Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/964035-381a-41b0-9fdd-f65d33a9926b/1/Y8upx_sxfAeHrXEWD0FpmsYnSRE.roa
File: Y8upx_sxfAeHrXEWD0FpmsYnSRE.roa (raw, json)
Hash identifier: FvidbJI/nRfxKjlghZS17WpH/e9a+ta6gI+iv9AhHgI=
Subject key identifier: 63:CB:A9:C7:FB:31:7C:07:87:AD:71:16:0F:41:69:9A:C6:27:49:11
Certificate issuer: /CN=fc59549f6dd2b83144b880c23f06fba3b25d3986
Certificate serial: 018570C2BD6291357774756A2B56739C70A6
Authority key identifier: FC:59:54:9F:6D:D2:B8:31:44:B8:80:C2:3F:06:FB:A3:B2:5D:39:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FlUn23SuDFEuIDCPwb7o7JdOYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/964035-381a-41b0-9fdd-f65d33a9926b/1/Y8upx_sxfAeHrXEWD0FpmsYnSRE.roa
Signing time: Mon 02 Jan 2023 04:34:48 +0000
ROA not before: Mon 02 Jan 2023 04:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198841
IP address blocks: 91.239.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:bd:62:91:35:77:74:75:6a:2b:56:73:9c:70:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc59549f6dd2b83144b880c23f06fba3b25d3986
Validity
Not Before: Jan 2 04:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63cba9c7fb317c0787ad71160f41699ac6274911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:eb:4b:af:71:1f:bf:1e:29:70:9a:0f:88:9a:
fb:13:8b:e4:6d:34:fa:47:ea:27:3d:2e:64:cb:89:
a6:0e:16:ac:d0:9f:08:90:90:6f:e1:15:72:35:8f:
fa:36:aa:73:6b:77:83:72:8f:d3:eb:3e:6b:b4:60:
c5:21:45:9b:a1:5b:1f:a3:73:51:e7:c5:1d:1c:ff:
fb:ae:81:53:17:81:e8:8a:59:c1:28:f8:8d:f5:4c:
a5:c2:a1:a2:c3:c8:c5:d2:a6:26:e7:60:45:46:b2:
fe:3b:41:ad:3e:d6:5c:aa:fe:47:8c:f1:f8:6f:ab:
e8:e3:01:68:49:6d:c5:71:db:d9:06:02:ae:0e:88:
8b:e9:44:21:eb:b8:b8:e9:f4:8c:46:53:cf:8a:be:
a9:9d:3f:65:da:35:a5:f2:b0:41:c9:a9:d6:1d:1c:
f7:53:e1:64:45:6d:da:5a:99:95:47:44:64:03:d0:
23:6d:23:92:a8:29:43:8d:b6:2b:6a:ae:aa:a4:56:
fa:72:76:cf:a0:cb:89:f9:47:3d:31:73:ae:9c:bd:
80:a3:a4:f7:d7:51:26:2e:55:6f:87:0a:54:71:42:
9e:7b:ac:43:ae:2a:75:78:1a:ff:48:44:dc:97:74:
9a:54:72:7c:55:8f:81:3b:cf:11:b9:f7:f3:f0:5d:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CB:A9:C7:FB:31:7C:07:87:AD:71:16:0F:41:69:9A:C6:27:49:11
X509v3 Authority Key Identifier:
keyid:FC:59:54:9F:6D:D2:B8:31:44:B8:80:C2:3F:06:FB:A3:B2:5D:39:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FlUn23SuDFEuIDCPwb7o7JdOYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/964035-381a-41b0-9fdd-f65d33a9926b/1/Y8upx_sxfAeHrXEWD0FpmsYnSRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/964035-381a-41b0-9fdd-f65d33a9926b/1/_FlUn23SuDFEuIDCPwb7o7JdOYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.243.0/24
