Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/20bc6d-8c8d-4e27-89c7-f512c2dac4c4/1/YpR3a9JKnBg1aBpL0uTaAAA393s.roa
File: YpR3a9JKnBg1aBpL0uTaAAA393s.roa (raw, json)
Hash identifier: NRZ3M5vkP9E53klR/ogdsE0u3UbeZ8qMcTo0k2K8gDA=
Subject key identifier: 62:94:77:6B:D2:4A:9C:18:35:68:1A:4B:D2:E4:DA:00:00:37:F7:7B
Certificate issuer: /CN=79df107d6bf1ccc818f66d8da8dd85ee924a0cea
Certificate serial: 01852932D3F8CC27C24F5CBFD060544BA123
Authority key identifier: 79:DF:10:7D:6B:F1:CC:C8:18:F6:6D:8D:A8:DD:85:EE:92:4A:0C:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ed8QfWvxzMgY9m2NqN2F7pJKDOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/20bc6d-8c8d-4e27-89c7-f512c2dac4c4/1/YpR3a9JKnBg1aBpL0uTaAAA393s.roa
Signing time: Mon 19 Dec 2022 07:04:34 +0000
ROA not before: Mon 19 Dec 2022 07:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198024
IP address blocks: 193.142.176.0/21 maxlen: 21
193.142.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:32:d3:f8:cc:27:c2:4f:5c:bf:d0:60:54:4b:a1:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79df107d6bf1ccc818f66d8da8dd85ee924a0cea
Validity
Not Before: Dec 19 07:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6294776bd24a9c1835681a4bd2e4da000037f77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a5:5e:6a:05:73:bf:98:74:58:33:b8:02:91:
e3:96:f3:b1:be:ad:97:5c:41:c7:ac:a8:b9:ea:b0:
ba:fc:96:bf:4d:e7:cd:e6:00:d8:55:9a:6e:e6:98:
4f:e0:31:ef:c1:b4:bf:10:b6:50:fe:73:18:53:ea:
63:c3:ea:df:ae:04:92:bb:f0:15:79:9c:7b:34:00:
16:26:15:11:1e:e0:fc:bc:5f:72:c5:8e:38:23:cd:
07:54:28:f9:11:38:00:8d:e9:47:71:6f:54:af:45:
5b:25:58:fb:e8:82:13:4d:20:b5:b6:f1:68:3c:b6:
86:ab:42:13:dd:da:50:41:2f:f9:9d:a0:a6:3f:cd:
1a:70:e6:0e:c0:e2:72:f2:94:ac:97:21:41:94:a7:
3f:c2:15:e5:16:be:a5:cd:0c:42:63:b2:19:25:fa:
ad:7d:4a:29:78:d7:d7:42:ae:ee:33:3c:92:ec:f6:
6d:4b:4c:87:e0:63:cb:c7:f8:92:91:e1:7d:2f:1e:
9c:12:b0:19:21:bb:ca:3b:fc:3f:49:a6:f2:ef:a3:
58:7b:96:b0:a4:56:f9:a6:5f:dd:be:20:bd:53:dd:
88:f1:18:15:d8:d9:be:f2:a4:3f:13:a3:03:eb:ad:
ab:c2:e8:77:f7:3d:ba:c2:5f:9e:ec:e8:b8:4d:1c:
d3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:94:77:6B:D2:4A:9C:18:35:68:1A:4B:D2:E4:DA:00:00:37:F7:7B
X509v3 Authority Key Identifier:
keyid:79:DF:10:7D:6B:F1:CC:C8:18:F6:6D:8D:A8:DD:85:EE:92:4A:0C:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed8QfWvxzMgY9m2NqN2F7pJKDOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/20bc6d-8c8d-4e27-89c7-f512c2dac4c4/1/YpR3a9JKnBg1aBpL0uTaAAA393s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/20bc6d-8c8d-4e27-89c7-f512c2dac4c4/1/ed8QfWvxzMgY9m2NqN2F7pJKDOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.176.0-193.142.187.255
