Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yyyntCWzjrfAaYjr9aQkSUENnTY.roa
File: yyyntCWzjrfAaYjr9aQkSUENnTY.roa (raw, json)
Hash identifier: t5py1AAUiazspADbWaRQdj7SrsVqsik8WCm2nc4bxm8=
Subject key identifier: CB:2C:A7:B4:25:B3:8E:B7:C0:69:88:EB:F5:A4:24:49:41:0D:9D:36
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01829D90B15DAE8ABA42BB13489F23ECEA59
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yyyntCWzjrfAaYjr9aQkSUENnTY.roa
Signing time: Sun 14 Aug 2022 18:14:41 +0000
ROA not before: Sun 14 Aug 2022 18:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 91.226.58.0/23 maxlen: 24
193.93.54.0/23 maxlen: 24
193.93.52.0/23 maxlen: 24
87.237.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:9d:90:b1:5d:ae:8a:ba:42:bb:13:48:9f:23:ec:ea:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 14 18:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb2ca7b425b38eb7c06988ebf5a42449410d9d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:21:ec:bc:85:05:6c:da:50:cc:c8:35:7b:4e:
20:0a:23:a3:fb:e8:fe:13:12:06:cd:9c:70:a3:a3:
3c:e0:94:88:e4:4b:d3:d4:9c:45:34:a9:b3:9f:fb:
d5:e6:74:d3:8d:79:64:ce:60:d9:96:6c:b1:e9:07:
77:2f:84:44:4a:44:dc:fe:f1:a0:ae:3b:6e:1d:ef:
de:8e:60:ca:66:52:d9:d1:9a:0d:13:70:71:6e:b6:
20:b7:e2:fa:20:d1:ce:81:d8:a8:e0:21:74:d3:e6:
77:93:f3:9b:e1:57:2d:38:75:02:fe:39:b0:e8:a8:
40:2f:d7:b1:9f:12:ae:9a:1d:da:50:c8:0f:b9:e7:
f5:61:79:c4:70:08:a0:c8:5b:17:0f:80:ed:ba:71:
73:eb:ea:ce:3c:99:00:01:eb:7a:34:e0:af:30:dd:
90:3f:cd:32:4a:44:01:fb:89:ec:a9:ef:c9:87:22:
9b:50:a0:9e:93:20:4a:58:03:dc:5a:d3:32:52:ba:
94:8c:ac:8d:01:d6:a0:c7:ee:d2:51:99:8f:57:2a:
8c:3c:2a:69:0f:06:bd:4c:ec:24:f6:02:63:6f:86:
d9:24:c6:92:44:ad:2f:7b:5c:e4:c0:89:a5:f3:c3:
8d:c0:a2:e0:fe:e2:41:98:13:d1:69:cc:1e:bc:2d:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2C:A7:B4:25:B3:8E:B7:C0:69:88:EB:F5:A4:24:49:41:0D:9D:36
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yyyntCWzjrfAaYjr9aQkSUENnTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.167.0/24
91.226.58.0/23
193.93.52.0/22
Signature Algorithm: sha256WithRSAEncryption
48:02:01:18:a9:62:27:c8:2d:f7:32:50:15:9d:e6:f1:9c:6a:
78:27:51:9b:17:63:12:20:ce:c6:75:4d:c9:29:1f:da:9b:54:
63:3d:f8:35:c8:48:89:02:d7:16:24:a6:18:9b:2a:e9:25:7d:
11:39:cb:13:bc:bb:f7:6d:89:c5:6f:30:17:e5:4e:73:d3:ac:
cd:d6:df:ec:06:ae:ba:86:99:f5:20:44:53:7f:98:f6:b4:06:
b0:d7:ac:d5:7c:13:8f:dc:c1:f4:c2:65:c6:94:a2:e8:bc:ba:
91:f6:92:a4:b5:3f:dd:5c:88:31:24:68:0e:4b:71:db:47:6a:
42:8f:1b:04:78:e9:1d:64:7c:40:03:7f:8f:22:59:b4:8a:74:
8d:4a:70:f4:d0:bb:b4:f9:dc:2e:da:23:a4:8f:fd:ad:40:2d:
45:b4:a3:c5:2c:53:86:63:49:01:de:44:4e:f1:cb:fb:45:4c:
97:78:05:23:f3:83:98:28:6a:aa:e5:08:d4:71:ff:63:39:a6:
ba:86:64:62:15:11:c8:75:5b:0b:a7:da:56:cb:32:bc:e3:ce:
89:e6:37:8c:f7:17:bf:a3:4a:e3:f6:69:58:b0:49:f8:84:c5:
b5:d0:3c:f0:af:9c:58:a5:d1:af:75:c4:fe:4e:d0:9b:3a:43:
df:cb:b6:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKdkLFdroq6QrsTSJ8j7OpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIwODE0MTgxNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjJjYTdiNDI1YjM4ZWI3YzA2OTg4ZWJmNWE0MjQ0OTQxMGQ5ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyHsvIUFbNpQzMg1e04gCiOj++j+
ExIGzZxwo6M84JSI5EvT1JxFNKmzn/vV5nTTjXlkzmDZlmyx6Qd3L4RESkTc/vGg
rjtuHe/ejmDKZlLZ0ZoNE3BxbrYgt+L6INHOgdio4CF00+Z3k/Ob4VctOHUC/jmw
6KhAL9exnxKumh3aUMgPuef1YXnEcAigyFsXD4DtunFz6+rOPJkAAet6NOCvMN2Q
P80ySkQB+4nsqe/JhyKbUKCekyBKWAPcWtMyUrqUjKyNAdagx+7SUZmPVyqMPCpp
Dwa9TOwk9gJjb4bZJMaSRK0ve1zkwIml88ONwKLg/uJBmBPRacwevC0oVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMssp7Qls463wGmI6/WkJElBDZ02MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveXl5bnRDV3pqcmZBYVlqcjlhUWtTVUVOblRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+2nAwQB
W+I6AwQCwV00MA0GCSqGSIb3DQEBCwUAA4IBAQBIAgEYqWInyC33MlAVnebxnGp4
J1GbF2MSIM7GdU3JKR/am1RjPfg1yEiJAtcWJKYYmyrpJX0ROcsTvLv3bYnFbzAX
5U5z06zN1t/sBq66hpn1IERTf5j2tAaw16zVfBOP3MH0wmXGlKLovLqR9pKktT/d
XIgxJGgOS3HbR2pCjxsEeOkdZHxAA3+PIlm0inSNSnD00Lu0+dwu2iOkj/2tQC1F
tKPFLFOGY0kB3kRO8cv7RUyXeAUj84OYKGqq5QjUcf9jOaa6hmRiFRHIdVsLp9pW
yzK8486J5jeM9xe/o0rj9mlYsEn4hMW10Dzwr5xYpdGvdcT+TtCbOkPfy7Zu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org