Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/06ac4f-9833-4e8d-b352-77140d09783c/1/yvsvpW6Pa9Lq2rH7HHEiX7vhy_c.roa
File: yvsvpW6Pa9Lq2rH7HHEiX7vhy_c.roa (raw, json)
Hash identifier: RBiZBFtyjKFpRZoBmbRemsH+HRIg/9f0fgTaUb5SxxU=
Subject key identifier: CA:FB:2F:A5:6E:8F:6B:D2:EA:DA:B1:FB:1C:71:22:5F:BB:E1:CB:F7
Certificate issuer: /CN=6ccf360df9a1f61e23327da0d2c09112e0a9bd69
Certificate serial: 0570AF7B
Authority key identifier: 6C:CF:36:0D:F9:A1:F6:1E:23:32:7D:A0:D2:C0:91:12:E0:A9:BD:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM82Dfmh9h4jMn2g0sCREuCpvWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/06ac4f-9833-4e8d-b352-77140d09783c/1/yvsvpW6Pa9Lq2rH7HHEiX7vhy_c.roa
Signing time: Sat 01 Jan 2022 06:59:12 +0000
ROA not before: Sat 01 Jan 2022 06:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35574
IP address blocks: 93.101.0.0/20 maxlen: 24
185.40.12.0/22 maxlen: 24
2a04:a9c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91271035 (0x570af7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccf360df9a1f61e23327da0d2c09112e0a9bd69
Validity
Not Before: Jan 1 06:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cafb2fa56e8f6bd2eadab1fb1c71225fbbe1cbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:52:8c:99:d4:ad:90:62:95:2c:d8:23:66:33:
84:a5:31:25:95:17:20:15:5e:65:32:09:7c:56:04:
3c:7b:d2:ae:0c:4d:8a:36:88:a1:a3:a2:f3:83:bd:
d7:59:87:c1:1b:23:94:5b:47:c9:00:7a:db:74:11:
11:bc:e5:65:e4:e0:1a:e6:d5:03:32:72:70:1f:3d:
fe:fb:c6:c2:5c:cd:3a:b5:2a:7f:90:8d:f9:15:a6:
bb:96:d2:6d:c8:a4:70:4c:d6:08:3e:9e:8c:c5:cc:
2a:f6:f8:33:43:dc:23:c2:8e:d7:ef:77:f4:90:84:
64:33:2c:65:f5:e6:3c:3b:45:19:fa:75:c6:d9:de:
7c:b0:c1:e7:01:cc:0f:11:e3:90:4d:59:a0:6a:a2:
d8:0e:37:3e:89:02:b9:9a:af:eb:01:e9:5a:05:6c:
b5:1e:27:12:a9:d7:11:fc:ee:5e:27:1f:63:40:8c:
39:41:b0:b3:55:f3:e5:ac:b7:56:1e:2c:3a:37:37:
07:0a:86:13:0c:48:d9:1f:62:e5:2f:5b:e3:d5:46:
54:bf:76:88:88:8b:48:f3:69:fd:f3:aa:15:a6:8f:
64:ff:44:2e:ea:df:22:fb:c2:b1:61:41:46:b9:1b:
e7:58:5c:ec:bb:10:82:b7:27:b1:dc:b7:dc:1e:7f:
a2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FB:2F:A5:6E:8F:6B:D2:EA:DA:B1:FB:1C:71:22:5F:BB:E1:CB:F7
X509v3 Authority Key Identifier:
keyid:6C:CF:36:0D:F9:A1:F6:1E:23:32:7D:A0:D2:C0:91:12:E0:A9:BD:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM82Dfmh9h4jMn2g0sCREuCpvWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/06ac4f-9833-4e8d-b352-77140d09783c/1/yvsvpW6Pa9Lq2rH7HHEiX7vhy_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/06ac4f-9833-4e8d-b352-77140d09783c/1/bM82Dfmh9h4jMn2g0sCREuCpvWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.101.0.0/20