Signature Algorithm: sha256WithRSAEncryption
33:90:4a:af:6f:34:87:f6:8f:3d:b6:1f:a1:cc:30:11:ec:7c:
75:fc:7c:d4:6b:72:4e:20:5b:08:2d:df:54:18:9e:4c:35:39:
67:6a:b1:69:35:d8:a5:bf:05:38:67:3e:e8:4e:96:c4:cc:11:
70:86:17:b6:6b:b0:0b:9b:c6:2a:e3:3d:2a:c0:bc:22:cd:31:
75:3d:26:81:ad:e8:de:0e:ff:e6:d6:a0:a6:d3:d9:49:2c:73:
db:a2:68:b0:e8:b0:8f:ab:23:a1:b3:cc:77:c7:90:50:72:28:
37:84:41:35:bb:e1:69:a7:1c:cb:5e:72:3a:d6:5a:17:8b:d9:
cf:2b:56:39:0f:0c:2d:39:e1:1a:de:b3:0c:b8:0e:58:46:a1:
50:4d:bc:c4:e6:08:e4:51:db:1e:f5:01:fc:81:fc:b4:ae:bd:
e3:a4:40:65:2c:f0:61:86:6f:92:7b:1d:e3:bb:6b:eb:88:7d:
26:12:74:2e:6a:9c:33:c9:67:4c:3d:a8:41:66:e2:4e:8d:7e:
da:82:0c:b8:0a:fb:00:55:8a:b8:55:cd:9b:f3:17:62:06:0b:
b8:8d:e5:19:c2:57:7b:d6:a9:74:0b:ee:aa:f1:6d:9e:0e:d3:
75:ce:dc:2b:33:d1:ce:7a:31:e0:5b:c3:9a:73:18:b2:2e:7c:
41:0d:5a:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwr1ikTV3dHVqK1ZznHCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNTk1NDlmNmRkMmI4MzE0NGI4ODBjMjNmMDZmYmEzYjI1
ZDM5ODYwHhcNMjMwMTAyMDQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2NiYTljN2ZiMzE3YzA3ODdhZDcxMTYwZjQxNjk5YWM2Mjc0OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlutLr3Efvx4pcJoPiJr7E4vkbTT6
R+onPS5ky4mmDhas0J8IkJBv4RVyNY/6Nqpza3eDco/T6z5rtGDFIUWboVsfo3NR
58UdHP/7roFTF4HoilnBKPiN9UylwqGiw8jF0qYm52BFRrL+O0GtPtZcqv5HjPH4
b6vo4wFoSW3FcdvZBgKuDoiL6UQh67i46fSMRlPPir6pnT9l2jWl8rBByanWHRz3
U+FkRW3aWpmVR0RkA9AjbSOSqClDjbYraq6qpFb6cnbPoMuJ+Uc9MXOunL2Ao6T3
11EmLlVvhwpUcUKee6xDrip1eBr/SETcl3SaVHJ8VY+BO88Ruffz8F1SGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPLqcf7MXwHh61xFg9BaZrGJ0kRMB8GA1UdIwQY
MBaAFPxZVJ9t0rgxRLiAwj8G+6OyXTmGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ZsVW4yM1N1REZFdUlEQ1B3YjdvN0pkT1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy85NjQwMzUtMzgxYS00MWIwLTlmZGQt
ZjY1ZDMzYTk5MjZiLzEvWTh1cHhfc3hmQWVIclhFV0QwRnBtc1luU1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy85NjQwMzUtMzgxYS00MWIwLTlmZGQtZjY1ZDMzYTk5MjZi
LzEvX0ZsVW4yM1N1REZFdUlEQ1B3YjdvN0pkT1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/zMA0G
CSqGSIb3DQEBCwUAA4IBAQAzkEqvbzSH9o89th+hzDAR7Hx1/HzUa3JOIFsILd9U
GJ5MNTlnarFpNdilvwU4Zz7oTpbEzBFwhhe2a7ALm8Yq4z0qwLwizTF1PSaBreje
Dv/m1qCm09lJLHPbomiw6LCPqyOhs8x3x5BQcig3hEE1u+FppxzLXnI61loXi9nP
K1Y5DwwtOeEa3rMMuA5YRqFQTbzE5gjkUdse9QH8gfy0rr3jpEBlLPBhhm+Sex3j
u2vriH0mEnQuapwzyWdMPahBZuJOjX7aggy4CvsAVYq4Vc2b8xdiBgu4jeUZwld7
1ql0C+6q8W2eDtN1ztwrM9HOejHgW8OacxiyLnxBDVox
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:14 2025 by rpki-client