Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_y03KNvmZnilZnu94NfPm7oNHP0.roa
File: _y03KNvmZnilZnu94NfPm7oNHP0.roa (raw, json)
Hash identifier: 4Wl7kzbJGUduZqbbodmd8xh4xgvJtwbpwOfo+8Xa1Yw=
Subject key identifier: FF:2D:37:28:DB:E6:66:78:A5:66:7B:BD:E0:D7:CF:9B:BA:0D:1C:FD
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018B288E4EFC2ABE1B22951EEE32393BACD4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_y03KNvmZnilZnu94NfPm7oNHP0.roa
Signing time: Fri 13 Oct 2023 10:21:36 +0000
ROA not before: Fri 13 Oct 2023 10:21:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.199.214.0/23 maxlen: 24
45.157.211.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
185.250.25.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
79.98.246.0/23 maxlen: 24
185.221.24.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:8e:4e:fc:2a:be:1b:22:95:1e:ee:32:39:3b:ac:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 13 10:21:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff2d3728dbe66678a5667bbde0d7cf9bba0d1cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:16:fb:bb:88:43:71:38:f7:2c:7d:e5:0e:59:
ae:70:9b:f1:cb:c8:9f:d8:de:fd:cf:5d:c3:0f:18:
11:01:95:b5:4e:c2:4b:af:19:fa:af:c4:a2:11:e4:
21:66:bf:71:74:76:11:10:d9:a4:c3:6f:47:59:cf:
8c:0e:df:02:8a:e7:0a:a8:5c:dc:04:a4:09:cf:95:
83:5f:6f:6b:ca:12:7d:46:94:eb:45:09:dc:1a:85:
d9:fa:30:d9:84:b5:86:65:c8:c0:aa:93:1e:56:75:
ef:f6:c5:e9:e8:43:5a:09:1f:6d:97:d1:e3:8c:1d:
31:29:63:9f:d6:3e:59:04:00:32:13:34:f1:78:66:
9f:b0:75:e6:47:50:7f:9b:d8:9b:5e:a9:ea:fd:0b:
a1:a3:5d:23:ac:ad:16:5b:39:51:ab:e8:e3:8f:9b:
b6:a0:57:f1:f0:02:1f:4f:99:64:a3:6e:19:b3:65:
a7:46:e3:08:a7:ad:f1:67:1d:ba:85:a6:bd:72:1e:
c2:2e:5e:66:f7:82:c5:b0:47:1a:23:f8:77:0c:2c:
23:eb:29:99:2f:40:6e:99:ed:53:34:0d:4d:db:92:
6b:c0:c3:e8:a7:49:02:b4:3d:92:2a:5a:48:6c:ba:
58:61:1a:7d:a1:fd:48:d5:4c:23:2e:23:b7:a5:5b:
92:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2D:37:28:DB:E6:66:78:A5:66:7B:BD:E0:D7:CF:9B:BA:0D:1C:FD
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_y03KNvmZnilZnu94NfPm7oNHP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
45.157.209.0/24
45.157.211.0/24
79.98.245.0-79.98.247.255
176.125.250.0/23
185.199.151.0/24
185.199.212.0/22
185.221.24.0/23
185.225.168.0/22
185.226.181.0/24
185.250.25.0-185.250.26.255
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
65:1a:4c:67:56:9f:c0:ae:3f:e4:f4:95:4b:f0:c0:0d:e4:2f:
91:00:d0:b0:7e:53:be:ca:ee:e3:cb:20:ff:29:6d:ee:ff:d4:
ec:01:23:20:87:7a:ff:14:1e:7c:a2:b0:83:97:ce:ff:cb:02:
4a:d1:de:87:79:6b:18:40:1d:01:c3:a8:f9:98:5c:96:b9:0b:
f1:2b:52:e1:31:74:70:12:92:35:de:7d:69:2a:c1:a0:2c:b1:
5b:7e:75:1b:c4:84:3c:8d:8a:5f:69:08:28:a3:c9:ba:b8:45:
a8:a7:5d:17:fa:77:c8:78:f6:60:2a:30:be:34:08:fc:b0:19:
b7:a3:ba:14:3c:2f:97:fc:8e:fc:69:9b:a9:fa:de:5f:c3:ae:
14:47:a7:c6:93:7b:be:ae:8d:75:50:e4:06:3f:1c:9a:f3:82:
51:7a:74:de:42:2b:16:ee:6e:07:c3:13:46:fa:23:1f:da:88:
07:ac:15:a5:6a:34:84:a3:1a:bf:c7:75:6b:f4:85:d5:bb:01:
48:d0:1f:6c:fa:9d:7a:66:a3:08:09:20:e9:f1:16:6b:1e:89:
4f:3a:1e:16:40:be:c2:8d:33:75:c2:d1:4f:a5:34:75:76:bc:
53:c5:b0:be:d9:1b:e9:89:8f:19:fa:b3:94:ee:42:de:0a:88:
9e:4e:9a:a5
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYsojk78Kr4bIpUe7jI5O6zUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMDEzMTAyMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJkMzcyOGRiZTY2Njc4YTU2NjdiYmRlMGQ3Y2Y5YmJhMGQxY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBb7u4hDcTj3LH3lDlmucJvxy8if
2N79z13DDxgRAZW1TsJLrxn6r8SiEeQhZr9xdHYRENmkw29HWc+MDt8CiucKqFzc
BKQJz5WDX29ryhJ9RpTrRQncGoXZ+jDZhLWGZcjAqpMeVnXv9sXp6ENaCR9tl9Hj
jB0xKWOf1j5ZBAAyEzTxeGafsHXmR1B/m9ibXqnq/Quho10jrK0WWzlRq+jjj5u2
oFfx8AIfT5lko24Zs2WnRuMIp63xZx26haa9ch7CLl5m94LFsEcaI/h3DCwj6ymZ
L0Bume1TNA1N25JrwMPop0kCtD2SKlpIbLpYYRp9of1I1UwjLiO3pVuSHwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFP8tNyjb5mZ4pWZ7veDXz5u6DRz9MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvX3kwM0tOdm1abmlsWm51OTROZlBtN29OSFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQALZv8AwQA
LZv/AwQALZ3RAwQALZ3TMAwDBABPYvUDBANPYvADBAGwffoDBAC5x5cDBAK5x9QD
BAG53RgDBAK54agDBAC54rUwDAMEALn6GQMEALn6GgMEAcKSXDANBgkqhkiG9w0B
AQsFAAOCAQEAZRpMZ1afwK4/5PSVS/DADeQvkQDQsH5Tvsru48sg/ylt7v/U7AEj
IId6/xQefKKwg5fO/8sCStHeh3lrGEAdAcOo+ZhclrkL8StS4TF0cBKSNd59aSrB
oCyxW351G8SEPI2KX2kIKKPJurhFqKddF/p3yHj2YCowvjQI/LAZt6O6FDwvl/yO
/GmbqfreX8OuFEenxpN7vq6NdVDkBj8cmvOCUXp03kIrFu5uB8MTRvojH9qIB6wV
pWo0hKMav8d1a/SF1bsBSNAfbPqdemajCAkg6fEWax6JTzoeFkC+wo0zdcLRT6U0
dXa8U8Wwvtkb6YmPGfqzlO5C3gqInk6apQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:21:51 2025 by rpki-client