Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/ykcqImCCT7Yt8wxruS9b3FjakIo.roa
File: ykcqImCCT7Yt8wxruS9b3FjakIo.roa (raw, json)
Hash identifier: s6hIiKj0qFXNofu1UH4ugwL8FnK1uuBml7oYz9zYdjE=
Subject key identifier: CA:47:2A:22:60:82:4F:B6:2D:F3:0C:6B:B9:2F:5B:DC:58:DA:90:8A
Certificate issuer: /CN=3f172439599d7da525797899bf213b8e63554914
Certificate serial: 10717665
Authority key identifier: 3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/ykcqImCCT7Yt8wxruS9b3FjakIo.roa
Signing time: Sat 01 Jan 2022 06:03:40 +0000
ROA not before: Sat 01 Jan 2022 06:03:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1930
IP address blocks: 192.68.221.0/24 maxlen: 24
192.104.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 275871333 (0x10717665)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f172439599d7da525797899bf213b8e63554914
Validity
Not Before: Jan 1 06:03:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca472a2260824fb62df30c6bb92f5bdc58da908a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:47:f5:84:57:cd:e2:bb:9a:8e:a7:7f:9e:9e:
ee:04:37:99:8a:60:8b:d0:a2:38:d6:b1:a6:bd:b6:
ec:fb:aa:67:d0:eb:c5:33:db:48:fb:d5:db:37:78:
a4:06:9e:ce:47:00:b6:39:52:1a:4e:3c:67:ac:82:
db:f9:e6:96:de:ee:ab:cb:c3:50:43:04:76:c6:b0:
6e:5e:b8:05:5b:61:6b:b4:24:1a:44:04:74:04:9e:
26:54:9f:58:cd:4f:7f:fb:b3:3c:65:da:29:f3:f5:
32:55:7e:4c:d4:51:c5:06:f4:c2:63:7f:6c:d7:41:
69:11:62:e3:30:8b:2f:7c:e8:cb:53:ef:af:b1:0d:
82:68:a3:6c:37:b7:6b:4d:26:11:0e:42:c2:9c:60:
dd:42:25:11:b9:0f:dc:d7:a7:28:55:3e:20:c8:bb:
c9:5f:9a:1b:23:6f:f1:1d:9c:76:3a:3a:0c:f1:7e:
d1:fe:8b:53:fa:86:91:e8:02:af:42:ce:ad:23:3a:
01:fc:a1:ec:9b:5f:77:85:eb:75:f6:ef:14:71:96:
cd:c1:44:aa:fb:64:26:73:3c:3a:e7:ba:fe:5d:8e:
ca:d8:4a:74:63:9d:53:09:03:14:f7:07:1b:19:c7:
93:ca:17:d8:ca:7d:bb:6f:92:b2:1a:12:49:bf:3a:
7a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:47:2A:22:60:82:4F:B6:2D:F3:0C:6B:B9:2F:5B:DC:58:DA:90:8A
X509v3 Authority Key Identifier:
keyid:3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/ykcqImCCT7Yt8wxruS9b3FjakIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.221.0/24
192.104.48.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:8c:77:66:69:8c:94:52:05:61:2d:af:8f:7e:8a:8d:0f:7a:
79:aa:91:dd:56:d1:3a:7b:3c:ab:62:d9:33:19:1b:2e:10:45:
81:b4:94:77:14:86:8b:24:53:e5:a4:bf:ce:c9:05:c7:33:ec:
d6:10:1f:8e:67:b2:ca:c4:13:3e:62:46:14:13:d5:5a:97:69:
5b:19:25:5f:91:4f:95:f5:8d:37:ee:a8:15:0a:9e:ff:c8:dd:
65:60:25:ce:d1:53:dd:d1:06:03:04:51:f0:1a:67:a8:f5:ce:
c0:e6:a3:37:82:dd:13:27:e2:5d:6d:78:9b:2c:c0:45:c1:bc:
8c:cf:d4:37:bb:b9:ce:e8:1a:f9:00:0b:b0:29:14:9b:11:0d:
4b:85:5e:38:39:cf:41:8b:79:0f:43:47:2b:45:74:87:ca:1b:
03:d2:57:7f:92:3b:c0:88:b2:e5:26:82:f6:18:86:1a:a3:d0:
07:79:e8:70:5a:de:4d:ea:9a:a5:84:d5:03:8c:c1:ae:cd:7c:
e2:b3:d0:6e:a7:50:2c:c3:b8:4c:53:3d:c6:8b:1c:dd:14:2a:
9e:b5:a1:5c:45:5f:89:7b:ef:2f:34:40:a7:e0:25:a0:0d:79:
e2:eb:38:0f:5d:18:6a:e7:22:a0:3a:9e:ab:cf:26:91:7c:3c:
ff:a0:89:5a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEHF2ZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZjE3MjQzOTU5OWQ3ZGE1MjU3OTc4OTliZjIxM2I4ZTYzNTU0OTE0MB4XDTIyMDEw
MTA2MDM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E0NzJhMjI2MDgy
NGZiNjJkZjMwYzZiYjkyZjViZGM1OGRhOTA4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5H9YRXzeK7mo6nf56e7gQ3mYpgi9CiONaxpr227PuqZ9Dr
xTPbSPvV2zd4pAaezkcAtjlSGk48Z6yC2/nmlt7uq8vDUEMEdsawbl64BVtha7Qk
GkQEdASeJlSfWM1Pf/uzPGXaKfP1MlV+TNRRxQb0wmN/bNdBaRFi4zCLL3zoy1Pv
r7ENgmijbDe3a00mEQ5Cwpxg3UIlEbkP3NenKFU+IMi7yV+aGyNv8R2cdjo6DPF+
0f6LU/qGkegCr0LOrSM6Afyh7Jtfd4XrdfbvFHGWzcFEqvtkJnM8Oue6/l2OythK
dGOdUwkDFPcHGxnHk8oX2Mp9u2+SshoSSb86ev0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTKRyoiYIJPti3zDGu5L1vcWNqQijAfBgNVHSMEGDAWgBQ/FyQ5WZ19pSV5
eJm/ITuOY1VJFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B4Y2tPVm1kZmFVbGVYaVp2eUU3am1OVlNSUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvOWY5YWE5LTA5YzAtNDhjYy1iMGExLTg4NzMzMWVmYjcxNS8x
L3lrY3FJbUNDVDdZdDh3eHJ1UzliM0ZqYWtJby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
OWY5YWE5LTA5YzAtNDhjYy1iMGExLTg4NzMzMWVmYjcxNS8xL1B4Y2tPVm1kZmFV
bGVYaVp2eUU3am1OVlNSUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMBE3QMEAMBoMDANBgkqhkiG9w0B
AQsFAAOCAQEApYx3ZmmMlFIFYS2vj36KjQ96eaqR3VbROns8q2LZMxkbLhBFgbSU
dxSGiyRT5aS/zskFxzPs1hAfjmeyysQTPmJGFBPVWpdpWxklX5FPlfWNN+6oFQqe
/8jdZWAlztFT3dEGAwRR8BpnqPXOwOajN4LdEyfiXW14myzARcG8jM/UN7u5zuga
+QALsCkUmxENS4VeODnPQYt5D0NHK0V0h8obA9JXf5I7wIiy5SaC9hiGGqPQB3no
cFreTeqapYTVA4zBrs184rPQbqdQLMO4TFM9xosc3RQqnrWhXEVfiXvvLzRAp+Al
oA154us4D10YaucioDqeq88mkXw8/6CJWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:16 2024 by rpki-client on console-ams.rpki-client.org