185.40.12.0/22
IPv6:
2a04:a9c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:03:15:fe:83:10:d4:5e:52:e0:97:34:e6:07:bd:b0:26:44:
6f:1f:ac:f8:c8:f4:63:bf:aa:ab:4a:86:5c:55:27:84:e1:f0:
66:eb:08:1f:b2:c2:5c:2e:70:5b:b0:96:bd:84:e7:0a:0d:d5:
6e:7e:9d:19:07:49:68:1c:ab:a5:bd:f9:65:2d:3e:28:70:f1:
0f:ad:2a:cc:68:f7:31:9e:9b:69:99:cf:90:1e:a9:af:d7:6e:
f2:68:1a:48:fd:bc:ab:7d:91:b9:12:d3:b2:41:0f:f8:3d:6f:
5f:ff:74:83:48:98:be:2c:65:9b:6c:67:3e:33:0f:a5:12:a3:
fa:cc:95:32:bc:e7:ea:13:11:1d:b5:95:3b:3b:df:2f:71:6d:
90:c2:0a:9a:77:da:4c:48:40:47:33:7a:91:93:4c:35:12:bb:
c6:b9:96:4a:56:1d:bd:82:38:8f:1e:48:3a:7f:75:fc:b0:37:
2f:eb:29:6f:ef:84:b2:cc:fd:22:6d:1a:84:84:56:45:78:45:
4d:43:43:6c:7a:4a:1c:58:b6:23:21:56:45:1d:ad:02:eb:20:
47:50:f6:da:b6:4a:fa:ca:f1:40:5d:e5:11:e3:70:1b:3e:ae:
94:6e:2c:a4:9c:8d:e1:4d:4a:12:f2:14:03:0e:df:c8:84:62:
58:bc:17:3f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBXCvezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2NmMzYwZGY5YTFmNjFlMjMzMjdkYTBkMmMwOTExMmUwYTliZDY5MB4XDTIyMDEw
MTA2NTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FmYjJmYTU2ZThm
NmJkMmVhZGFiMWZiMWM3MTIyNWZiYmUxY2JmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVSjJnUrZBilSzYI2YzhKUxJZUXIBVeZTIJfFYEPHvSrgxN
ijaIoaOi84O911mHwRsjlFtHyQB623QREbzlZeTgGubVAzJycB89/vvGwlzNOrUq
f5CN+RWmu5bSbcikcEzWCD6ejMXMKvb4M0PcI8KO1+939JCEZDMsZfXmPDtFGfp1
xtnefLDB5wHMDxHjkE1ZoGqi2A43PokCuZqv6wHpWgVstR4nEqnXEfzuXicfY0CM
OUGws1Xz5ay3Vh4sOjc3BwqGEwxI2R9i5S9b49VGVL92iIiLSPNp/fOqFaaPZP9E
LurfIvvCsWFBRrkb51hc7LsQgrcnsdy33B5/ovUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTK+y+lbo9r0urasfsccSJfu+HL9zAfBgNVHSMEGDAWgBRszzYN+aH2HiMy
faDSwJES4Km9aTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JNODJEZm1oOWg0ak1uMmcwc0NSRXVDcHZXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMDZhYzRmLTk4MzMtNGU4ZC1iMzUyLTc3MTQwZDA5NzgzYy8x
L3l2c3ZwVzZQYTlMcTJySDdISEVpWDd2aHlfYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MDZhYzRmLTk4MzMtNGU4ZC1iMzUyLTc3MTQwZDA5NzgzYy8xL2JNODJEZm1oOWg0
ak1uMmcwc0NSRXVDcHZXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBF1lAAMEArkoDDANBAIAAjAHAwUD
KgSpwDANBgkqhkiG9w0BAQsFAAOCAQEAOQMV/oMQ1F5S4Jc05ge9sCZEbx+s+Mj0
Y7+qq0qGXFUnhOHwZusIH7LCXC5wW7CWvYTnCg3Vbn6dGQdJaByrpb35ZS0+KHDx
D60qzGj3MZ6baZnPkB6pr9du8mgaSP28q32RuRLTskEP+D1vX/90g0iYvixlm2xn
PjMPpRKj+syVMrzn6hMRHbWVOzvfL3FtkMIKmnfaTEhARzN6kZNMNRK7xrmWSlYd
vYI4jx5IOn91/LA3L+spb++Essz9Im0ahIRWRXhFTUNDbHpKHFi2IyFWRR2tAusg
R1D22rZK+srxQF3lEeNwGz6ulG4spJyN4U1KEvIUAw7fyIRiWLwXPw==
-----END CERTIFICATE-----
Generated at Sun May 11 15:41:41 2025 by rpki-client