Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/yIZp0rdhg8xnflTmaniswo1DOQk.roa
File: yIZp0rdhg8xnflTmaniswo1DOQk.roa (raw, json)
Hash identifier: NWTyiugRW31Wxwumdpk0ETZXd9bdo7WO/nhnqHAo83w=
Subject key identifier: C8:86:69:D2:B7:61:83:CC:67:7E:54:E6:6A:78:AC:C2:8D:43:39:09
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 332B3758
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/yIZp0rdhg8xnflTmaniswo1DOQk.roa
Signing time: Sat 01 Jan 2022 10:59:12 +0000
ROA not before: Sat 01 Jan 2022 10:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210244
IP address blocks: 212.108.238.0/24 maxlen: 24
195.184.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 858470232 (0x332b3758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 10:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c88669d2b76183cc677e54e66a78acc28d433909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:db:9f:56:b3:92:c5:9c:0d:b0:c0:7c:7e:53:
db:3b:08:6d:2c:41:2e:2c:ce:7f:c9:06:a2:3e:38:
26:fe:fb:02:61:6d:8e:48:6f:d2:d1:ec:96:8f:97:
48:e8:4c:57:7d:41:62:33:c5:54:cd:e8:91:91:a9:
34:72:03:ed:14:5f:2b:75:70:99:68:e3:74:1f:63:
61:91:f7:7b:e1:8e:1c:24:85:68:6a:fe:26:be:be:
8d:8a:df:ee:19:2d:14:05:18:b5:5f:35:80:99:e7:
4f:0d:3f:a7:3f:cb:5b:03:fc:0e:80:74:b2:05:5c:
f5:b1:af:b2:22:7a:35:9e:14:4a:06:ad:3d:2c:d3:
24:ee:90:9a:f0:ed:43:f4:9e:d8:82:72:a6:27:c9:
56:7a:f1:db:34:06:35:e0:68:a6:c2:98:51:68:e8:
2c:f2:e2:e8:4f:b4:cc:10:4f:29:3c:11:64:ab:e5:
97:b9:4c:ec:98:45:16:e0:2e:8c:e0:a5:41:95:5a:
a4:81:fa:60:81:91:73:4e:3b:43:63:a6:8a:5d:00:
9a:d3:c5:91:e2:b1:07:3b:dc:c1:1d:44:e2:89:ab:
a2:4c:42:88:a4:86:e2:16:71:b9:ca:23:dd:42:3a:
c8:ea:2a:f9:7a:fd:de:46:5c:44:72:bb:ec:ee:31:
ac:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:86:69:D2:B7:61:83:CC:67:7E:54:E6:6A:78:AC:C2:8D:43:39:09
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/yIZp0rdhg8xnflTmaniswo1DOQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.184.6.0/24
212.108.238.0/24
Signature Algorithm: sha256WithRSAEncryption
49:ce:15:aa:1f:1c:68:ef:66:9b:b9:8a:85:e3:88:43:c4:bb:
97:fa:30:71:29:07:83:9b:fb:56:c5:aa:c4:88:3b:47:d6:a3:
9c:00:ca:ea:32:dc:42:22:da:45:57:ae:c5:d6:c7:e3:39:1c:
88:1f:51:2a:58:9d:98:46:19:d2:0b:c3:ea:d2:2f:66:35:9c:
ed:31:73:e0:a3:85:fa:9d:6d:ee:6d:14:4b:e0:13:ea:a7:c1:
4b:5f:6a:1e:51:9c:c2:73:34:06:c1:f6:26:3a:09:63:d9:4f:
02:f5:06:80:11:7a:67:fc:91:35:c5:23:2f:2d:cc:9f:d1:32:
86:31:b6:ac:0a:58:2f:a4:d1:ba:e3:c4:f6:d9:d2:67:cf:3e:
2f:88:06:d9:d2:e4:aa:e1:9f:78:4a:74:e7:17:27:ee:7d:f9:
07:15:d3:36:85:9a:15:52:5e:f8:31:ef:d7:a0:e3:9c:8c:95:
29:e3:e7:f2:99:e7:dd:63:3f:b7:e4:5d:61:46:92:12:57:6a:
3a:69:f1:a3:1b:fe:c7:02:10:77:7a:aa:5d:49:57:dd:ae:44:
ae:76:81:3f:fd:98:3e:b2:3a:2f:21:c6:65:56:27:42:0d:ff:
52:35:73:dc:75:b7:ab:f5:c7:53:89:39:fb:1a:2b:b0:e3:96:
f7:e8:ca:3f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMys3WDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmIwOTdhMzZjMjMyNWQxMDMxZmY0MDkxYmEwMGE4NjQ1OWQ0Mjg4MB4XDTIyMDEw
MTEwNTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg4NjY5ZDJiNzYx
ODNjYzY3N2U1NGU2NmE3OGFjYzI4ZDQzMzkwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfbn1azksWcDbDAfH5T2zsIbSxBLizOf8kGoj44Jv77AmFt
jkhv0tHslo+XSOhMV31BYjPFVM3okZGpNHID7RRfK3VwmWjjdB9jYZH3e+GOHCSF
aGr+Jr6+jYrf7hktFAUYtV81gJnnTw0/pz/LWwP8DoB0sgVc9bGvsiJ6NZ4USgat
PSzTJO6QmvDtQ/Se2IJypifJVnrx2zQGNeBopsKYUWjoLPLi6E+0zBBPKTwRZKvl
l7lM7JhFFuAujOClQZVapIH6YIGRc047Q2Omil0AmtPFkeKxBzvcwR1E4omrokxC
iKSG4hZxucoj3UI6yOoq+Xr93kZcRHK77O4xrDMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTIhmnSt2GDzGd+VOZqeKzCjUM5CTAfBgNVHSMEGDAWgBS/sJejbCMl0QMf
9AkboAqGRZ1CiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y3Q1hvMndqSmRFREhfUUpHNkFLaGtXZFFvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZjJjNWU4LThkMzctNDgzOC1hMzNiLWVjYzQ5YmRjMmFkOC8x
L3lJWnAwcmRoZzh4bmZsVG1hbmlzd28xRE9Ray5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZjJjNWU4LThkMzctNDgzOC1hMzNiLWVjYzQ5YmRjMmFkOC8xL3Y3Q1hvMndqSmRF
REhfUUpHNkFLaGtXZFFvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMO4BgMEANRs7jANBgkqhkiG9w0B
AQsFAAOCAQEASc4Vqh8caO9mm7mKheOIQ8S7l/owcSkHg5v7VsWqxIg7R9ajnADK
6jLcQiLaRVeuxdbH4zkciB9RKlidmEYZ0gvD6tIvZjWc7TFz4KOF+p1t7m0US+AT
6qfBS19qHlGcwnM0BsH2JjoJY9lPAvUGgBF6Z/yRNcUjLy3Mn9EyhjG2rApYL6TR
uuPE9tnSZ88+L4gG2dLkquGfeEp05xcn7n35BxXTNoWaFVJe+DHv16DjnIyVKePn
8pnn3WM/t+RdYUaSEldqOmnxoxv+xwIQd3qqXUlX3a5ErnaBP/2YPrI6LyHGZVYn
Qg3/UjVz3HW3q/XHU4k5+xorsOOW9+jKPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:02 2024 by rpki-client on console-fra.rpki-client.org