Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/yLZXQHaKJpgpq8bBPLIMX-suqxc.roa
File: yLZXQHaKJpgpq8bBPLIMX-suqxc.roa (raw, json)
Hash identifier: w+woxwzGrNJVb3Lc4wrZmkreg2RrJwnrOrlgzR33QMc=
Subject key identifier: C8:B6:57:40:76:8A:26:98:29:AB:C6:C1:3C:B2:0C:5F:EB:2E:AB:17
Certificate issuer: /CN=9c4d86afb59f1d9dd16c1125009b998382e36ed3
Certificate serial: 6646B8
Authority key identifier: 9C:4D:86:AF:B5:9F:1D:9D:D1:6C:11:25:00:9B:99:83:82:E3:6E:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/yLZXQHaKJpgpq8bBPLIMX-suqxc.roa
Signing time: Sat 01 Jan 2022 02:54:08 +0000
ROA not before: Sat 01 Jan 2022 02:54:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48847
IP address blocks: 193.84.118.0/24 maxlen: 24
193.84.114.0/23 maxlen: 23
193.84.114.0/24 maxlen: 24
193.84.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6702776 (0x6646b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4d86afb59f1d9dd16c1125009b998382e36ed3
Validity
Not Before: Jan 1 02:54:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8b65740768a269829abc6c13cb20c5feb2eab17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:10:4a:ad:21:60:63:08:2b:c6:88:07:31:e7:
a8:5c:1d:0d:5b:11:20:be:81:3d:ae:8b:e6:d3:f9:
d5:50:28:c2:20:d0:bc:9d:30:f1:8c:ea:10:42:51:
09:70:cd:de:06:2b:9e:d9:81:4a:23:0c:84:23:75:
52:a7:49:e9:95:6e:7f:76:82:2a:48:3e:ff:cc:e9:
cb:5d:b9:f5:7e:cb:77:b4:8c:2a:e0:ad:7f:13:87:
bb:0a:5e:b2:02:38:59:d9:03:93:18:3a:5d:4a:aa:
55:09:13:68:08:77:0f:b0:01:98:cd:5a:bb:4f:3b:
dc:91:72:71:ba:46:21:4d:ad:11:7b:94:0e:b6:da:
1f:70:19:78:92:31:19:d9:9b:ff:b7:82:48:cc:7c:
1d:50:ad:b8:2c:4b:8e:ba:37:45:07:33:66:3a:ae:
4e:4a:88:1c:b5:5c:31:4e:9e:32:9b:b8:a0:34:17:
94:42:32:37:93:05:56:49:01:cb:c4:54:5c:da:a6:
d4:e9:f8:f4:2e:cd:2d:26:e3:db:82:4c:31:10:db:
8b:6e:2e:81:a7:e6:35:81:4f:ff:0a:07:36:ad:6e:
a7:04:16:31:79:75:15:cc:8a:3c:68:7b:01:57:94:
af:5b:20:87:7d:11:57:a0:48:d5:62:4a:30:da:7f:
ac:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B6:57:40:76:8A:26:98:29:AB:C6:C1:3C:B2:0C:5F:EB:2E:AB:17
X509v3 Authority Key Identifier:
keyid:9C:4D:86:AF:B5:9F:1D:9D:D1:6C:11:25:00:9B:99:83:82:E3:6E:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/yLZXQHaKJpgpq8bBPLIMX-suqxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.114.0/23
193.84.118.0/24
Signature Algorithm: sha256WithRSAEncryption
43:02:f8:4b:60:28:90:16:e2:3a:57:68:1f:a4:96:c5:6d:02:
56:86:01:ee:b8:89:50:5f:2e:af:07:ad:f7:32:7e:a1:63:e4:
