Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/YuPMZfDLyag2l325JoMBjCPuAXg.roa
File: YuPMZfDLyag2l325JoMBjCPuAXg.roa (raw, json)
Hash identifier: gGmnN52WbDubfh+3E2Pl42kLvde6UDdsTKfI6C7A7rU=
Subject key identifier: 62:E3:CC:65:F0:CB:C9:A8:36:97:7D:B9:26:83:01:8C:23:EE:01:78
Certificate issuer: /CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5
Certificate serial: 0184E281CB1017FDE8A4D0B517238E4B8FD4
Authority key identifier: DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/YuPMZfDLyag2l325JoMBjCPuAXg.roa
Signing time: Mon 05 Dec 2022 13:37:47 +0000
ROA not before: Mon 05 Dec 2022 13:37:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206546
IP address blocks: 194.0.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:81:cb:10:17:fd:e8:a4:d0:b5:17:23:8e:4b:8f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5
Validity
Not Before: Dec 5 13:37:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62e3cc65f0cbc9a836977db92683018c23ee0178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b3:c4:60:35:41:96:dc:8a:4b:0b:76:8b:b2:
70:2c:5b:c2:37:1e:91:f1:6b:6e:2a:b7:d8:fe:4b:
7f:7c:42:be:9c:2d:53:d6:82:e1:75:71:34:6c:d9:
48:4d:d2:17:6f:28:cb:96:d0:37:87:cf:13:1d:84:
15:39:e2:de:33:00:33:09:9b:74:31:b1:ea:14:46:
9f:0d:b6:b1:a8:0d:99:33:80:42:f2:05:e0:af:09:
db:86:32:b4:b8:b1:43:1f:d3:fa:bc:85:a3:d7:36:
c6:5c:42:15:eb:21:1b:8f:df:13:49:4a:ac:cf:49:
e6:49:b1:f8:72:f7:21:eb:d9:e4:b8:98:79:37:d2:
56:e6:b7:72:7c:dc:f0:1f:4a:7e:e5:17:4e:37:12:
b6:07:a2:12:28:bb:34:a0:5a:7d:79:f0:d1:0f:59:
a1:7b:8e:4a:f6:fa:79:a8:27:2a:e5:e4:29:83:04:
ce:16:0b:dd:11:d5:42:4e:96:a8:30:9e:c4:87:cd:
6d:57:a0:4c:9f:11:7c:92:be:7b:c7:e5:d0:61:ae:
33:65:b1:f0:bf:68:ce:32:d8:d7:84:a0:db:96:c7:
0b:37:a5:92:71:cc:df:85:3f:b7:5f:08:e5:5b:e9:
b0:72:da:fa:70:8e:0b:9e:32:39:88:0e:1a:6e:49:
83:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E3:CC:65:F0:CB:C9:A8:36:97:7D:B9:26:83:01:8C:23:EE:01:78
X509v3 Authority Key Identifier:
keyid:DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/YuPMZfDLyag2l325JoMBjCPuAXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.235.0/24
Signature Algorithm: sha256WithRSAEncryption
72:bd:12:8a:99:50:dc:4e:5c:98:64:81:01:8f:bd:fd:09:8f:
21:65:90:d1:12:f6:60:55:50:0d:34:d0:34:f5:55:1e:40:ad:
3f:2d:73:04:6b:61:eb:57:e6:3a:4e:2e:0f:45:ba:ab:a9:42:
7b:e7:88:48:de:8a:a3:19:29:2e:e5:aa:d7:0b:08:a6:c4:fb:
b1:1f:b8:bd:b1:7b:70:17:08:72:e2:f3:2d:2e:2a:7a:5a:e8:
b0:4b:22:36:0b:96:03:59:bc:70:ef:0c:55:52:6d:a5:7f:8a:
ae:a3:c6:a9:ab:92:09:d2:4a:5c:b2:73:40:4b:22:36:9f:95:
a8:b6:c7:9e:60:c8:97:ef:d7:19:16:54:d3:02:a1:27:d6:18:
5b:37:90:c4:19:81:27:ff:76:26:4e:40:79:64:c1:aa:3c:27:
10:f9:48:c7:e3:b3:df:39:8f:9f:9c:60:a7:fe:ed:0e:23:e0:
14:5d:57:56:b1:d3:93:7a:d4:2a:7f:73:d3:2f:3b:98:26:c5:
38:d7:cb:da:a2:65:6f:5b:95:0c:7a:d0:16:57:62:34:6b:11:
11:ca:ad:ab:d9:dc:84:1e:71:91:4c:df:b8:3a:37:04:25:a7:
be:fe:05:03:ba:ed:19:de:2f:bf:53:9b:e1:44:81:c3:08:82:
2a:2a:ec:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTigcsQF/3opNC1FyOOS4/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhODkwZDA1ZDVjODhiN2RlNmY1YmFhNGMxZDA4NWZlNzMw
MWY1ZDUwHhcNMjIxMjA1MTMzNzQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmUzY2M2NWYwY2JjOWE4MzY5NzdkYjkyNjgzMDE4YzIzZWUwMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLPEYDVBltyKSwt2i7JwLFvCNx6R
8WtuKrfY/kt/fEK+nC1T1oLhdXE0bNlITdIXbyjLltA3h88THYQVOeLeMwAzCZt0
MbHqFEafDbaxqA2ZM4BC8gXgrwnbhjK0uLFDH9P6vIWj1zbGXEIV6yEbj98TSUqs
z0nmSbH4cvch69nkuJh5N9JW5rdyfNzwH0p+5RdONxK2B6ISKLs0oFp9efDRD1mh
e45K9vp5qCcq5eQpgwTOFgvdEdVCTpaoMJ7Eh81tV6BMnxF8kr57x+XQYa4zZbHw
v2jOMtjXhKDblscLN6WScczfhT+3XwjlW+mwctr6cI4LnjI5iA4abkmDGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLjzGXwy8moNpd9uSaDAYwj7gF4MB8GA1UdIwQY
MBaAFNqJDQXVyIt95vW6pMHQhf5zAfXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYt
YjQ4MzZiYzE2NGExLzEvWXVQTVpmREx5YWcybDMyNUpvTUJqQ1B1QVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYtYjQ4MzZiYzE2NGEx
LzEvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDrMA0G
CSqGSIb3DQEBCwUAA4IBAQByvRKKmVDcTlyYZIEBj739CY8hZZDREvZgVVANNNA0
9VUeQK0/LXMEa2HrV+Y6Ti4PRbqrqUJ754hI3oqjGSku5arXCwimxPuxH7i9sXtw
Fwhy4vMtLip6WuiwSyI2C5YDWbxw7wxVUm2lf4quo8apq5IJ0kpcsnNASyI2n5Wo
tseeYMiX79cZFlTTAqEn1hhbN5DEGYEn/3YmTkB5ZMGqPCcQ+UjH47PfOY+fnGCn
/u0OI+AUXVdWsdOTetQqf3PTLzuYJsU418vaomVvW5UMetAWV2I0axERyq2r2dyE
HnGRTN+4OjcEJae+/gUDuu0Z3i+/U5vhRIHDCIIqKuxn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:31 2025 by rpki-client