Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yayCXMvNZBcmvD3AJc6ZrtWv3tk.roa
File: yayCXMvNZBcmvD3AJc6ZrtWv3tk.roa (raw, json)
Hash identifier: qJUn+nhrvQIwA/GWRyM3Yd2eSVUug2mjj+vJFWNtwK8=
Subject key identifier: C9:AC:82:5C:CB:CD:64:17:26:BC:3D:C0:25:CE:99:AE:D5:AF:DE:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184334995E3695FAB9E8560E93EC42BE41F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yayCXMvNZBcmvD3AJc6ZrtWv3tk.roa
Signing time: Tue 01 Nov 2022 13:02:51 +0000
ROA not before: Tue 01 Nov 2022 13:02:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208226
IP address blocks: 194.87.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:49:95:e3:69:5f:ab:9e:85:60:e9:3e:c4:2b:e4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 13:02:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9ac825ccbcd641726bc3dc025ce99aed5afded9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:44:aa:e1:be:29:b9:02:9a:f0:c5:37:82:fe:
14:cc:0a:ce:11:64:81:60:d8:a2:8b:83:9f:2c:42:
22:d3:78:48:24:db:bc:96:0b:23:92:1a:0b:a7:fa:
a4:b8:ab:a1:91:93:34:08:21:a4:e2:fe:8a:a7:ad:
7f:22:b3:15:b8:00:ff:2d:74:2d:fe:53:3c:5a:fd:
6a:41:e0:31:03:ef:b5:7c:3c:bf:08:11:9f:f3:d4:
02:16:80:a3:58:7a:49:64:3d:6f:ab:f5:07:f7:6f:
b0:52:44:a3:ac:d5:35:94:4f:e8:51:52:54:87:23:
10:d4:6f:36:dd:e5:f8:7c:9b:d6:68:bc:42:fa:d3:
5b:59:aa:59:03:e5:19:26:b3:38:f9:78:68:b7:68:
c5:f9:2d:82:63:78:7d:4d:09:48:b2:12:6e:90:93:
5c:9d:d0:64:f9:a9:02:85:a7:62:33:cb:58:fe:34:
76:29:9c:a2:29:86:9e:27:95:f0:2e:25:b3:51:e9:
94:d3:59:30:66:ce:66:1c:ce:9d:f6:b0:19:19:73:
bd:d5:93:da:99:4c:66:35:9a:28:74:0a:42:93:f5:
03:a2:fd:9a:85:68:16:3b:7b:35:b4:32:74:21:7f:
e6:ce:54:a6:0b:76:e0:02:02:5d:cc:25:1b:07:18:
50:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AC:82:5C:CB:CD:64:17:26:BC:3D:C0:25:CE:99:AE:D5:AF:DE:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yayCXMvNZBcmvD3AJc6ZrtWv3tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.217.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c0:f8:60:4e:fa:d1:84:75:8b:ce:88:9d:12:ed:ed:33:67:
ac:5c:8c:31:6b:b5:41:78:90:19:6b:3e:73:95:ee:fc:40:0b:
cf:85:d6:50:e0:22:a5:be:ce:1f:f0:cc:d7:fe:a5:96:11:3e:
bf:4f:d8:06:d9:c6:bd:fa:4b:b4:03:e8:88:49:0c:c2:60:96:
58:35:1e:c0:38:43:9a:58:93:7a:53:da:33:16:26:99:f8:68:
a3:d5:ca:26:fe:e0:dd:23:38:70:f7:f1:c1:50:79:a4:26:63:
43:e3:02:81:92:d0:50:4d:53:2f:36:67:95:11:5a:8e:12:91:
f9:f9:c7:93:b5:be:4b:6e:44:06:1e:9f:b8:2e:7f:c5:51:1a:
fa:cf:01:bc:97:a0:a4:80:e1:8c:20:5e:a2:f1:ac:ff:a4:2f:
63:e2:ca:ff:af:54:9a:09:5c:a3:41:0a:2b:66:c1:4e:84:fa:
14:44:55:8b:2a:0d:0e:35:88:0c:c8:a9:76:5e:ae:ce:92:b2:
77:e2:7a:e4:1e:cb:f9:d4:52:0f:1c:24:dc:e0:75:5b:d3:d7:
4b:6c:73:35:f8:1f:1e:87:05:c8:cd:a6:2f:43:f3:01:6a:bd:
5c:c7:65:94:7d:82:ea:c5:1c:f4:88:1a:ca:cc:cf:85:09:aa:
fd:a4:0a:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQzSZXjaV+rnoVg6T7EK+QfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAxMTMwMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFjODI1Y2NiY2Q2NDE3MjZiYzNkYzAyNWNlOTlhZWQ1YWZkZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0Sq4b4puQKa8MU3gv4UzArOEWSB
YNiii4OfLEIi03hIJNu8lgsjkhoLp/qkuKuhkZM0CCGk4v6Kp61/IrMVuAD/LXQt
/lM8Wv1qQeAxA++1fDy/CBGf89QCFoCjWHpJZD1vq/UH92+wUkSjrNU1lE/oUVJU
hyMQ1G823eX4fJvWaLxC+tNbWapZA+UZJrM4+Xhot2jF+S2CY3h9TQlIshJukJNc
ndBk+akChadiM8tY/jR2KZyiKYaeJ5XwLiWzUemU01kwZs5mHM6d9rAZGXO91ZPa
mUxmNZoodApCk/UDov2ahWgWO3s1tDJ0IX/mzlSmC3bgAgJdzCUbBxhQiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmsglzLzWQXJrw9wCXOma7Vr97ZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWF5Q1hNdk5aQmNtdkQzQUpjNlpydFd2M3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfZMA0G
CSqGSIb3DQEBCwUAA4IBAQBQwPhgTvrRhHWLzoidEu3tM2esXIwxa7VBeJAZaz5z
le78QAvPhdZQ4CKlvs4f8MzX/qWWET6/T9gG2ca9+ku0A+iISQzCYJZYNR7AOEOa
WJN6U9ozFiaZ+Gij1com/uDdIzhw9/HBUHmkJmND4wKBktBQTVMvNmeVEVqOEpH5
+ceTtb5LbkQGHp+4Ln/FURr6zwG8l6CkgOGMIF6i8az/pC9j4sr/r1SaCVyjQQor
ZsFOhPoURFWLKg0ONYgMyKl2Xq7OkrJ34nrkHsv51FIPHCTc4HVb09dLbHM1+B8e
hwXIzaYvQ/MBar1cx2WUfYLqxRz0iBrKzM+FCar9pAqG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:15 2023 by rpki-client on console-ams.rpki-client.org