Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/7df50a-2d87-4d09-b9ac-05821d4099b8/1/yNsLrfAR4uvwda6APhYPWz3d_Ok.roa
File: yNsLrfAR4uvwda6APhYPWz3d_Ok.roa (raw, json)
Hash identifier: KsvMUVjadyM7i5v4MwrbTvajDdVjjZBBO0bCu7JySgk=
Subject key identifier: C8:DB:0B:AD:F0:11:E2:EB:F0:75:AE:80:3E:16:0F:5B:3D:DD:FC:E9
Certificate issuer: /CN=3283151e838675754629260425bffce929d8a8ed
Certificate serial: 01856E2652B6664DC66FB733F24B71B19C91
Authority key identifier: 32:83:15:1E:83:86:75:75:46:29:26:04:25:BF:FC:E9:29:D8:A8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MoMVHoOGdXVGKSYEJb_86SnYqO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/7df50a-2d87-4d09-b9ac-05821d4099b8/1/yNsLrfAR4uvwda6APhYPWz3d_Ok.roa
Signing time: Sun 01 Jan 2023 16:24:43 +0000
ROA not before: Sun 01 Jan 2023 16:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12388
IP address blocks: 83.220.192.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:52:b6:66:4d:c6:6f:b7:33:f2:4b:71:b1:9c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3283151e838675754629260425bffce929d8a8ed
Validity
Not Before: Jan 1 16:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8db0badf011e2ebf075ae803e160f5b3dddfce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:09:bd:62:7f:c7:f7:2f:19:f8:17:7b:8b:58:
1d:68:69:03:74:b5:9e:e1:98:de:3c:34:64:be:be:
a4:73:4f:5c:bf:f6:b1:f9:8f:ec:c8:56:a6:ca:1e:
34:4e:44:92:26:92:99:99:1c:56:36:ce:f1:ef:af:
58:50:67:57:8c:ca:19:41:3e:fe:d3:ad:7f:ee:66:
69:58:0d:85:89:f5:24:e5:29:eb:0d:0f:d2:62:9f:
5e:db:95:bc:90:9e:da:e5:e0:88:50:a8:f8:71:69:
be:ec:d9:54:b9:ce:5e:6e:a4:9f:12:51:aa:12:2f:
ee:7b:3a:4d:63:56:58:59:b2:bb:dd:9f:2d:3b:da:
b1:81:c8:9b:b7:b1:22:9a:a7:38:00:c3:c9:d5:39:
8d:07:80:02:ca:9a:b7:93:d2:1e:98:0c:d2:2b:2b:
46:0f:c4:f1:a8:80:b8:eb:a5:b4:9f:ce:e8:e0:77:
e5:33:08:04:dd:e3:3c:fe:48:ee:bb:48:38:18:7b:
1b:f1:ba:6a:dc:d1:aa:3e:59:4e:25:54:b3:02:c7:
8c:61:8f:36:32:67:4f:ea:6c:26:ba:b9:64:a3:06:
21:4d:64:ac:50:d6:f4:a4:51:20:c6:c4:56:f8:34:
62:52:4d:44:29:a6:00:57:a6:0e:2b:3b:39:9f:79:
ce:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DB:0B:AD:F0:11:E2:EB:F0:75:AE:80:3E:16:0F:5B:3D:DD:FC:E9
X509v3 Authority Key Identifier:
keyid:32:83:15:1E:83:86:75:75:46:29:26:04:25:BF:FC:E9:29:D8:A8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MoMVHoOGdXVGKSYEJb_86SnYqO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7df50a-2d87-4d09-b9ac-05821d4099b8/1/yNsLrfAR4uvwda6APhYPWz3d_Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7df50a-2d87-4d09-b9ac-05821d4099b8/1/MoMVHoOGdXVGKSYEJb_86SnYqO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.192.0/19
