Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/YIAKgE5dl5RTiHdhPz7WNhGUm9A.roa
File: YIAKgE5dl5RTiHdhPz7WNhGUm9A.roa (raw, json)
Hash identifier: KwxVrFG6yYlGgJoeTGseIYkE6teXQQKIV2RpUYnwdvM=
Subject key identifier: 60:80:0A:80:4E:5D:97:94:53:88:77:61:3F:3E:D6:36:11:94:9B:D0
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 0184754ABE41E265FC77C50A1891C0EE45F8
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/YIAKgE5dl5RTiHdhPz7WNhGUm9A.roa
Signing time: Mon 14 Nov 2022 08:39:03 +0000
ROA not before: Mon 14 Nov 2022 08:39:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60203
IP address blocks: 185.43.72.0/24 maxlen: 24
171.22.10.0/24 maxlen: 24
171.22.8.0/24 maxlen: 24
171.22.11.0/24 maxlen: 24
171.22.9.0/24 maxlen: 24
185.62.21.0/24 maxlen: 24
185.62.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:4a:be:41:e2:65:fc:77:c5:0a:18:91:c0:ee:45:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Nov 14 08:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60800a804e5d9794538877613f3ed63611949bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a1:c3:7b:df:57:be:c3:0c:72:f0:a3:5e:4d:
61:fd:3b:17:8e:e9:9a:6a:48:84:4d:1b:1d:6e:17:
63:67:d9:94:b0:b7:e5:b3:eb:01:1c:b7:4a:a8:fc:
14:1b:c2:2f:90:a6:bf:c2:6b:d1:a0:97:16:99:8f:
df:e5:66:89:eb:29:64:2e:fc:24:d9:31:19:95:cd:
89:33:aa:2c:27:a7:7d:82:e0:ba:84:0a:4c:0c:9e:
9f:fc:b4:bc:d7:ec:90:34:ee:d8:dd:a9:e0:93:b8:
82:2e:dc:03:2d:ff:1f:5b:a0:d5:24:e2:94:c9:8b:
65:9b:e2:90:ac:1e:88:07:17:ad:81:ac:de:d7:1f:
59:f2:cd:3f:bc:2f:9f:d3:d3:6d:71:b4:ea:14:bc:
09:94:ec:3a:db:50:f5:72:de:6a:00:f1:63:0e:31:
55:14:ca:11:1e:e8:bb:19:2d:1b:b8:93:dd:9e:fd:
c3:4c:c2:32:93:36:62:03:9c:76:89:4e:2b:df:06:
51:e6:84:91:77:f8:22:ed:3b:9c:ae:21:6a:da:74:
fb:dc:2d:d9:2c:60:d8:a3:d8:8b:6e:2b:ea:be:44:
97:46:27:58:c9:40:eb:b6:63:47:f5:10:94:7c:38:
f6:6c:c2:2b:fa:c9:95:e7:ba:0d:0e:b9:95:f9:77:
2c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:80:0A:80:4E:5D:97:94:53:88:77:61:3F:3E:D6:36:11:94:9B:D0
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/YIAKgE5dl5RTiHdhPz7WNhGUm9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.8.0/22
185.43.72.0/24
185.62.20.0/23
Signature Algorithm: sha256WithRSAEncryption
27:12:da:36:3f:00:3a:c5:be:5a:2f:5a:60:53:1f:1e:b8:9f:
1c:09:6f:94:5d:72:8e:a2:9c:6c:6d:58:1f:fe:ce:8c:30:fb:
7b:83:15:3a:07:04:34:7e:3b:ec:42:77:f2:b0:d3:91:dc:1c:
21:29:00:4b:7d:25:39:28:c1:5d:68:b9:41:27:b3:b0:40:18:
9b:eb:02:c9:04:99:0c:c5:74:da:ac:f4:e9:44:37:62:f7:88:
07:73:93:1f:04:50:67:1d:d5:35:19:ec:74:a6:bb:db:64:09:
e9:cb:a8:ce:cf:c9:c8:7e:eb:a8:1d:41:a5:24:56:e2:4d:2c:
b6:36:c5:65:e6:23:36:48:3f:f9:dd:9b:bf:d0:6e:8f:0c:5f:
75:38:4d:1d:42:ca:2b:aa:fb:6d:64:8b:78:59:f7:32:b3:1c:
10:0a:bb:68:42:90:09:f8:6d:bb:7e:b6:90:33:a9:a1:92:9f:
a5:e5:f1:d5:10:df:d1:ca:1a:0a:69:ce:d1:80:d3:45:0f:5e:
4d:79:d5:88:a7:72:73:be:c2:8b:34:eb:96:25:f6:5a:ce:c9:
3a:6b:1a:53:3d:2e:64:76:67:4e:ef:92:bb:28:d4:40:9b:50:
a9:da:9a:51:aa:78:fb:7c:b3:c7:b1:7a:4a:b3:04:2a:81:38:
00:74:ee:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYR1Sr5B4mX8d8UKGJHA7kX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjIxMTE0MDgzOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDgwMGE4MDRlNWQ5Nzk0NTM4ODc3NjEzZjNlZDYzNjExOTQ5YmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaHDe99XvsMMcvCjXk1h/TsXjuma
akiETRsdbhdjZ9mUsLfls+sBHLdKqPwUG8IvkKa/wmvRoJcWmY/f5WaJ6ylkLvwk
2TEZlc2JM6osJ6d9guC6hApMDJ6f/LS81+yQNO7Y3angk7iCLtwDLf8fW6DVJOKU
yYtlm+KQrB6IBxetgaze1x9Z8s0/vC+f09NtcbTqFLwJlOw621D1ct5qAPFjDjFV
FMoRHui7GS0buJPdnv3DTMIykzZiA5x2iU4r3wZR5oSRd/gi7TucriFq2nT73C3Z
LGDYo9iLbivqvkSXRidYyUDrtmNH9RCUfDj2bMIr+smV57oNDrmV+XcsjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGCACoBOXZeUU4h3YT8+1jYRlJvQMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvWUlBS2dFNWRsNVJUaUhkaFB6N1dOaEdVbTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCqxYIAwQA
uStIAwQBuT4UMA0GCSqGSIb3DQEBCwUAA4IBAQAnEto2PwA6xb5aL1pgUx8euJ8c
CW+UXXKOopxsbVgf/s6MMPt7gxU6BwQ0fjvsQnfysNOR3BwhKQBLfSU5KMFdaLlB
J7OwQBib6wLJBJkMxXTarPTpRDdi94gHc5MfBFBnHdU1Gex0prvbZAnpy6jOz8nI
fuuoHUGlJFbiTSy2NsVl5iM2SD/53Zu/0G6PDF91OE0dQsorqvttZIt4WfcysxwQ
CrtoQpAJ+G27fraQM6mhkp+l5fHVEN/RyhoKac7RgNNFD15NedWIp3JzvsKLNOuW
JfZazsk6axpTPS5kdmdO75K7KNRAm1Cp2ppRqnj7fLPHsXpKswQqgTgAdO5u
-----END CERTIFICATE-----
Generated at Thu May 8 18:57:45 2025 by rpki-client