Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/Y0MN1H-giTNhb1UEbAjV9dINvmw.roa
File: Y0MN1H-giTNhb1UEbAjV9dINvmw.roa (raw, json)
Hash identifier: 5i9UWL3OCpBVlXyEyCgx1cPqrfr9P3RcD04I2Ubfnos=
Subject key identifier: 63:43:0D:D4:7F:A0:89:33:61:6F:55:04:6C:08:D5:F5:D2:0D:BE:6C
Certificate issuer: /CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Certificate serial: 01856DD413E11C952163A94E78407458FCB8
Authority key identifier: 63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/Y0MN1H-giTNhb1UEbAjV9dINvmw.roa
Signing time: Sun 01 Jan 2023 14:54:53 +0000
ROA not before: Sun 01 Jan 2023 14:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200653
IP address blocks: 185.100.30.0/24 maxlen: 24
185.100.30.0/23 maxlen: 23
185.100.28.0/23 maxlen: 23
185.100.28.0/22 maxlen: 22
185.100.29.0/24 maxlen: 24
185.100.31.0/24 maxlen: 24
185.100.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:13:e1:1c:95:21:63:a9:4e:78:40:74:58:fc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Validity
Not Before: Jan 1 14:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63430dd47fa08933616f55046c08d5f5d20dbe6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c1:98:44:02:a7:eb:db:01:e1:59:d4:6b:b3:
5e:b6:3b:03:fa:93:0a:8b:17:69:a6:8f:6f:c7:d6:
14:06:59:9f:2e:63:c9:4c:51:e4:8f:f1:a0:26:41:
b6:c9:9e:fe:33:fa:3d:5b:8e:99:22:b2:bc:06:ad:
b8:21:64:7e:d3:de:19:16:14:23:a1:bb:aa:b7:7b:
75:d6:d3:7e:0c:dd:a0:5a:34:fc:b0:c8:49:75:2a:
62:b5:83:8d:29:85:cb:40:cc:a8:55:b3:b2:00:75:
f8:8e:5c:45:ec:0b:fa:2a:1d:08:5e:42:1a:4d:aa:
fd:27:00:5a:b5:9a:a8:24:f2:d6:22:d4:38:68:8d:
bb:82:c3:96:c2:95:50:56:3d:2b:4a:14:35:ff:1d:
91:60:bf:67:17:43:ab:82:2c:ed:26:1b:29:31:29:
75:5e:49:5d:d6:33:31:d2:88:31:48:0b:69:12:56:
aa:1d:2c:ee:77:2b:0b:f6:95:76:f0:ca:4b:30:88:
91:8b:f6:dc:df:83:4d:a5:d6:54:a2:e8:79:3a:f2:
12:0a:a0:5d:41:f1:e1:89:44:e8:d2:fa:8c:4d:0a:
21:44:63:d4:ff:e0:8c:e9:ce:08:56:7f:6f:14:1f:
b3:f9:fc:06:16:c2:04:af:d4:e1:78:fa:a9:d0:b3:
39:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:43:0D:D4:7F:A0:89:33:61:6F:55:04:6C:08:D5:F5:D2:0D:BE:6C
X509v3 Authority Key Identifier:
keyid:63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/Y0MN1H-giTNhb1UEbAjV9dINvmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/YxXdC6Ef2vdNU7lW_ByEan4vYf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.28.0/22
Signature Algorithm: sha256WithRSAEncryption
44:d6:0f:af:88:d9:bc:f8:b7:62:08:5b:6f:f5:63:df:1f:25:
98:da:28:65:d7:d2:d9:8c:af:07:b6:61:b5:26:b2:56:7f:c6:
7f:27:55:90:64:f6:2b:9e:83:f5:d7:c3:e5:a2:87:f3:44:12:
4f:5e:b4:e2:83:ae:6d:80:05:d5:25:47:f9:83:20:28:53:c6:
a1:f9:0b:6c:62:ce:f5:53:b1:76:9e:27:de:92:57:07:39:47:
a3:e2:7e:3a:91:64:44:5f:08:4c:ed:7b:b2:3d:c8:9c:ed:0e:
a3:00:0d:bc:5e:07:6b:c0:ec:63:bf:a0:5d:dc:17:4f:81:80:
2f:02:11:0b:d8:55:7d:ae:1e:e1:11:f7:bb:67:d8:14:ab:26:
28:33:92:cb:22:b8:f1:69:63:ca:30:d2:54:a6:c7:bf:dd:ef:
7c:e7:8c:d8:47:63:8c:32:f7:4e:db:b5:13:89:56:88:b8:9d:
de:58:82:a8:de:9e:60:56:09:ac:c8:1c:f4:25:f4:37:ed:c2:
a3:85:c7:98:17:33:d4:fe:36:94:8e:a2:6c:2a:a0:3c:62:0b:
45:fd:17:3d:1f:4b:58:a5:dc:0e:98:57:22:4e:32:fd:20:4e:
f4:c4:d5:26:cb:a2:fb:2f:a6:b7:07:a2:01:74:1e:e7:c8:24:
ff:29:c9:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1BPhHJUhY6lOeEB0WPy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTVkZDBiYTExZmRhZjc0ZDUzYjk1NmZjMWM4NDZhN2Uy
ZjYxZmUwHhcNMjMwMTAxMTQ1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQzMGRkNDdmYTA4OTMzNjE2ZjU1MDQ2YzA4ZDVmNWQyMGRiZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsGYRAKn69sB4VnUa7NetjsD+pMK
ixdppo9vx9YUBlmfLmPJTFHkj/GgJkG2yZ7+M/o9W46ZIrK8Bq24IWR+094ZFhQj
obuqt3t11tN+DN2gWjT8sMhJdSpitYONKYXLQMyoVbOyAHX4jlxF7Av6Kh0IXkIa
Tar9JwBatZqoJPLWItQ4aI27gsOWwpVQVj0rShQ1/x2RYL9nF0OrgiztJhspMSl1
Xkld1jMx0ogxSAtpElaqHSzudysL9pV28MpLMIiRi/bc34NNpdZUouh5OvISCqBd
QfHhiUTo0vqMTQohRGPU/+CM6c4IVn9vFB+z+fwGFsIEr9ThePqp0LM5VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNDDdR/oIkzYW9VBGwI1fXSDb5sMB8GA1UdIwQY
MBaAFGMV3QuhH9r3TVO5VvwchGp+L2H+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0Yjgt
ODk4OWI0Y2FhMjA2LzEvWTBNTjFILWdpVE5oYjFVRWJBalY5ZElOdm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0YjgtODk4OWI0Y2FhMjA2
LzEvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWQcMA0G
CSqGSIb3DQEBCwUAA4IBAQBE1g+viNm8+LdiCFtv9WPfHyWY2ihl19LZjK8HtmG1
JrJWf8Z/J1WQZPYrnoP118PloofzRBJPXrTig65tgAXVJUf5gyAoU8ah+QtsYs71
U7F2nifeklcHOUej4n46kWREXwhM7XuyPcic7Q6jAA28XgdrwOxjv6Bd3BdPgYAv
AhEL2FV9rh7hEfe7Z9gUqyYoM5LLIrjxaWPKMNJUpse/3e9854zYR2OMMvdO27UT
iVaIuJ3eWIKo3p5gVgmsyBz0JfQ37cKjhceYFzPU/jaUjqJsKqA8YgtF/Rc9H0tY
pdwOmFciTjL9IE70xNUmy6L7L6a3B6IBdB7nyCT/Kcnv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:42 2025 by rpki-client