixYT4tDmSZkXa/NlRq0OpLk3tjdPh7aA7Nlm0IEWjg
lOsi1JJx
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:27 2025 by rpki-client