Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/YgZ0scQ0SWxK8m6o6QJfG9Qr7sk.roa
File: YgZ0scQ0SWxK8m6o6QJfG9Qr7sk.roa (raw, json)
Hash identifier: 4qLkhgJVPWZVtbsqd8bNMNTHNgTIn1sUojrDfOxlfcw=
Subject key identifier: 62:06:74:B1:C4:34:49:6C:4A:F2:6E:A8:E9:02:5F:1B:D4:2B:EE:C9
Certificate issuer: /CN=524e5f7961225fbfe341f6bfd6be8e1a21ef8c0f
Certificate serial: 01856D386B4681159E654B2F48E497DC1A39
Authority key identifier: 52:4E:5F:79:61:22:5F:BF:E3:41:F6:BF:D6:BE:8E:1A:21:EF:8C:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uk5feWEiX7_jQfa_1r6OGiHvjA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/YgZ0scQ0SWxK8m6o6QJfG9Qr7sk.roa
Signing time: Sun 01 Jan 2023 12:04:52 +0000
ROA not before: Sun 01 Jan 2023 12:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204515
IP address blocks: 185.230.76.0/22 maxlen: 22
2a0c:700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:6b:46:81:15:9e:65:4b:2f:48:e4:97:dc:1a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=524e5f7961225fbfe341f6bfd6be8e1a21ef8c0f
Validity
Not Before: Jan 1 12:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=620674b1c434496c4af26ea8e9025f1bd42beec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:72:0b:96:fe:d3:0a:f6:fa:e9:36:42:91:19:
c3:b7:bd:ae:19:a0:af:7e:14:e0:80:93:21:77:58:
15:e3:04:f9:7d:b2:80:bc:8f:88:8c:7f:52:29:2a:
a7:8e:13:ab:0c:b3:2a:f6:e7:eb:a3:86:c7:02:a8:
be:37:43:01:cc:48:95:6a:80:97:c6:46:7a:15:65:
72:2e:b0:4a:70:02:b0:78:0e:f8:40:e4:d5:07:ed:
12:69:18:98:bc:3e:e8:c3:04:ad:46:84:66:f4:a6:
7d:db:df:57:58:40:8b:eb:6a:c5:76:38:bd:c8:31:
6a:f8:14:1a:d1:2b:90:75:1e:b0:25:34:95:7f:67:
01:5a:8e:04:6f:57:78:f6:fa:3b:95:89:ad:0d:c8:
9f:e2:a7:42:0e:7d:0b:3f:bd:17:f6:c4:a0:a0:02:
67:08:3f:75:bd:63:11:91:dc:22:f0:e3:30:24:b0:
bd:64:18:ba:fe:c2:81:55:cd:07:82:69:f9:b5:67:
74:99:af:3e:8a:99:80:ff:ee:08:0b:96:e8:c0:57:
e8:dd:e9:98:6f:6e:41:3f:52:0d:ff:2f:f8:bc:a3:
32:07:c8:b3:03:01:c1:33:3a:ab:34:06:f7:d4:3b:
43:a2:2f:9b:80:a0:98:ef:d2:54:ce:4c:d7:87:bd:
d0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:06:74:B1:C4:34:49:6C:4A:F2:6E:A8:E9:02:5F:1B:D4:2B:EE:C9
X509v3 Authority Key Identifier:
keyid:52:4E:5F:79:61:22:5F:BF:E3:41:F6:BF:D6:BE:8E:1A:21:EF:8C:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uk5feWEiX7_jQfa_1r6OGiHvjA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/YgZ0scQ0SWxK8m6o6QJfG9Qr7sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/Uk5feWEiX7_jQfa_1r6OGiHvjA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.76.0/22
IPv6:
2a0c:700::/32
