Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/CYTjJKM2_3GGYWycxhAO2iby0MY.roa
File: CYTjJKM2_3GGYWycxhAO2iby0MY.roa (raw, json)
Hash identifier: 6W+krTC1HmMeT8tMi8lhGIWD9r49+//BtTqGUOStw0o=
Subject key identifier: 09:84:E3:24:A3:36:FF:71:86:61:6C:9C:C6:10:0E:DA:26:F2:D0:C6
Certificate issuer: /CN=3c8dfe109de831d32fd78a58cc5c1d149a4553d2
Certificate serial: 01856F0B69F1636BFC228E1F484486A46C1D
Authority key identifier: 3C:8D:FE:10:9D:E8:31:D3:2F:D7:8A:58:CC:5C:1D:14:9A:45:53:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PI3-EJ3oMdMv14pYzFwdFJpFU9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/CYTjJKM2_3GGYWycxhAO2iby0MY.roa
Signing time: Sun 01 Jan 2023 20:34:57 +0000
ROA not before: Sun 01 Jan 2023 20:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16279
IP address blocks: 193.178.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:69:f1:63:6b:fc:22:8e:1f:48:44:86:a4:6c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c8dfe109de831d32fd78a58cc5c1d149a4553d2
Validity
Not Before: Jan 1 20:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0984e324a336ff7186616c9cc6100eda26f2d0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:58:c5:dc:1d:28:68:35:a2:00:9e:dc:d5:37:
20:d9:68:e1:ff:28:89:d7:a0:4b:c3:6a:35:af:1c:
02:d4:ba:72:2c:98:1e:e8:80:b1:ba:60:59:8e:7c:
53:a2:e8:50:9e:4f:3a:d6:e5:44:b0:e9:75:d4:37:
31:3d:d3:00:d1:83:c6:46:58:3f:a0:47:76:95:39:
3b:a6:8c:88:70:5d:f7:34:e1:2f:b0:bf:fe:34:39:
77:46:62:84:18:43:2e:0e:a8:9c:85:19:a6:85:a1:
4f:42:08:38:1c:3d:42:a0:65:18:a5:e3:95:b1:d7:
bc:2d:56:9e:28:72:45:03:97:a3:04:2e:a0:0f:c9:
89:a5:f3:eb:ee:ab:d7:3a:e5:63:b7:ba:2b:4c:55:
64:64:e3:9f:e0:a1:7d:4c:bf:5b:75:29:07:25:55:
db:af:2e:13:fe:1d:54:f7:93:11:bb:c3:1f:9a:2a:
83:cb:bb:92:eb:cb:f5:1b:b9:04:e4:24:a4:08:bf:
78:1e:36:45:dc:00:e3:6b:05:f4:ad:40:d9:75:17:
09:f0:a1:f3:02:e5:83:bf:14:24:73:63:f0:ed:fc:
d3:00:80:c7:82:3f:74:5b:26:56:79:bb:2f:26:89:
e6:0c:9e:23:9d:9e:f7:0f:4b:62:f3:fc:f9:2c:1f:
83:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:84:E3:24:A3:36:FF:71:86:61:6C:9C:C6:10:0E:DA:26:F2:D0:C6
X509v3 Authority Key Identifier:
keyid:3C:8D:FE:10:9D:E8:31:D3:2F:D7:8A:58:CC:5C:1D:14:9A:45:53:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI3-EJ3oMdMv14pYzFwdFJpFU9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/CYTjJKM2_3GGYWycxhAO2iby0MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/PI3-EJ3oMdMv14pYzFwdFJpFU9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.176.0/21
