Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/YJZwRpaUaP6GB-I5myO51qXOH9w.roa
File: YJZwRpaUaP6GB-I5myO51qXOH9w.roa (raw, json)
Hash identifier: u/17KDAAEAg3irP8LVj3VhtoNuHoLYqAdSIa75cOfV0=
Subject key identifier: 60:96:70:46:96:94:68:FE:86:07:E2:39:9B:23:B9:D6:A5:CE:1F:DC
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 018CB4D01CA9C4BCEB767F7B7C129E8EEFA9
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/YJZwRpaUaP6GB-I5myO51qXOH9w.roa
Signing time: Fri 29 Dec 2023 09:03:06 +0000
ROA not before: Fri 29 Dec 2023 09:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.24.0/22 maxlen: 22
45.156.20.0/22 maxlen: 22
45.156.21.0/24 maxlen: 32
45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.26.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
193.176.179.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:d0:1c:a9:c4:bc:eb:76:7f:7b:7c:12:9e:8e:ef:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Dec 29 09:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60967046969468fe8607e2399b23b9d6a5ce1fdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8f:7a:28:34:56:a1:12:53:76:e9:ad:73:8b:
64:d7:32:05:03:13:a9:cf:b0:b4:32:e2:94:92:21:
61:94:51:ab:6c:a6:d1:b6:83:20:e3:3d:47:d2:37:
ed:dd:e7:45:13:d5:01:31:5b:a1:d6:28:6f:a6:1d:
86:a8:ea:e1:69:68:b6:f7:4b:3c:1e:f0:29:7e:5b:
f8:d8:bb:3a:51:04:fb:c2:c4:e9:e1:4d:7b:4f:61:
bc:61:8c:60:60:29:92:26:e2:d3:bd:5c:9f:79:fa:
2d:fd:9f:e5:78:8f:07:75:d4:d3:67:f6:6c:93:59:
6b:e6:48:53:f6:10:70:ff:2f:26:3e:b7:bc:af:19:
ed:99:94:c5:bc:20:ff:cf:a2:4e:7b:b2:fb:60:13:
78:6e:0a:ef:4d:f5:cd:1b:3d:41:bd:d6:4c:a5:6d:
fe:c6:8f:ae:76:f9:f0:5f:75:52:40:09:96:cc:45:
ea:5a:ad:83:09:7f:ea:af:5f:d7:29:21:5f:20:cb:
2c:95:80:00:70:c6:ca:6e:1e:c3:8c:1c:16:f8:dc:
7e:f6:49:ee:b5:45:42:2b:ea:81:b8:82:c6:95:62:
11:ff:4c:80:af:fc:44:43:f5:e7:85:4b:a0:cc:ac:
97:ec:1c:34:c2:64:58:7a:a1:67:72:f1:a9:1e:f3:
86:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:96:70:46:96:94:68:FE:86:07:E2:39:9B:23:B9:D6:A5:CE:1F:DC
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/YJZwRpaUaP6GB-I5myO51qXOH9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.20.0-45.156.27.255
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
194.36.171.0/24
194.36.209.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
2f:13:8f:01:bd:19:2a:14:84:de:aa:1e:c5:73:c3:1d:ba:fb:
82:be:0a:f3:0e:14:30:a0:5f:f0:3d:15:e5:d3:bd:5c:4b:5f:
55:96:4d:2f:e1:54:ee:0a:39:61:ee:2a:5d:fc:af:09:78:bd:
c7:dd:2d:2a:77:66:ec:59:84:54:4a:67:ec:f2:5d:83:6c:8f:
2c:f1:a9:83:a0:07:80:4b:5f:f0:1c:bf:a3:d3:51:dd:32:fd:
57:48:b9:2e:22:15:99:75:fb:3c:9f:59:bf:8b:97:a7:f4:bf:
ae:1c:7e:dd:5f:4a:d4:12:48:df:07:7b:32:c7:d8:ed:dd:f3:
cf:16:f3:bb:f4:a9:ef:b9:04:02:ab:f7:e6:04:f3:ef:4b:de:
ba:f1:ca:2e:be:bc:cc:f9:14:a6:f8:a8:2c:24:67:df:65:06:
76:50:f9:85:19:5d:a1:bf:1c:f2:75:db:4a:3a:87:ce:a4:d1:
b5:00:ce:85:e8:fa:de:53:cf:e5:45:61:32:bd:14:1e:cb:c1:
aa:73:53:cc:c1:44:a9:2d:7e:92:18:ae:bd:f9:32:95:4b:f4:
98:fa:2f:3c:35:1f:a1:14:8b:d1:e1:80:be:e1:b7:5e:dc:3a:
d7:4a:b4:b2:18:e7:63:0c:e2:ea:22:77:cd:d3:20:7f:59:e1:
c6:8a:24:f7
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYy00BypxLzrdn97fBKeju+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjMxMjI5MDkwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDk2NzA0Njk2OTQ2OGZlODYwN2UyMzk5YjIzYjlkNmE1Y2UxZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi496KDRWoRJTdumtc4tk1zIFAxOp
z7C0MuKUkiFhlFGrbKbRtoMg4z1H0jft3edFE9UBMVuh1ihvph2GqOrhaWi290s8
HvApflv42Ls6UQT7wsTp4U17T2G8YYxgYCmSJuLTvVyfefot/Z/leI8HddTTZ/Zs
k1lr5khT9hBw/y8mPre8rxntmZTFvCD/z6JOe7L7YBN4bgrvTfXNGz1BvdZMpW3+
xo+udvnwX3VSQAmWzEXqWq2DCX/qr1/XKSFfIMsslYAAcMbKbh7DjBwW+Nx+9knu
tUVCK+qBuILGlWIR/0yAr/xEQ/XnhUugzKyX7Bw0wmRYeqFncvGpHvOGoQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFGCWcEaWlGj+hgfiOZsjudalzh/cMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvWUpad1JwYVVhUDZHQi1JNW15TzUxcVhPSDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGMAwDBAItnBQD
BAItnBgDBADBsJkDBADBsJ4DBADBsLMDBADCJKsDBADCJNEwDAMEAcJ01gMEAcJ0
2AMEAMJ4GAMEAMJ4dDANBAIAAjAHAwUAKhN8ADANBgkqhkiG9w0BAQsFAAOCAQEA
LxOPAb0ZKhSE3qoexXPDHbr7gr4K8w4UMKBf8D0V5dO9XEtfVZZNL+FU7go5Ye4q
XfyvCXi9x90tKndm7FmEVEpn7PJdg2yPLPGpg6AHgEtf8By/o9NR3TL9V0i5LiIV
mXX7PJ9Zv4uXp/S/rhx+3V9K1BJI3wd7MsfY7d3zzxbzu/Sp77kEAqv35gTz70ve
uvHKLr68zPkUpvioLCRn32UGdlD5hRldob8c8nXbSjqHzqTRtQDOhej63lPP5UVh
Mr0UHsvBqnNTzMFEqS1+khiuvfkylUv0mPovPDUfoRSL0eGAvuG3Xtw610q0shjn
Ywzi6iJ3zdMgf1nhxook9w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:17:09 2025 by rpki-client