Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/yYJ_1TN3BxqdwmdE6NN_UG6bvJo.roa
File: yYJ_1TN3BxqdwmdE6NN_UG6bvJo.roa (raw, json)
Hash identifier: bz+PpN+fTOZWk1Qo+yPcr0DPZjArrasm+UD4TWq6U6w=
Subject key identifier: C9:82:7F:D5:33:77:07:1A:9D:C2:67:44:E8:D3:7F:50:6E:9B:BC:9A
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 018C6CF814025DE018961764C048EE9A9CEF
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/yYJ_1TN3BxqdwmdE6NN_UG6bvJo.roa
Signing time: Fri 15 Dec 2023 10:14:06 +0000
ROA not before: Fri 15 Dec 2023 10:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207974
IP address blocks: 146.19.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:f8:14:02:5d:e0:18:96:17:64:c0:48:ee:9a:9c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Dec 15 10:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9827fd53377071a9dc26744e8d37f506e9bbc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ca:c7:8d:de:ad:4f:7f:14:1d:9a:01:b6:40:
9c:a0:6e:24:79:6f:c6:55:4c:e1:2c:37:33:32:ae:
1c:fc:78:86:57:1a:05:f4:73:af:a7:42:01:98:5d:
6d:f3:7a:a9:01:f3:f8:ff:70:a8:57:fb:42:70:c4:
3a:d7:ea:2a:d3:77:26:d8:6e:9a:d3:8f:80:83:39:
df:ce:7a:82:ba:b8:c0:47:3d:f6:0b:c0:8f:3f:36:
65:f2:a3:0a:bf:e8:e9:fc:23:3a:f2:ab:03:17:59:
4a:fe:15:57:f7:5e:83:d2:be:fd:c7:ce:7f:a7:bc:
b0:12:65:c3:c4:8e:fc:7a:4c:64:2e:7e:ff:de:72:
90:c7:74:6a:03:ec:77:55:46:af:b3:25:a1:7e:42:
f3:ad:4a:b6:9a:54:a2:8d:84:f0:4a:21:24:17:da:
6e:a3:c1:80:43:64:69:b3:34:ee:5b:10:2d:3a:85:
6a:94:d2:6f:9e:9d:d8:89:1f:4d:89:b3:a4:b6:2c:
bc:e6:48:fd:21:54:90:b3:43:1f:4b:76:44:a8:ed:
e6:13:2a:aa:92:51:8a:02:45:93:21:53:48:fd:68:
79:2a:22:4f:c1:8f:91:c0:63:0e:4e:dd:c4:12:13:
1d:0b:77:1a:c1:6d:99:1e:46:f1:83:1c:79:ea:46:
d0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:82:7F:D5:33:77:07:1A:9D:C2:67:44:E8:D3:7F:50:6E:9B:BC:9A
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/yYJ_1TN3BxqdwmdE6NN_UG6bvJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.117.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:cd:4f:e3:db:fa:16:6a:b7:5f:71:4e:79:58:07:9f:77:af:
45:5d:b1:c3:fc:5d:cc:71:63:79:02:38:1d:d2:c5:5c:88:d6:
91:78:b9:93:e7:51:d3:b5:93:f6:47:8d:50:2c:db:5f:97:d1:
e7:54:f9:6d:04:76:37:c7:54:ff:7f:94:e8:98:21:ad:fe:13:
58:11:83:44:39:f0:2b:8b:e4:cd:53:21:a9:2f:b3:f8:b4:96:
1f:62:fc:b7:6a:ac:15:81:41:47:c1:28:bf:fe:92:10:c7:93:
3c:1c:03:e6:2c:d9:29:5f:24:b4:20:66:3b:fa:16:dd:ae:c7:
91:17:f6:06:4e:c5:36:60:7b:7f:04:84:3c:30:70:9f:3f:e6:
12:f2:8d:4e:f6:eb:32:b9:c9:bc:d3:4e:c6:47:5c:35:03:35:
ea:7e:0e:2d:fe:65:3e:45:5c:72:d1:c3:19:5d:ff:bd:7f:c7:
9d:1e:55:e3:f0:f9:5e:58:e9:bc:7b:cf:32:0c:fe:38:e6:5a:
22:b2:90:e0:4c:0f:4b:5e:bd:92:ea:ff:2b:e6:7c:87:78:63:
91:0e:de:a7:7f:6c:64:c9:e3:8b:e6:b7:3f:25:d3:a6:30:d6:
60:0e:5e:71:4f:48:c5:31:80:79:ea:72:c8:c4:58:8b:d2:0e:
8a:05:04:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxs+BQCXeAYlhdkwEjumpzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzc4ZWVlZjdhY2I0NTFmYzM3NTc1ZmViOTExNGRmY2Nj
MWNkZmIwHhcNMjMxMjE1MTAxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgyN2ZkNTMzNzcwNzFhOWRjMjY3NDRlOGQzN2Y1MDZlOWJiYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMrHjd6tT38UHZoBtkCcoG4keW/G
VUzhLDczMq4c/HiGVxoF9HOvp0IBmF1t83qpAfP4/3CoV/tCcMQ61+oq03cm2G6a
04+AgznfznqCurjARz32C8CPPzZl8qMKv+jp/CM68qsDF1lK/hVX916D0r79x85/
p7ywEmXDxI78ekxkLn7/3nKQx3RqA+x3VUavsyWhfkLzrUq2mlSijYTwSiEkF9pu
o8GAQ2RpszTuWxAtOoVqlNJvnp3YiR9NibOktiy85kj9IVSQs0MfS3ZEqO3mEyqq
klGKAkWTIVNI/Wh5KiJPwY+RwGMOTt3EEhMdC3cawW2ZHkbxgxx56kbQ7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmCf9UzdwcancJnROjTf1Bum7yaMB8GA1UdIwQY
MBaAFDLHju73rLRR/DdXX+uRFN/Mwc37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYt
MmYxYzhlNDA4YjY0LzEveVlKXzFUTjNCeHFkd21kRTZOTl9VRzZidkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYtMmYxYzhlNDA4YjY0
LzEvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhN1MA0G
CSqGSIb3DQEBCwUAA4IBAQA9zU/j2/oWardfcU55WAefd69FXbHD/F3McWN5Ajgd
0sVciNaReLmT51HTtZP2R41QLNtfl9HnVPltBHY3x1T/f5TomCGt/hNYEYNEOfAr
i+TNUyGpL7P4tJYfYvy3aqwVgUFHwSi//pIQx5M8HAPmLNkpXyS0IGY7+hbdrseR
F/YGTsU2YHt/BIQ8MHCfP+YS8o1O9usyucm8007GR1w1AzXqfg4t/mU+RVxy0cMZ
Xf+9f8edHlXj8PleWOm8e88yDP445loispDgTA9LXr2S6v8r5nyHeGORDt6nf2xk
yeOL5rc/JdOmMNZgDl5xT0jFMYB56nLIxFiL0g6KBQQ8
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:46:41 2025 by rpki-client