Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yp8S28h2lHe1mBDyh8nAq_i9QvM.roa
File: yp8S28h2lHe1mBDyh8nAq_i9QvM.roa (raw, json)
Hash identifier: Sr1Vfk7CTiSBmGFPnNvssUg/ytypAzBpnAi2H0Q10TI=
Subject key identifier: CA:9F:12:DB:C8:76:94:77:B5:98:10:F2:87:C9:C0:AB:F8:BD:42:F3
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0181FC2C4B460136FF1B21F1D755A248493E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yp8S28h2lHe1mBDyh8nAq_i9QvM.roa
Signing time: Thu 14 Jul 2022 10:06:10 +0000
ROA not before: Thu 14 Jul 2022 10:06:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 193.233.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fc:2c:4b:46:01:36:ff:1b:21:f1:d7:55:a2:48:49:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 14 10:06:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca9f12dbc8769477b59810f287c9c0abf8bd42f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a3:46:0e:1c:70:36:25:c9:a9:76:08:1e:27:
a4:e6:95:2f:9e:76:be:5d:6d:f7:60:55:35:b9:c2:
c4:34:06:09:f3:28:aa:8e:9b:f3:7d:a5:21:ba:43:
be:c5:90:21:e5:d0:37:21:e2:35:25:80:b9:ef:00:
40:8c:88:99:3c:fb:83:26:37:80:6a:08:1a:98:50:
f4:b0:8d:a3:8b:c6:ca:79:a2:c1:86:e7:07:ae:35:
7a:91:74:48:52:a8:75:65:87:21:f8:7e:cd:96:df:
39:dd:e4:7e:e1:a5:3a:61:20:bb:da:b1:be:c2:9e:
c7:db:34:87:74:e9:6b:ab:18:5c:e3:78:4c:18:62:
e4:79:10:4f:0a:e3:bf:c6:7b:d0:c9:4a:99:0b:61:
83:64:3d:51:11:cd:47:69:7c:57:e9:f3:cb:36:02:
0b:30:73:ec:9b:b0:18:27:50:59:04:ec:83:ce:85:
af:a1:6e:e1:79:10:d1:cd:d5:6b:e3:70:0f:54:29:
c3:e3:36:bb:40:ed:b8:3a:e9:c7:da:a4:bd:4a:27:
fd:5d:0b:f9:25:45:95:ff:ca:61:54:4c:38:94:48:
79:22:9f:0e:19:c3:78:3d:94:3c:e7:29:03:d0:fe:
98:bf:56:94:10:5c:ab:9f:ab:bb:62:cb:d0:02:fb:
c7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:9F:12:DB:C8:76:94:77:B5:98:10:F2:87:C9:C0:AB:F8:BD:42:F3
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yp8S28h2lHe1mBDyh8nAq_i9QvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.177.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:b2:7c:d2:13:9d:4b:ba:47:05:e7:1b:5c:5f:72:f8:60:0a:
2d:0b:2d:d3:40:f0:46:41:7c:75:e1:5d:ac:f8:d6:70:e2:a1:
0d:28:9f:33:0c:67:0f:b7:75:cb:78:44:5a:d8:8a:65:e4:08:
69:b3:0f:8b:d6:ab:9a:5a:3b:a3:c7:d0:75:61:19:82:e9:33:
3a:eb:9e:4c:19:18:24:19:0a:47:f9:b6:01:ab:8c:09:d1:ec:
23:29:7c:ae:72:87:f1:1a:2a:b3:f3:09:a1:21:21:99:05:22:
02:dc:f5:50:70:62:bc:75:6b:01:18:2b:0d:c4:ee:15:c5:2d:
4b:b2:dc:4d:c9:57:a4:e8:9f:4a:71:5b:7c:17:74:05:14:44:
2f:c7:7e:a3:79:1e:3b:f3:3b:65:1d:13:e4:d1:41:6f:72:19:
78:48:2b:ec:af:df:7c:56:9f:78:dd:29:04:29:13:28:e9:d9:
3c:76:1e:7e:fe:cc:7e:e6:d2:2e:fe:a6:1b:1f:c9:3d:0a:59:
bc:46:af:3e:9f:7c:d9:be:65:77:e4:6f:01:eb:ba:f1:8c:42:
2f:8b:59:a6:ab:ec:0a:52:0d:e3:c4:82:eb:33:46:60:7a:0e:
d1:d9:ac:13:0f:fd:71:01:05:1a:10:43:05:5e:ce:24:a2:09:
a2:5d:3e:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH8LEtGATb/GyHx11WiSEk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwNzE0MTAwNjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTlmMTJkYmM4NzY5NDc3YjU5ODEwZjI4N2M5YzBhYmY4YmQ0MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKNGDhxwNiXJqXYIHiek5pUvnna+
XW33YFU1ucLENAYJ8yiqjpvzfaUhukO+xZAh5dA3IeI1JYC57wBAjIiZPPuDJjeA
aggamFD0sI2ji8bKeaLBhucHrjV6kXRIUqh1ZYch+H7Nlt853eR+4aU6YSC72rG+
wp7H2zSHdOlrqxhc43hMGGLkeRBPCuO/xnvQyUqZC2GDZD1REc1HaXxX6fPLNgIL
MHPsm7AYJ1BZBOyDzoWvoW7heRDRzdVr43APVCnD4za7QO24OunH2qS9Sif9XQv5
JUWV/8phVEw4lEh5Ip8OGcN4PZQ85ykD0P6Yv1aUEFyrn6u7YsvQAvvHoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqfEtvIdpR3tZgQ8ofJwKv4vULzMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveXA4UzI4aDJsSGUxbUJEeWg4bkFxX2k5UXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwemxMA0G
CSqGSIb3DQEBCwUAA4IBAQBLsnzSE51LukcF5xtcX3L4YAotCy3TQPBGQXx14V2s
+NZw4qENKJ8zDGcPt3XLeERa2Ipl5Ahpsw+L1quaWjujx9B1YRmC6TM6655MGRgk
GQpH+bYBq4wJ0ewjKXyucofxGiqz8wmhISGZBSIC3PVQcGK8dWsBGCsNxO4VxS1L
stxNyVek6J9KcVt8F3QFFEQvx36jeR478ztlHRPk0UFvchl4SCvsr998Vp943SkE
KRMo6dk8dh5+/sx+5tIu/qYbH8k9Clm8Rq8+n3zZvmV35G8B67rxjEIvi1mmq+wK
Ug3jxILrM0Zgeg7R2awTD/1xAQUaEEMFXs4kogmiXT4h
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:39 2023 by rpki-client on console-fra.rpki-client.org