Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yn8-FJDxnlQ1GHxGFwXhlw5Xp38.roa
File: Yn8-FJDxnlQ1GHxGFwXhlw5Xp38.roa (raw, json)
Hash identifier: 8xxYQDfds4awwve7Lq4bVMyFs0hWLFmEq48RTenPAkQ=
Subject key identifier: 62:7F:3E:14:90:F1:9E:54:35:18:7C:46:17:05:E1:97:0E:57:A7:7F
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189F8398E26D28F22DE0B3BFB554611AC7F
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yn8-FJDxnlQ1GHxGFwXhlw5Xp38.roa
Signing time: Tue 15 Aug 2023 08:04:28 +0000
ROA not before: Tue 15 Aug 2023 08:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11938
IP address blocks: 85.133.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:39:8e:26:d2:8f:22:de:0b:3b:fb:55:46:11:ac:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 15 08:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=627f3e1490f19e5435187c461705e1970e57a77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c6:9d:05:13:a2:22:60:6b:58:e1:5c:34:8b:
8b:c9:0b:11:1c:ba:2f:7b:5a:92:e7:6c:0f:1d:9d:
c9:b4:eb:b4:81:2e:a6:b5:82:5f:4a:1c:eb:51:4f:
ec:55:73:4d:61:34:2f:06:03:a8:21:ae:e7:e1:51:
41:86:77:2c:8c:59:3a:97:01:bc:6e:2e:8e:4e:e6:
01:d1:d8:c4:70:2e:31:12:99:e2:53:1f:8c:4f:32:
06:bb:c3:a7:d9:9d:c9:bc:a1:42:52:f7:a2:35:fb:
c3:40:5b:46:24:fd:34:c2:02:23:08:d5:f6:fe:b4:
7f:b7:0f:ec:f1:56:1b:66:7a:61:81:df:58:0f:65:
bd:68:47:39:3b:86:f2:00:f2:2a:7d:7a:de:ec:25:
b9:95:82:5c:91:a2:1a:c8:9c:a6:37:51:bc:78:bd:
71:21:6c:de:10:c0:8a:82:35:41:83:2b:75:15:4d:
00:78:d1:27:4a:ee:1d:76:ec:c5:83:b6:5d:d6:55:
de:53:10:b8:56:8f:06:76:e9:e4:d2:ce:e1:e9:f9:
91:02:d1:a9:6d:00:f1:c4:14:e1:8c:c2:40:cb:ca:
76:2b:ff:6f:3b:9a:d3:27:0e:9d:7e:77:33:25:86:
58:34:a4:3d:9a:9c:56:e6:ad:ab:c5:29:70:d1:7b:
c9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7F:3E:14:90:F1:9E:54:35:18:7C:46:17:05:E1:97:0E:57:A7:7F
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Yn8-FJDxnlQ1GHxGFwXhlw5Xp38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.153.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:3c:7a:da:6e:31:f3:f7:31:15:3c:4b:ca:53:ac:9d:84:b4:
d2:15:06:e4:70:44:4d:bf:7d:d3:d4:09:44:38:38:35:fc:60:
b8:fa:17:14:42:d2:f4:b9:39:19:0a:8c:40:22:63:99:27:b0:
ca:2c:cd:0f:5d:f1:cc:9a:4e:1f:73:c7:63:a6:29:75:0f:6c:
2b:66:fb:16:be:1c:a6:5b:6e:59:5b:49:90:53:a3:88:04:9b:
b0:20:65:2d:9c:45:4d:9f:91:dd:fa:ac:04:f2:bb:7e:e9:fd:
b8:ea:79:31:72:ec:bb:16:fd:37:70:6b:5f:2e:46:e2:b5:83:
47:56:59:24:20:09:6f:fb:44:a1:b0:78:96:56:c2:d3:94:66:
db:aa:57:d2:58:96:7b:aa:ac:e1:59:72:91:82:94:d8:e4:93:
b3:d5:8e:d5:a8:d4:6c:42:b2:17:20:de:3c:08:bd:ff:d8:9a:
a3:0b:77:95:fa:b4:79:0d:83:99:57:8e:81:76:47:53:74:3d:
0f:9e:fd:9f:f8:1a:c7:0f:08:1c:a0:16:5f:38:d4:42:ba:74:
4d:16:a9:e1:7c:20:4e:97:99:80:a6:bf:05:61:54:02:d2:3a:
39:bc:b8:d7:e6:fc:9c:29:11:37:9f:03:68:f1:c6:be:17:b0:
3e:d8:76:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn4OY4m0o8i3gs7+1VGEax/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODE1MDgwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdmM2UxNDkwZjE5ZTU0MzUxODdjNDYxNzA1ZTE5NzBlNTdhNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8adBROiImBrWOFcNIuLyQsRHLov
e1qS52wPHZ3JtOu0gS6mtYJfShzrUU/sVXNNYTQvBgOoIa7n4VFBhncsjFk6lwG8
bi6OTuYB0djEcC4xEpniUx+MTzIGu8On2Z3JvKFCUveiNfvDQFtGJP00wgIjCNX2
/rR/tw/s8VYbZnphgd9YD2W9aEc5O4byAPIqfXre7CW5lYJckaIayJymN1G8eL1x
IWzeEMCKgjVBgyt1FU0AeNEnSu4dduzFg7Zd1lXeUxC4Vo8Gdunk0s7h6fmRAtGp
bQDxxBThjMJAy8p2K/9vO5rTJw6dfnczJYZYNKQ9mpxW5q2rxSlw0XvJqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJ/PhSQ8Z5UNRh8RhcF4ZcOV6d/MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWW44LUZKRHhubFExR0h4R0Z3WGhsdzVYcDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWZMA0G
CSqGSIb3DQEBCwUAA4IBAQAOPHrabjHz9zEVPEvKU6ydhLTSFQbkcERNv33T1AlE
ODg1/GC4+hcUQtL0uTkZCoxAImOZJ7DKLM0PXfHMmk4fc8djpil1D2wrZvsWvhym
W25ZW0mQU6OIBJuwIGUtnEVNn5Hd+qwE8rt+6f246nkxcuy7Fv03cGtfLkbitYNH
VlkkIAlv+0ShsHiWVsLTlGbbqlfSWJZ7qqzhWXKRgpTY5JOz1Y7VqNRsQrIXIN48
CL3/2JqjC3eV+rR5DYOZV46BdkdTdD0Pnv2f+BrHDwgcoBZfONRCunRNFqnhfCBO
l5mApr8FYVQC0jo5vLjX5vycKRE3nwNo8ca+F7A+2HaC
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:57:24 2025 by rpki-client