Signature Algorithm: sha256WithRSAEncryption
46:3d:bc:7a:8a:0b:00:bd:4b:93:6e:b6:29:57:8d:b7:60:bd:
5c:1d:19:5d:7b:11:d4:9d:72:8b:71:ec:d9:41:92:ec:5b:e9:
ae:ad:24:34:c9:89:e7:14:9f:e6:ed:9e:13:0d:ff:46:a8:24:
ba:9a:33:29:06:2c:0e:dc:b4:81:1e:a7:b6:db:5e:45:13:bf:
d7:e6:54:72:9e:2b:73:e6:d8:6e:c0:ac:8d:9d:60:9d:b7:42:
c2:8d:68:94:8b:39:d0:43:13:88:ac:9a:be:9b:60:08:73:49:
76:cb:c5:37:16:fd:20:a6:a9:07:bf:f3:14:2f:a3:96:fb:c6:
81:e3:ab:44:bd:06:34:8b:42:cf:46:bf:61:05:4b:1d:c4:66:
0d:3c:c7:28:19:c6:69:93:72:5d:38:e6:33:ce:5d:ab:8b:60:
94:b9:f2:6b:a9:14:94:b8:62:a2:62:1f:09:c1:8f:7f:33:45:
8b:06:cf:83:d1:40:4e:6b:d1:be:4c:c5:bc:b0:e7:a2:12:64:
30:e4:47:09:1d:f4:cb:4e:f8:e3:4f:20:33:7d:65:51:4c:98:
7b:0a:33:2e:7b:12:74:ec:aa:7b:2a:5d:77:64:b3:4a:a9:74:
68:09:89:07:59:43:cd:5f:1a:f3:8f:99:49:83:aa:41:84:67:
83:7a:2b:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJlK2Zk3Gb7cz8ktxsZyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyODMxNTFlODM4Njc1NzU0NjI5MjYwNDI1YmZmY2U5Mjlk
OGE4ZWQwHhcNMjMwMTAxMTYyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRiMGJhZGYwMTFlMmViZjA3NWFlODAzZTE2MGY1YjNkZGRmY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgm9Yn/H9y8Z+Bd7i1gdaGkDdLWe
4ZjePDRkvr6kc09cv/ax+Y/syFamyh40TkSSJpKZmRxWNs7x769YUGdXjMoZQT7+
061/7mZpWA2FifUk5SnrDQ/SYp9e25W8kJ7a5eCIUKj4cWm+7NlUuc5ebqSfElGq
Ei/uezpNY1ZYWbK73Z8tO9qxgcibt7Eimqc4AMPJ1TmNB4ACypq3k9IemAzSKytG
D8TxqIC466W0n87o4HflMwgE3eM8/kjuu0g4GHsb8bpq3NGqPllOJVSzAseMYY82
MmdP6mwmurlkowYhTWSsUNb0pFEgxsRW+DRiUk1EKaYAV6YOKzs5n3nOmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjbC63wEeLr8HWugD4WD1s93fzpMB8GA1UdIwQY
MBaAFDKDFR6DhnV1RikmBCW//Okp2KjtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW9NVkhvT0dkWFZHS1NZRUpiXzg2U25ZcU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ZGY1MGEtMmQ4Ny00ZDA5LWI5YWMt
MDU4MjFkNDA5OWI4LzEveU5zTHJmQVI0dXZ3ZGE2QVBoWVBXejNkX09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ZGY1MGEtMmQ4Ny00ZDA5LWI5YWMtMDU4MjFkNDA5OWI4
LzEvTW9NVkhvT0dkWFZHS1NZRUpiXzg2U25ZcU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU9zAMA0G
CSqGSIb3DQEBCwUAA4IBAQBGPbx6igsAvUuTbrYpV423YL1cHRldexHUnXKLcezZ
QZLsW+murSQ0yYnnFJ/m7Z4TDf9GqCS6mjMpBiwO3LSBHqe2215FE7/X5lRynitz
5thuwKyNnWCdt0LCjWiUiznQQxOIrJq+m2AIc0l2y8U3Fv0gpqkHv/MUL6OW+8aB
46tEvQY0i0LPRr9hBUsdxGYNPMcoGcZpk3JdOOYzzl2ri2CUufJrqRSUuGKiYh8J
wY9/M0WLBs+D0UBOa9G+TMW8sOeiEmQw5EcJHfTLTvjjTyAzfWVRTJh7CjMuexJ0
7Kp7Kl13ZLNKqXRoCYkHWUPNXxrzj5lJg6pBhGeDeiuQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:45 2025 by rpki-client