Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/ykK06QuRM109bTxqlKEseMSTpN0.roa
File: ykK06QuRM109bTxqlKEseMSTpN0.roa (raw, json)
Hash identifier: pj3UUoCzX1H6U6htIKRYQifaUCiL6nL7e1LHV45jmEQ=
Subject key identifier: CA:42:B4:E9:0B:91:33:5D:3D:6D:3C:6A:94:A1:2C:78:C4:93:A4:DD
Certificate issuer: /CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Certificate serial: 0185737192CB44CFDC61AF5C9306BCE4A96F
Authority key identifier: EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/ykK06QuRM109bTxqlKEseMSTpN0.roa
Signing time: Mon 02 Jan 2023 17:05:00 +0000
ROA not before: Mon 02 Jan 2023 17:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9230
IP address blocks: 193.32.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:92:cb:44:cf:dc:61:af:5c:93:06:bc:e4:a9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Validity
Not Before: Jan 2 17:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca42b4e90b91335d3d6d3c6a94a12c78c493a4dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:51:6d:06:6b:07:dd:e9:47:57:10:c1:6d:d8:
59:50:a9:f0:8b:cc:2e:e2:9f:85:57:d9:75:4c:26:
b4:1d:96:3b:eb:33:3d:89:72:7f:c3:90:12:28:70:
69:ad:8b:33:7a:e4:15:83:c1:76:ba:45:df:31:f7:
17:ea:13:6b:3c:86:8d:f2:0d:98:7a:a8:d5:7f:e0:
d1:89:34:0c:7d:49:97:19:7c:6b:3d:55:f0:3a:2e:
ca:63:f5:cd:26:b9:ad:ad:15:b6:71:57:af:77:6f:
60:c5:ca:f1:ea:8a:36:0a:41:8e:00:8d:85:88:38:
b7:e8:c9:7e:75:54:f3:75:62:6c:11:62:9a:60:69:
47:29:5b:9a:f5:b0:79:bb:1a:cf:18:f8:6e:8b:77:
53:85:fa:4d:90:8e:72:13:56:66:57:de:97:0b:62:
57:f5:0c:0c:dc:66:42:3a:ac:85:f4:73:18:89:19:
84:c2:f7:a8:c8:ec:21:e4:cd:a9:79:99:07:61:e5:
8e:ce:1d:ac:c7:61:39:e5:1b:d9:aa:e2:5c:75:dc:
c5:e7:dd:bc:b6:62:30:7d:33:d3:75:1c:77:8b:c6:
82:84:3e:5b:7f:44:de:5e:d7:b1:1d:01:16:cc:b5:
89:06:02:43:f9:37:6a:87:25:b9:f3:ff:f2:67:c8:
70:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:42:B4:E9:0B:91:33:5D:3D:6D:3C:6A:94:A1:2C:78:C4:93:A4:DD
X509v3 Authority Key Identifier:
keyid:EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/ykK06QuRM109bTxqlKEseMSTpN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/73_V0zBhqd6SCvHCoTUT1G3SRhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.244.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:46:50:8e:5b:9c:6a:da:d9:1f:01:e0:df:1c:93:4a:bc:1d:
20:44:84:94:5e:63:dc:82:58:72:ec:df:24:b0:ae:0b:92:91:
5c:8f:3a:17:5a:2c:aa:59:87:d9:86:c1:18:52:dc:9c:c3:b3:
57:58:86:26:99:94:86:58:59:c8:9a:0e:24:ef:7c:a2:6f:ed:
c9:3d:4e:5e:6e:9e:d6:40:20:55:c1:4f:cd:1b:74:7e:9f:c2:
c3:dc:62:8d:18:b4:e2:c3:ac:8d:6d:67:da:cb:b9:9e:2e:49:
51:56:43:3f:e9:76:d3:ed:aa:c4:09:22:fb:35:bd:15:0e:5f:
aa:a1:3a:5d:fe:2a:62:31:7d:69:23:94:a4:67:9d:b9:69:95:
8b:06:b0:90:3b:11:c0:38:17:c6:54:7a:54:fb:eb:78:b2:6e:
95:1b:c3:6a:df:64:97:68:a8:40:d6:23:f2:a8:67:e4:e3:89:
4a:a9:5e:5c:2b:04:b5:73:94:67:72:41:1a:17:7c:4f:a4:bc:
42:b6:5d:5d:f2:39:0d:f4:f3:68:d4:6a:6a:65:c9:cb:a7:3e:
74:fd:f0:62:27:ed:d8:4e:79:cf:0d:97:10:56:64:03:83:c3:
ac:f4:7f:d8:d9:4f:3b:2b:33:ba:36:66:d3:fe:90:1c:e1:b8:
48:30:a0:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcZLLRM/cYa9ckwa85KlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2ZkNWQzMzA2MWE5ZGU5MjBhZjFjMmExMzUxM2Q0NmRk
MjQ2MTIwHhcNMjMwMTAyMTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQyYjRlOTBiOTEzMzVkM2Q2ZDNjNmE5NGExMmM3OGM0OTNhNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFFtBmsH3elHVxDBbdhZUKnwi8wu
4p+FV9l1TCa0HZY76zM9iXJ/w5ASKHBprYszeuQVg8F2ukXfMfcX6hNrPIaN8g2Y
eqjVf+DRiTQMfUmXGXxrPVXwOi7KY/XNJrmtrRW2cVevd29gxcrx6oo2CkGOAI2F
iDi36Ml+dVTzdWJsEWKaYGlHKVua9bB5uxrPGPhui3dThfpNkI5yE1ZmV96XC2JX
9QwM3GZCOqyF9HMYiRmEwveoyOwh5M2peZkHYeWOzh2sx2E55RvZquJcddzF5928
tmIwfTPTdRx3i8aChD5bf0TeXtexHQEWzLWJBgJD+TdqhyW58//yZ8hwhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpCtOkLkTNdPW08apShLHjEk6TdMB8GA1UdIwQY
MBaAFO9/1dMwYanekgrxwqE1E9Rt0kYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgt
YTEwMmJlMzgyZTUxLzEveWtLMDZRdVJNMTA5YlR4cWxLRXNlTVNUcE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgtYTEwMmJlMzgyZTUx
LzEvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSD0MA0G
CSqGSIb3DQEBCwUAA4IBAQCqRlCOW5xq2tkfAeDfHJNKvB0gRISUXmPcglhy7N8k
sK4LkpFcjzoXWiyqWYfZhsEYUtycw7NXWIYmmZSGWFnImg4k73yib+3JPU5ebp7W
QCBVwU/NG3R+n8LD3GKNGLTiw6yNbWfay7meLklRVkM/6XbT7arECSL7Nb0VDl+q
oTpd/ipiMX1pI5SkZ525aZWLBrCQOxHAOBfGVHpU++t4sm6VG8Nq32SXaKhA1iPy
qGfk44lKqV5cKwS1c5RnckEaF3xPpLxCtl1d8jkN9PNo1GpqZcnLpz50/fBiJ+3Y
TnnPDZcQVmQDg8Os9H/Y2U87KzO6NmbT/pAc4bhIMKCq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:26 2025 by rpki-client