78:ba:3d:6c:9c:c1:36:67:29:6f:c4:53:f0:7b:99:8a:8b:20:
99:14:d9:42:d5:4b:56:92:48:af:41:a7:db:7e:43:52:64:70:
f5:d9:51:4f:da:07:5b:84:50:8c:7e:16:4f:78:18:84:42:3a:
42:7a:cf:e7:40:b4:d4:98:37:55:89:ba:96:b3:34:29:6c:95:
e8:ea:27:ac:58:75:77:db:8a:ba:f3:7b:7d:04:4d:8a:cf:d2:
25:42:d3:e9:49:13:e4:ef:aa:69:03:bb:d3:ce:d3:17:18:0a:
fe:9f:75:f9:1a:13:12:ef:af:7c:e2:ca:4b:1f:0f:c3:a4:3c:
4e:34:2c:8e:45:be:e2:2b:54:da:7f:3e:e6:03:0e:05:33:cd:
92:69:23:7c:3e:78:98:6b:06:93:d3:ae:c2:ab:e2:22:94:47:
17:07:ea:66:c7:f7:d6:7f:c1:8a:00:c5:47:7b:d5:1d:c3:3f:
4b:af:6b:5a:2f:43:fd:ab:55:76:8d:ec:48:4e:12:b1:fb:1c:
04:87:e5:6c:7d:85:37:5e:85:42:53:37:27:17:1e:d3:d0:63:
34:8e:a0:f2
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDZka4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlj
NGQ4NmFmYjU5ZjFkOWRkMTZjMTEyNTAwOWI5OTgzODJlMzZlZDMwHhcNMjIwMTAx
MDI1NDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjOGI2NTc0MDc2OGEy
Njk4MjlhYmM2YzEzY2IyMGM1ZmViMmVhYjE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApBBKrSFgYwgrxogHMeeoXB0NWxEgvoE9rovm0/nVUCjCINC8
nTDxjOoQQlEJcM3eBiue2YFKIwyEI3VSp0nplW5/doIqSD7/zOnLXbn1fst3tIwq
4K1/E4e7Cl6yAjhZ2QOTGDpdSqpVCRNoCHcPsAGYzVq7TzvckXJxukYhTa0Re5QO
ttofcBl4kjEZ2Zv/t4JIzHwdUK24LEuOujdFBzNmOq5OSogctVwxTp4ym7igNBeU
QjI3kwVWSQHLxFRc2qbU6fj0Ls0tJuPbgkwxENuLbi6Bp+Y1gU//Cgc2rW6nBBYx
eXUVzIo8aHsBV5SvWyCHfRFXoEjVYkow2n+sXwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFMi2V0B2iiaYKavGwTyyDF/rLqsXMB8GA1UdIwQYMBaAFJxNhq+1nx2d0WwR
JQCbmYOC427TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bkUyR3I3V2ZIWjNSYkJFbEFKdVpnNExqYnRNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80MC83NmRjMjUtYjM4OS00MDI0LWJmMjgtZjRmMDU2MWI3YTU3LzEv
eUxaWFFIYUtKcGdwcThiQlBMSU1YLXN1cXhjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83
NmRjMjUtYjM4OS00MDI0LWJmMjgtZjRmMDU2MWI3YTU3LzEvbkUyR3I3V2ZIWjNS
YkJFbEFKdVpnNExqYnRNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwVRyAwQAwVR2MA0GCSqGSIb3DQEB
CwUAA4IBAQBDAvhLYCiQFuI6V2gfpJbFbQJWhgHuuIlQXy6vB633Mn6hY+R4uj1s
nME2ZylvxFPwe5mKiyCZFNlC1UtWkkivQafbfkNSZHD12VFP2gdbhFCMfhZPeBiE
QjpCes/nQLTUmDdVibqWszQpbJXo6iesWHV324q683t9BE2Kz9IlQtPpSRPk76pp
A7vTztMXGAr+n3X5GhMS76984spLHw/DpDxONCyORb7iK1Tafz7mAw4FM82SaSN8
PniYawaT067Cq+IilEcXB+pmx/fWf8GKAMVHe9Udwz9Lr2taL0P9q1V2jexIThKx
+xwEh+VsfYU3XoVCUzcnFx7T0GM0jqDy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:49 2024 by rpki-client on console-fra.rpki-client.org