Signature Algorithm: sha256WithRSAEncryption
67:35:fb:45:a3:29:3e:52:5a:ce:3d:01:69:56:b1:2f:46:1f:
e5:ef:65:a3:b8:76:ff:51:46:0f:a6:b1:d4:5a:6a:9a:4a:6a:
ea:9f:4a:52:11:16:56:b1:e1:84:66:ea:7f:12:32:8e:d6:68:
f1:eb:82:7a:15:cf:db:26:28:37:d8:84:34:b3:ec:eb:1c:01:
f3:98:bd:e2:8c:9e:3d:e9:19:83:5d:ad:31:6c:4d:e1:ac:9e:
3b:fc:17:6c:e1:ac:66:56:59:69:a0:eb:3b:e3:ea:69:fa:da:
6d:ae:03:dc:5e:27:2c:69:d7:bc:c2:cd:0a:dc:87:f7:e4:e4:
3d:8b:9b:88:96:a8:e2:42:34:e3:ce:25:69:e4:12:2b:85:ba:
00:19:11:15:e8:68:cd:27:58:c5:bd:c9:23:79:3a:bc:d2:e4:
be:ef:c9:08:63:5f:2b:80:5e:3f:01:ac:1b:b6:ba:7b:b7:1e:
d4:4d:8b:8d:79:29:62:40:23:88:65:e2:d0:ec:4f:61:60:98:
b8:03:47:67:17:dd:2c:05:19:d1:0c:61:ca:05:89:e5:6c:f8:
27:b1:6c:c4:11:79:e7:ca:de:d6:65:a5:c2:78:9e:ce:2a:cb:
d5:92:f9:d4:b0:d5:9a:b2:60:84:3e:93:0a:2f:0c:d6:dd:f2:
d1:e4:30:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtOGtGgRWeZUsvSOSX3Bo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNGU1Zjc5NjEyMjVmYmZlMzQxZjZiZmQ2YmU4ZTFhMjFl
ZjhjMGYwHhcNMjMwMTAxMTIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA2NzRiMWM0MzQ0OTZjNGFmMjZlYThlOTAyNWYxYmQ0MmJlZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3ILlv7TCvb66TZCkRnDt72uGaCv
fhTggJMhd1gV4wT5fbKAvI+IjH9SKSqnjhOrDLMq9ufro4bHAqi+N0MBzEiVaoCX
xkZ6FWVyLrBKcAKweA74QOTVB+0SaRiYvD7owwStRoRm9KZ9299XWECL62rFdji9
yDFq+BQa0SuQdR6wJTSVf2cBWo4Eb1d49vo7lYmtDcif4qdCDn0LP70X9sSgoAJn
CD91vWMRkdwi8OMwJLC9ZBi6/sKBVc0Hgmn5tWd0ma8+ipmA/+4IC5bowFfo3emY
b25BP1IN/y/4vKMyB8izAwHBMzqrNAb31DtDoi+bgKCY79JUzkzXh73QvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGIGdLHENElsSvJuqOkCXxvUK+7JMB8GA1UdIwQY
MBaAFFJOX3lhIl+/40H2v9a+jhoh74wPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWs1ZmVXRWlYN19qUWZhXzFyNk9HaUh2akE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85YzY1NDYtNTgxMS00MTk0LWJmZWIt
MmFiOTA0NmViYzExLzEvWWdaMHNjUTBTV3hLOG02bzZRSmZHOVFyN3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi85YzY1NDYtNTgxMS00MTk0LWJmZWItMmFiOTA0NmViYzEx
LzEvVWs1ZmVXRWlYN19qUWZhXzFyNk9HaUh2akE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueZMMA0E
AgACMAcDBQAqDAcAMA0GCSqGSIb3DQEBCwUAA4IBAQBnNftFoyk+UlrOPQFpVrEv
Rh/l72WjuHb/UUYPprHUWmqaSmrqn0pSERZWseGEZup/EjKO1mjx64J6Fc/bJig3
2IQ0s+zrHAHzmL3ijJ496RmDXa0xbE3hrJ47/Bds4axmVllpoOs74+pp+tptrgPc
Xicsade8ws0K3If35OQ9i5uIlqjiQjTjziVp5BIrhboAGREV6GjNJ1jFvckjeTq8
0uS+78kIY18rgF4/Aawbtrp7tx7UTYuNeSliQCOIZeLQ7E9hYJi4A0dnF90sBRnR
DGHKBYnlbPgnsWzEEXnnyt7WZaXCeJ7OKsvVkvnUsNWasmCEPpMKLwzW3fLR5DAE
-----END CERTIFICATE-----
Generated at Tue May 13 23:02:27 2025 by rpki-client