Signature Algorithm: sha256WithRSAEncryption
6e:e7:46:07:b0:81:d1:55:53:e7:9a:d6:5d:96:42:db:46:60:
c4:a6:24:8d:d7:c8:4b:f7:1c:ff:60:da:6b:ed:f2:1c:a6:cb:
d4:af:a4:72:7d:66:4d:c6:9b:68:5e:85:b2:9d:40:4d:4e:0d:
59:c1:1a:61:3b:4c:a3:a6:6c:4b:55:4b:db:bf:5d:64:5a:25:
ed:89:e0:52:6f:7c:92:19:47:b3:d9:60:14:61:ce:f4:3d:05:
56:cf:82:c3:fd:91:25:6c:44:eb:80:48:a5:71:34:07:e1:b0:
7d:18:ea:f8:ad:c7:b7:cf:02:ca:b1:55:ec:fe:84:96:5e:a1:
97:5a:29:c7:f6:21:f8:81:6c:23:86:06:fe:72:66:f5:30:6a:
0c:62:80:9c:c4:37:6d:d3:3b:96:5f:40:ff:d4:2c:be:6e:d5:
d2:57:b1:5e:68:61:af:d4:d9:ef:c5:57:82:6a:eb:01:53:1b:
69:74:31:a7:19:01:9b:81:88:27:1f:e7:f4:6d:f1:1f:d8:65:
b8:7d:9c:3b:e5:32:57:ee:cf:06:68:1c:13:a9:e5:02:10:b4:
ab:b6:b7:4f:53:36:e6:e0:cb:4c:81:14:36:5c:f4:49:f6:ac:
89:d4:71:c7:62:43:95:eb:aa:75:1f:a8:12:68:3f:81:23:52:
a6:0d:54:de
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUpMtP4zCfCT1y/0GBUS6EjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZGYxMDdkNmJmMWNjYzgxOGY2NmQ4ZGE4ZGQ4NWVlOTI0
YTBjZWEwHhcNMjIxMjE5MDcwNDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjk0Nzc2YmQyNGE5YzE4MzU2ODFhNGJkMmU0ZGEwMDAwMzdmNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6VeagVzv5h0WDO4ApHjlvOxvq2X
XEHHrKi56rC6/Ja/TefN5gDYVZpu5phP4DHvwbS/ELZQ/nMYU+pjw+rfrgSSu/AV
eZx7NAAWJhURHuD8vF9yxY44I80HVCj5ETgAjelHcW9Ur0VbJVj76IITTSC1tvFo
PLaGq0IT3dpQQS/5naCmP80acOYOwOJy8pSslyFBlKc/whXlFr6lzQxCY7IZJfqt
fUopeNfXQq7uMzyS7PZtS0yH4GPLx/iSkeF9Lx6cErAZIbvKO/w/Saby76NYe5aw
pFb5pl/dviC9U92I8RgV2Nm+8qQ/E6MD662rwuh39z26wl+e7Oi4TRzTdQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGKUd2vSSpwYNWgaS9Lk2gAAN/d7MB8GA1UdIwQY
MBaAFHnfEH1r8czIGPZtjajdhe6SSgzqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWQ4UWZXdnh6TWdZOW0yTnFOMkY3cEpLRE9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8yMGJjNmQtOGM4ZC00ZTI3LTg5Yzct
ZjUxMmMyZGFjNGM0LzEvWXBSM2E5SktuQmcxYUJwTDB1VGFBQUEzOTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8yMGJjNmQtOGM4ZC00ZTI3LTg5YzctZjUxMmMyZGFjNGM0
LzEvZWQ4UWZXdnh6TWdZOW0yTnFOMkY3cEpLRE9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATBjrAD
BALBjrgwDQYJKoZIhvcNAQELBQADggEBAG7nRgewgdFVU+ea1l2WQttGYMSmJI3X
yEv3HP9g2mvt8hymy9SvpHJ9Zk3Gm2hehbKdQE1ODVnBGmE7TKOmbEtVS9u/XWRa
Je2J4FJvfJIZR7PZYBRhzvQ9BVbPgsP9kSVsROuASKVxNAfhsH0Y6vitx7fPAsqx
Vez+hJZeoZdaKcf2IfiBbCOGBv5yZvUwagxigJzEN23TO5ZfQP/ULL5u1dJXsV5o
Ya/U2e/FV4Jq6wFTG2l0MacZAZuBiCcf5/Rt8R/YZbh9nDvlMlfuzwZoHBOp5QIQ
tKu2t09TNubgy0yBFDZc9En2rInUccdiQ5XrqnUfqBJoP4EjUqYNVN4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:12 2024 by rpki-client on console-ams.rpki-client.org