Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yKTfVYGJPW3xVAuHR1sVJVl45vo.roa
File: yKTfVYGJPW3xVAuHR1sVJVl45vo.roa (raw, json)
Hash identifier: usJT2nR/o37Y9QV0mxuQIfrJnytzdcs/CM0JW4V8ibg=
Subject key identifier: C8:A4:DF:55:81:89:3D:6D:F1:54:0B:87:47:5B:15:25:59:78:E6:FA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01891A851947E2FF0662D4B00E4EA5405AC8
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yKTfVYGJPW3xVAuHR1sVJVl45vo.roa
Signing time: Mon 03 Jul 2023 06:51:17 +0000
ROA not before: Mon 03 Jul 2023 06:51:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197971
IP address blocks: 92.38.86.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:85:19:47:e2:ff:06:62:d4:b0:0e:4e:a5:40:5a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jul 3 06:51:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8a4df5581893d6df1540b87475b15255978e6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d6:a6:3a:b4:d0:0c:c3:33:a7:0e:59:39:1d:
a4:a6:76:4c:b2:46:c5:22:37:01:16:81:b2:c5:b6:
89:36:ba:aa:73:af:3f:eb:4b:66:c0:bb:8d:55:00:
10:b1:44:c6:15:8b:cc:a4:e6:29:28:23:75:ef:ec:
57:37:40:0e:e5:08:b1:fe:28:89:77:15:7e:cd:7e:
11:6b:31:b0:4d:84:92:a4:a1:18:38:22:c4:82:cd:
97:da:ad:c6:ac:ea:2a:41:5d:4b:07:d2:11:09:5c:
c7:47:c7:65:a5:d9:dc:b7:ab:0f:6e:bd:fd:ca:f1:
14:b1:19:ca:87:5c:5e:19:ba:66:a1:36:dc:1f:02:
84:fb:bc:c8:46:53:6a:e1:b1:16:ea:20:f9:e7:c5:
be:fd:4b:05:e8:1d:41:b1:32:3e:80:6f:85:ff:77:
fe:86:c5:26:bc:ea:29:f4:b6:9a:d7:d2:5c:c8:f8:
7f:c9:a6:ab:56:e7:fb:e2:6c:da:54:94:ee:b5:bf:
b8:fb:35:21:58:6f:05:74:e3:46:ec:13:3e:65:54:
13:88:07:51:86:eb:0a:3b:ec:92:a3:96:da:c9:82:
bc:f8:b3:2f:69:9c:82:1a:74:4d:6a:46:53:5b:6e:
02:3a:74:8d:ac:4e:71:99:35:9a:ab:63:dd:da:1f:
4c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A4:DF:55:81:89:3D:6D:F1:54:0B:87:47:5B:15:25:59:78:E6:FA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yKTfVYGJPW3xVAuHR1sVJVl45vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.86.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:04:5c:f0:0f:10:b0:81:bf:bd:db:33:54:bd:62:26:3b:f6:
73:99:bd:a5:52:0e:99:cf:72:36:fc:0d:d1:e9:61:38:78:ab:
6a:0d:fe:88:86:a0:53:fb:44:aa:6c:c7:ef:a0:c8:89:7b:9c:
a7:92:21:53:21:70:90:8b:60:cf:3a:e6:b2:98:af:6c:02:c3:
c9:5e:7f:86:ce:fe:fb:af:4d:e1:fa:e2:e1:0e:16:5e:d0:e0:
a6:ea:ec:1d:17:4f:98:be:99:53:ee:93:87:b8:b7:e1:cb:8d:
65:58:07:b3:eb:a6:78:70:11:b7:36:63:2f:34:5c:29:67:25:
f1:54:a9:6a:36:30:26:70:d1:f7:b1:12:cf:8f:58:d1:5e:db:
45:64:2c:40:c2:85:cf:d0:60:80:26:f5:f2:c1:cd:85:0c:c6:
38:c3:37:48:c6:3f:d8:66:52:aa:cd:68:1f:a0:bb:96:08:4b:
50:30:09:d4:09:03:64:41:7b:9d:b3:83:b1:86:2d:25:34:26:
20:6d:09:34:b4:97:ff:36:67:5c:87:58:88:4a:c2:25:ae:35:
0a:2a:f9:da:e7:db:c4:b3:8d:ed:59:93:c7:cb:46:b0:d0:90:
ff:73:fc:4f:63:ac:d8:9d:8f:48:a8:c2:2c:0c:4a:40:28:86:
24:59:e7:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkahRlH4v8GYtSwDk6lQFrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNzAzMDY1MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE0ZGY1NTgxODkzZDZkZjE1NDBiODc0NzViMTUyNTU5NzhlNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9amOrTQDMMzpw5ZOR2kpnZMskbF
IjcBFoGyxbaJNrqqc68/60tmwLuNVQAQsUTGFYvMpOYpKCN17+xXN0AO5Qix/iiJ
dxV+zX4RazGwTYSSpKEYOCLEgs2X2q3GrOoqQV1LB9IRCVzHR8dlpdnct6sPbr39
yvEUsRnKh1xeGbpmoTbcHwKE+7zIRlNq4bEW6iD558W+/UsF6B1BsTI+gG+F/3f+
hsUmvOop9Laa19JcyPh/yaarVuf74mzaVJTutb+4+zUhWG8FdONG7BM+ZVQTiAdR
husKO+ySo5bayYK8+LMvaZyCGnRNakZTW24COnSNrE5xmTWaq2Pd2h9MawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMik31WBiT1t8VQLh0dbFSVZeOb6MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveUtUZlZZR0pQVzN4VkF1SFIxc1ZKVmw0NXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXCZWMA0G
CSqGSIb3DQEBCwUAA4IBAQCfBFzwDxCwgb+92zNUvWImO/Zzmb2lUg6Zz3I2/A3R
6WE4eKtqDf6IhqBT+0SqbMfvoMiJe5ynkiFTIXCQi2DPOuaymK9sAsPJXn+Gzv77
r03h+uLhDhZe0OCm6uwdF0+YvplT7pOHuLfhy41lWAez66Z4cBG3NmMvNFwpZyXx
VKlqNjAmcNH3sRLPj1jRXttFZCxAwoXP0GCAJvXywc2FDMY4wzdIxj/YZlKqzWgf
oLuWCEtQMAnUCQNkQXuds4Oxhi0lNCYgbQk0tJf/Nmdch1iISsIlrjUKKvna59vE
s43tWZPHy0aw0JD/c/xPY6zYnY9IqMIsDEpAKIYkWecs
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:24 2025 by rpki-client