Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yO3JreuBWmbb4uuPnwT2n5rrLMs.roa
File: yO3JreuBWmbb4uuPnwT2n5rrLMs.roa (raw, json)
Hash identifier: iocnD3sswQR5hD4hNQFVahs5cjClgvL1sIO09bhRyhQ=
Subject key identifier: C8:ED:C9:AD:EB:81:5A:66:DB:E2:EB:8F:9F:04:F6:9F:9A:EB:2C:CB
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018291B5BA5E0BACCE1D1D4F081F5FA41E1E
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yO3JreuBWmbb4uuPnwT2n5rrLMs.roa
Signing time: Fri 12 Aug 2022 10:59:42 +0000
ROA not before: Fri 12 Aug 2022 10:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208709
IP address blocks: 194.28.97.0/24 maxlen: 24
2a0c:b641:400::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:91:b5:ba:5e:0b:ac:ce:1d:1d:4f:08:1f:5f:a4:1e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Aug 12 10:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8edc9adeb815a66dbe2eb8f9f04f69f9aeb2ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:aa:73:ad:4f:2c:43:e9:dd:0d:3e:f8:8c:
9a:65:21:82:ed:dc:07:df:eb:19:68:d9:f5:4b:2a:
38:bf:6e:21:c3:ba:10:2b:2c:9b:d3:d4:f4:95:82:
2a:3b:63:6c:cb:97:a3:67:e3:19:f9:16:dc:e0:19:
1f:0c:cb:17:d0:f2:3f:4e:5f:8e:38:79:5f:9e:6e:
7e:e0:08:5f:96:f8:fd:b5:99:71:0e:04:19:a4:f6:
8a:b8:0b:a3:c1:be:2a:35:99:34:1e:8b:37:1d:9f:
b6:0e:9f:57:4e:8b:22:58:2a:17:ed:f5:1b:03:9e:
20:ef:f5:74:5d:14:ec:6a:ef:87:d0:f4:16:40:d8:
45:93:53:2b:83:21:a3:e3:ab:5e:f4:59:4e:a8:f2:
84:aa:a7:28:22:31:f0:31:59:4a:0f:ea:b5:9d:7c:
44:5d:2d:7d:e6:82:cb:82:9d:1e:bd:7e:c4:7a:19:
26:a6:95:9a:63:c6:09:1e:5c:b4:73:fc:61:19:4a:
86:60:49:20:fd:c9:ba:f1:94:e7:4b:80:81:85:85:
7a:35:87:48:70:29:82:6e:42:69:a9:49:3d:a2:9a:
d5:3f:f7:74:b3:53:64:4d:b9:cc:0f:49:df:74:cd:
27:4e:94:03:bf:8c:85:df:ce:ec:f5:72:b5:55:e7:
bc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:ED:C9:AD:EB:81:5A:66:DB:E2:EB:8F:9F:04:F6:9F:9A:EB:2C:CB
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yO3JreuBWmbb4uuPnwT2n5rrLMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.97.0/24
IPv6:
2a0c:b641:400::/44
Signature Algorithm: sha256WithRSAEncryption
5c:77:7b:f3:2f:f1:f9:0c:93:79:44:fb:35:43:ea:50:88:c7:
a3:80:dd:be:5d:07:e7:c0:a1:25:c6:40:4a:ab:1a:75:52:bd:
c7:02:78:3e:83:65:14:87:39:40:2f:ab:dc:b5:ac:23:ea:f0:
4a:6d:81:42:df:2f:6b:19:f5:c0:24:3b:7c:32:8a:6b:9d:26:
8c:e4:b3:de:ca:69:dd:cb:25:15:a9:39:1a:64:90:6f:6b:f5:
be:bc:be:ab:bf:33:c5:86:2d:d7:a6:e6:ee:c6:06:24:a4:98:
6e:44:4c:26:cd:ed:d7:42:63:7f:48:e8:ac:bf:e5:a5:51:c0:
b1:df:90:b1:e3:af:0b:a4:06:6a:a3:bb:b3:23:63:27:8b:78:
51:6e:e7:11:1c:c6:37:0c:d2:8f:b8:b5:29:cc:43:be:55:f0:
2d:31:02:e7:b3:93:ea:a4:48:04:5c:f2:43:71:1a:1d:18:58:
42:1d:1c:19:76:db:55:d2:a4:13:ce:f5:24:fa:c1:38:55:08:
19:3b:83:6b:76:bf:5f:cf:9d:24:77:33:1e:c7:db:60:37:48:
8c:fb:3a:8a:a9:25:29:76:45:76:53:23:21:e3:18:f7:25:59:
c2:70:da:65:07:fb:e4:7f:bb:af:e8:25:f2:5a:6e:22:14:7f:
11:27:23:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKRtbpeC6zOHR1PCB9fpB4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjIwODEyMTA1OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVkYzlhZGViODE1YTY2ZGJlMmViOGY5ZjA0ZjY5ZjlhZWIyY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUeqc61PLEPp3Q0++IyaZSGC7dwH
3+sZaNn1Syo4v24hw7oQKyyb09T0lYIqO2Nsy5ejZ+MZ+Rbc4BkfDMsX0PI/Tl+O
OHlfnm5+4Ahflvj9tZlxDgQZpPaKuAujwb4qNZk0Hos3HZ+2Dp9XTosiWCoX7fUb
A54g7/V0XRTsau+H0PQWQNhFk1MrgyGj46te9FlOqPKEqqcoIjHwMVlKD+q1nXxE
XS195oLLgp0evX7EehkmppWaY8YJHly0c/xhGUqGYEkg/cm68ZTnS4CBhYV6NYdI
cCmCbkJpqUk9oprVP/d0s1NkTbnMD0nfdM0nTpQDv4yF387s9XK1Vee8yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMjtya3rgVpm2+Lrj58E9p+a6yzLMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveU8zSnJldUJXbWJiNHV1UG53VDJuNXJyTE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwhxhMA8E
AgACMAkDBwQqDLZBBAAwDQYJKoZIhvcNAQELBQADggEBAFx3e/Mv8fkMk3lE+zVD
6lCIx6OA3b5dB+fAoSXGQEqrGnVSvccCeD6DZRSHOUAvq9y1rCPq8EptgULfL2sZ
9cAkO3wyimudJozks97Kad3LJRWpORpkkG9r9b68vqu/M8WGLdem5u7GBiSkmG5E
TCbN7ddCY39I6Ky/5aVRwLHfkLHjrwukBmqju7MjYyeLeFFu5xEcxjcM0o+4tSnM
Q75V8C0xAuezk+qkSARc8kNxGh0YWEIdHBl221XSpBPO9ST6wThVCBk7g2t2v1/P
nSR3Mx7H22A3SIz7OoqpJSl2RXZTIyHjGPclWcJw2mUH++R/u6/oJfJabiIUfxEn
I6M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org