Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/yzL99AgVzuTW6XXrizQd-h4GGI8.roa
File: yzL99AgVzuTW6XXrizQd-h4GGI8.roa (raw, json)
Hash identifier: qxOwHnQMAmNW+xDgy212rWufOoV7dVwtu+ZcyTbyowU=
Subject key identifier: CB:32:FD:F4:08:15:CE:E4:D6:E9:75:EB:8B:34:1D:FA:1E:06:18:8F
Certificate issuer: /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial: 01856FD527C80982F82F95C280B9004B5DB0
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/yzL99AgVzuTW6XXrizQd-h4GGI8.roa
Signing time: Mon 02 Jan 2023 00:15:18 +0000
ROA not before: Mon 02 Jan 2023 00:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44456
IP address blocks: 89.162.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:27:c8:09:82:f8:2f:95:c2:80:b9:00:4b:5d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Validity
Not Before: Jan 2 00:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb32fdf40815cee4d6e975eb8b341dfa1e06188f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5c:f6:07:79:dd:37:a0:ce:78:18:20:ea:b2:
d2:50:b2:f0:ff:52:49:f7:de:86:3e:ad:68:98:0d:
4b:be:4b:3a:f3:c8:5b:a9:01:27:ad:79:8c:a8:07:
c2:e1:2f:b5:8b:b2:f3:5e:7b:69:52:59:09:de:3b:
a6:ef:65:35:99:e5:62:72:a6:78:a1:6d:8e:59:69:
ed:8d:50:1e:9a:8c:c8:c3:d7:02:60:7e:fb:00:13:
df:46:14:a1:f4:56:55:40:39:c1:eb:f4:e7:e6:8c:
aa:de:5a:26:29:92:90:cd:bf:1c:56:cc:3d:f7:c9:
25:31:73:4f:cf:54:cf:47:19:e3:d6:4b:ee:da:8f:
85:ad:48:7e:b0:b7:14:8c:d4:37:3c:c9:4a:06:ad:
a4:3c:f2:9c:5c:3f:32:54:d1:5f:0f:71:15:46:a9:
77:2f:49:e4:3e:69:05:9e:e8:d9:6a:2c:64:2e:8f:
d5:0c:0a:ff:46:13:de:e2:23:8b:2c:ca:38:6b:ca:
af:f2:f3:78:2f:0a:cf:bd:8b:65:ec:fa:d7:d1:a6:
91:0c:17:b8:d2:0f:e3:d4:b5:96:93:65:16:de:64:
24:d7:a6:e9:d9:2e:da:0b:85:90:a5:ad:07:df:26:
5e:23:74:1d:c6:4f:47:b5:0e:dd:24:38:a0:92:5f:
26:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:32:FD:F4:08:15:CE:E4:D6:E9:75:EB:8B:34:1D:FA:1E:06:18:8F
X509v3 Authority Key Identifier:
keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/yzL99AgVzuTW6XXrizQd-h4GGI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.162.191.0/24
Signature Algorithm: sha256WithRSAEncryption
35:7b:b4:02:7f:62:46:0f:41:d5:35:6f:c4:7f:d7:b9:29:da:
49:7d:24:85:c3:28:1c:02:d2:d4:20:36:71:ff:be:b5:b1:03:
70:fc:92:0d:23:ae:04:30:e4:f4:35:5b:42:33:e5:a1:cd:72:
6a:cc:19:c0:9d:34:1a:97:65:6a:4a:9b:06:29:eb:59:48:00:
62:d6:50:31:8e:c7:19:e0:59:92:5e:41:0e:1f:38:b0:65:db:
1f:f1:2d:fb:e1:ef:fd:31:4c:ff:4d:45:22:fd:b9:81:25:98:
2a:e3:e0:87:30:1f:ef:67:f7:72:67:d3:fb:65:0b:89:a5:60:
89:2d:b5:53:87:03:7f:5b:20:17:1e:05:b0:6b:87:5a:5b:f5:
0a:e4:1b:4f:e2:96:c1:cc:4f:da:42:30:3f:cc:53:cf:98:59:
3b:31:e4:c7:38:78:9f:46:fe:98:d1:02:47:0d:7d:e4:00:92:
2c:ab:37:6e:59:01:dd:32:cb:17:c2:5b:26:f6:a1:21:95:97:
6d:d2:4c:9a:3c:98:71:6d:6c:ad:5b:9a:31:25:ed:13:06:b5:
9f:1f:3a:e8:72:36:cf:e7:30:69:23:28:33:1f:94:23:d4:57:
80:a8:df:fa:59:fa:57:d4:d5:9e:d2:fa:a5:4b:4e:98:ed:df:
3e:e0:9b:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1SfICYL4L5XCgLkAS12wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjliOWUyNTY1ODBjNDM0NGJiMjQxNDQ1YjRkNTJlNTRm
ZGQ1MGIwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjMyZmRmNDA4MTVjZWU0ZDZlOTc1ZWI4YjM0MWRmYTFlMDYxODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplz2B3ndN6DOeBgg6rLSULLw/1JJ
996GPq1omA1Lvks688hbqQEnrXmMqAfC4S+1i7LzXntpUlkJ3jum72U1meVicqZ4
oW2OWWntjVAemozIw9cCYH77ABPfRhSh9FZVQDnB6/Tn5oyq3lomKZKQzb8cVsw9
98klMXNPz1TPRxnj1kvu2o+FrUh+sLcUjNQ3PMlKBq2kPPKcXD8yVNFfD3EVRql3
L0nkPmkFnujZaixkLo/VDAr/RhPe4iOLLMo4a8qv8vN4LwrPvYtl7PrX0aaRDBe4
0g/j1LWWk2UW3mQk16bp2S7aC4WQpa0H3yZeI3Qdxk9HtQ7dJDigkl8mHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsy/fQIFc7k1ul164s0HfoeBhiPMB8GA1UdIwQY
MBaAFFK5ueJWWAxDRLskFEW01S5U/dULMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAt
ZGUwNWM1NDA0NWJiLzEveXpMOTlBZ1Z6dVRXNlhYcml6UWQtaDRHR0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAtZGUwNWM1NDA0NWJi
LzEvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWaK/MA0G
CSqGSIb3DQEBCwUAA4IBAQA1e7QCf2JGD0HVNW/Ef9e5KdpJfSSFwygcAtLUIDZx
/761sQNw/JINI64EMOT0NVtCM+WhzXJqzBnAnTQal2VqSpsGKetZSABi1lAxjscZ
4FmSXkEOHziwZdsf8S374e/9MUz/TUUi/bmBJZgq4+CHMB/vZ/dyZ9P7ZQuJpWCJ
LbVThwN/WyAXHgWwa4daW/UK5BtP4pbBzE/aQjA/zFPPmFk7MeTHOHifRv6Y0QJH
DX3kAJIsqzduWQHdMssXwlsm9qEhlZdt0kyaPJhxbWytW5oxJe0TBrWfHzrocjbP
5zBpIygzH5Qj1FeAqN/6WfpX1NWe0vqlS06Y7d8+4Jsb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:32 2025 by rpki-client