Signature Algorithm: sha256WithRSAEncryption
99:2c:78:87:09:c1:c0:6b:6c:06:d5:7f:a2:71:1d:fd:c2:79:
0b:27:51:d6:db:2c:c1:f7:53:90:07:1a:06:07:f7:60:e6:10:
c6:f6:4d:2c:e2:f6:24:bf:e4:10:01:2d:2e:27:17:05:cb:49:
7e:b6:d3:e7:18:d8:ab:f2:30:68:fb:61:53:76:3c:f4:73:2a:
68:29:d9:4c:54:3c:0f:50:79:34:9f:23:7a:b5:d4:35:27:66:
8d:60:4b:e0:1f:cd:5f:4d:2e:bc:28:a0:ea:b2:cc:ac:37:fc:
a1:50:1f:a0:a6:24:96:85:a3:51:b0:f2:4c:69:c0:47:ee:25:
39:ff:7e:01:d4:da:b6:ae:45:a5:81:54:9d:cf:df:28:2c:e4:
0a:6b:8b:76:d0:25:0b:bd:10:3b:73:fe:d4:13:41:5b:2c:e9:
95:bb:86:2e:19:90:71:02:ce:da:d6:83:1c:79:36:d4:53:59:
b7:f4:27:78:88:a9:94:7d:41:d9:b4:31:47:c8:62:eb:58:52:
4b:58:e2:ce:58:5e:4d:a0:6b:62:19:04:10:72:ba:d7:c1:90:
e0:60:2f:7e:0c:68:16:c4:48:49:bc:dd:e9:4e:a2:bd:83:45:
ad:15:37:e9:0e:7f:70:23:1e:fb:d8:88:17:33:f7:92:a3:f4:
a0:52:7c:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC2nxY2v8Io4fSESGpGwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGRmZTEwOWRlODMxZDMyZmQ3OGE1OGNjNWMxZDE0OWE0
NTUzZDIwHhcNMjMwMTAxMjAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg0ZTMyNGEzMzZmZjcxODY2MTZjOWNjNjEwMGVkYTI2ZjJkMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1jF3B0oaDWiAJ7c1Tcg2Wjh/yiJ
16BLw2o1rxwC1LpyLJge6ICxumBZjnxTouhQnk861uVEsOl11DcxPdMA0YPGRlg/
oEd2lTk7poyIcF33NOEvsL/+NDl3RmKEGEMuDqichRmmhaFPQgg4HD1CoGUYpeOV
sde8LVaeKHJFA5ejBC6gD8mJpfPr7qvXOuVjt7orTFVkZOOf4KF9TL9bdSkHJVXb
ry4T/h1U95MRu8MfmiqDy7uS68v1G7kE5CSkCL94HjZF3ADjawX0rUDZdRcJ8KHz
AuWDvxQkc2Pw7fzTAIDHgj90WyZWebsvJonmDJ4jnZ73D0ti8/z5LB+D3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmE4ySjNv9xhmFsnMYQDtom8tDGMB8GA1UdIwQY
MBaAFDyN/hCd6DHTL9eKWMxcHRSaRVPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEkzLUVKM29NZE12MTRwWXpGd2RGSnBGVTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kNTc5NjktZWE1Zi00NTE4LTkyZTEt
NTNhMDY4MGY5NzEwLzEvQ1lUakpLTTJfM0dHWVd5Y3hoQU8yaWJ5ME1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kNTc5NjktZWE1Zi00NTE4LTkyZTEtNTNhMDY4MGY5NzEw
LzEvUEkzLUVKM29NZE12MTRwWXpGd2RGSnBGVTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwbKwMA0G
CSqGSIb3DQEBCwUAA4IBAQCZLHiHCcHAa2wG1X+icR39wnkLJ1HW2yzB91OQBxoG
B/dg5hDG9k0s4vYkv+QQAS0uJxcFy0l+ttPnGNir8jBo+2FTdjz0cypoKdlMVDwP
UHk0nyN6tdQ1J2aNYEvgH81fTS68KKDqssysN/yhUB+gpiSWhaNRsPJMacBH7iU5
/34B1Nq2rkWlgVSdz98oLOQKa4t20CULvRA7c/7UE0FbLOmVu4YuGZBxAs7a1oMc
eTbUU1m39Cd4iKmUfUHZtDFHyGLrWFJLWOLOWF5NoGtiGQQQcrrXwZDgYC9+DGgW
xEhJvN3pTqK9g0WtFTfpDn9wIx772IgXM/eSo/SgUnwT
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:09 2025 by rpki-client