Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/YfMmhkVvostuOF_ou0w24e8ZBQA.roa
File: YfMmhkVvostuOF_ou0w24e8ZBQA.roa (raw, json)
Hash identifier: D1oX8d3MuH3p8Dhz1w1xlPBvVL8CAn6fOy+YcenOTO8=
Subject key identifier: 61:F3:26:86:45:6F:A2:CB:6E:38:5F:E8:BB:4C:36:E1:EF:19:05:00
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018C4A20A08955A327D6101E3C9F1363AD61
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/YfMmhkVvostuOF_ou0w24e8ZBQA.roa
Signing time: Fri 08 Dec 2023 15:51:41 +0000
ROA not before: Fri 08 Dec 2023 15:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 89.249.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:20:a0:89:55:a3:27:d6:10:1e:3c:9f:13:63:ad:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 8 15:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61f32686456fa2cb6e385fe8bb4c36e1ef190500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:45:36:20:c9:00:5b:ba:59:ff:c3:dd:6a:3e:
ed:b1:ee:12:c2:37:6b:2c:b3:df:69:0e:04:0b:2d:
15:1c:b9:e1:43:4f:ca:f5:b0:6a:66:93:1b:ab:78:
6f:90:4b:ae:7b:d8:02:17:de:ad:cc:4e:5c:20:c5:
55:85:dc:2c:cc:38:ed:d8:0b:cd:07:3c:cf:43:70:
db:f2:52:da:ba:ec:e3:48:c7:76:29:8a:30:a1:fe:
07:f2:93:76:b3:a1:05:85:99:45:00:c3:eb:11:a4:
37:82:4f:de:15:62:ff:cf:86:97:6e:d5:6d:71:1e:
cc:6a:6c:91:69:43:43:81:9b:6f:b4:a5:05:33:d3:
4a:d7:bd:31:34:c5:1a:d9:d0:94:1a:60:03:0c:a4:
09:ec:79:16:91:f9:f9:0b:48:33:81:30:4c:ce:28:
d4:b9:78:c3:37:1e:d1:e0:30:47:47:e2:17:8d:e5:
8f:2a:b2:2c:ed:8d:e7:b7:c3:e9:1c:e1:78:9e:c1:
3d:8d:81:fc:01:26:20:c5:e4:ac:d9:f7:45:13:61:
16:ba:30:a8:01:0f:f9:9c:98:b8:b7:b0:5c:18:67:
66:5f:29:57:7a:6a:e4:27:bc:4e:f5:36:5b:00:b7:
8a:ea:4a:bc:5f:4f:06:76:d7:ba:4d:05:e9:f9:85:
e8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F3:26:86:45:6F:A2:CB:6E:38:5F:E8:BB:4C:36:E1:EF:19:05:00
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/YfMmhkVvostuOF_ou0w24e8ZBQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.202.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:91:a7:d1:f8:05:2e:67:cc:3b:20:de:7b:64:90:53:3c:50:
d7:e6:71:69:92:97:cb:dc:6e:66:23:cd:e4:99:55:c2:65:c5:
35:79:d2:91:dc:65:ee:42:21:48:03:da:8e:a7:cd:c9:19:b1:
c9:de:38:40:c5:9f:d2:75:93:cc:0e:cc:5f:47:f8:13:2d:bc:
2a:81:7c:a0:80:0f:b8:ab:06:e4:41:d4:a5:14:64:8d:65:be:
18:91:cd:a4:27:e7:44:91:2f:be:cd:2a:26:30:9a:df:88:02:
68:26:30:62:8f:9f:ac:da:0d:1e:00:de:8c:e1:87:bf:bd:33:
a5:89:b8:49:53:3a:12:47:6e:a0:67:3d:13:4e:39:27:b5:88:
5c:f0:e3:24:a3:b2:d3:c8:89:fe:55:cc:68:7f:cc:7b:a5:dc:
2b:3e:41:cc:2f:29:bb:d1:18:cd:86:f7:31:c6:4b:42:49:8a:
31:e3:1e:4a:44:bb:02:fd:d5:5c:b4:3f:83:df:f9:33:35:db:
5e:cd:c1:59:6c:43:ab:a9:85:d3:52:96:fd:3b:31:99:42:54:
78:a8:2c:3b:f7:48:77:50:c1:2d:7a:99:e9:40:8c:44:2b:26:
63:6b:ba:e4:2b:f6:85:0e:ba:9b:08:4f:f6:05:6b:6b:94:63:
27:41:f9:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxKIKCJVaMn1hAePJ8TY61hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMjA4MTU1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYzMjY4NjQ1NmZhMmNiNmUzODVmZThiYjRjMzZlMWVmMTkwNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEU2IMkAW7pZ/8Pdaj7tse4Swjdr
LLPfaQ4ECy0VHLnhQ0/K9bBqZpMbq3hvkEuue9gCF96tzE5cIMVVhdwszDjt2AvN
BzzPQ3Db8lLauuzjSMd2KYowof4H8pN2s6EFhZlFAMPrEaQ3gk/eFWL/z4aXbtVt
cR7MamyRaUNDgZtvtKUFM9NK170xNMUa2dCUGmADDKQJ7HkWkfn5C0gzgTBMzijU
uXjDNx7R4DBHR+IXjeWPKrIs7Y3nt8PpHOF4nsE9jYH8ASYgxeSs2fdFE2EWujCo
AQ/5nJi4t7BcGGdmXylXemrkJ7xO9TZbALeK6kq8X08Gdte6TQXp+YXoMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHzJoZFb6LLbjhf6LtMNuHvGQUAMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvWWZNbWhrVnZvc3R1T0Zfb3UwdzI0ZThaQlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnKMA0G
CSqGSIb3DQEBCwUAA4IBAQAukafR+AUuZ8w7IN57ZJBTPFDX5nFpkpfL3G5mI83k
mVXCZcU1edKR3GXuQiFIA9qOp83JGbHJ3jhAxZ/SdZPMDsxfR/gTLbwqgXyggA+4
qwbkQdSlFGSNZb4Ykc2kJ+dEkS++zSomMJrfiAJoJjBij5+s2g0eAN6M4Ye/vTOl
ibhJUzoSR26gZz0TTjkntYhc8OMko7LTyIn+Vcxof8x7pdwrPkHMLym70RjNhvcx
xktCSYox4x5KRLsC/dVctD+D3/kzNdtezcFZbEOrqYXTUpb9OzGZQlR4qCw790h3
UMEtepnpQIxEKyZja7rkK/aFDrqbCE/2BWtrlGMnQfmE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:53 2025 by rpki-client