Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/YVBleFWDhvc-C6yyV8qZSlNZ0as.roa
File: YVBleFWDhvc-C6yyV8qZSlNZ0as.roa (raw, json)
Hash identifier: /IJ+l65XYYH7ZezpblhHxZADZdsMyOY/bxBOTc5UYVs=
Subject key identifier: 61:50:65:78:55:83:86:F7:3E:0B:AC:B2:57:CA:99:4A:53:59:D1:AB
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 3718B75E
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/YVBleFWDhvc-C6yyV8qZSlNZ0as.roa
Signing time: Sat 01 Jan 2022 11:59:56 +0000
ROA not before: Sat 01 Jan 2022 11:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2603
IP address blocks: 193.10.95.0/24 maxlen: 24
193.10.94.0/24 maxlen: 24
193.10.252.0/24 maxlen: 24
193.11.3.0/24 maxlen: 24
193.10.255.0/24 maxlen: 24
193.10.254.0/24 maxlen: 24
193.10.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924366686 (0x3718b75e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 11:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61506578558386f73e0bacb257ca994a5359d1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:54:90:38:6f:f8:87:4c:67:55:5b:d6:e9:e3:
8a:73:43:e5:e0:f3:08:ad:91:08:ff:7e:c5:c4:d6:
7b:ad:b0:87:b7:2a:d5:5f:87:43:c2:4d:36:02:d0:
bd:42:16:89:5a:76:bd:16:a4:02:da:4d:a7:af:b2:
0f:0f:e3:b8:b9:15:2f:65:6d:f6:f3:93:5f:44:ca:
e7:58:e3:e6:4e:ac:00:dd:a0:0e:19:61:a5:57:d9:
3d:3f:65:9a:a3:0e:d2:ec:1f:8a:7b:e9:94:da:8c:
15:b2:fa:b3:0e:54:ef:6b:b9:27:07:43:68:61:45:
14:4e:c7:a8:c8:8d:55:b3:d2:22:d1:38:91:46:12:
8e:44:42:34:3a:a7:25:59:ca:1f:43:86:a2:2f:60:
8d:1a:b9:a3:86:0a:b2:13:0a:a5:8f:f7:38:5c:5f:
db:bd:c2:bd:82:23:2b:e0:88:00:14:fd:e7:a6:9b:
7e:5b:51:67:bf:bd:4a:cf:46:6f:8d:7b:fb:62:26:
4f:7b:1e:06:bc:52:94:62:d8:90:09:3a:4c:67:68:
1d:ab:64:b2:30:ab:1a:b3:6b:a3:4e:0e:c8:ab:77:
6f:17:df:4c:6f:8b:1b:4d:7a:f5:74:eb:5e:ad:d0:
93:1c:dd:cd:0b:7a:f1:57:be:e8:d8:e2:27:55:68:
82:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:50:65:78:55:83:86:F7:3E:0B:AC:B2:57:CA:99:4A:53:59:D1:AB
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/YVBleFWDhvc-C6yyV8qZSlNZ0as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.10.68.0/24
193.10.94.0/23
193.10.252.0/24
193.10.254.0/23
193.11.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:4f:cb:bc:2d:61:3d:11:2e:69:2b:29:9b:a6:78:32:93:b5:
59:a0:f4:8d:ff:0c:79:bf:2c:aa:44:05:e5:1c:4b:e8:dd:58:
5a:35:f7:15:32:fb:0c:d1:fd:93:62:e1:82:ea:03:a4:01:3a:
9d:bb:e1:fb:d9:fb:88:c5:5d:46:bc:11:82:35:e4:ec:20:0e:
9e:ab:c9:b0:ed:a8:a8:ca:11:19:0e:52:a8:51:86:a1:73:c8:
cc:f6:f3:b6:df:f9:e2:39:05:e6:c8:a9:97:3b:fb:48:6c:6d:
39:57:a3:9a:df:73:bc:9a:12:63:77:1d:2f:12:4c:24:cf:15:
be:91:83:f1:91:7c:64:77:93:b0:d5:cd:f1:5a:56:66:22:93:
e9:73:2b:76:61:c6:8f:f5:bd:d6:2d:df:77:13:81:2f:e3:04:
37:f9:b1:6f:a1:6c:23:e4:99:f9:32:7a:20:96:40:9b:63:b9:
6f:19:d9:91:88:90:0b:ea:73:22:06:bb:15:0a:d1:fb:63:6d:
15:e3:ea:ec:fa:80:38:2e:f5:d7:26:bd:7c:45:91:10:be:25:
1c:a1:fa:a4:c9:91:c4:4c:7a:e7:21:0d:4b:9a:bd:59:9f:30:
8c:3a:05:94:80:e4:80:db:db:15:a8:7e:07:bc:ca:24:47:7c:
7d:c4:04:6d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIENxi3XjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODAxZjIzY2U4MjFjMjY0ZDY3NzI3NTM2ZWMxODM1Mzc1OTRjNWYyMB4XDTIyMDEw
MTExNTk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE1MDY1Nzg1NTgz
ODZmNzNlMGJhY2IyNTdjYTk5NGE1MzU5ZDFhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1UkDhv+IdMZ1Vb1unjinND5eDzCK2RCP9+xcTWe62wh7cq
1V+HQ8JNNgLQvUIWiVp2vRakAtpNp6+yDw/juLkVL2Vt9vOTX0TK51jj5k6sAN2g
DhlhpVfZPT9lmqMO0uwfinvplNqMFbL6sw5U72u5JwdDaGFFFE7HqMiNVbPSItE4
kUYSjkRCNDqnJVnKH0OGoi9gjRq5o4YKshMKpY/3OFxf273CvYIjK+CIABT956ab
fltRZ7+9Ss9Gb417+2ImT3seBrxSlGLYkAk6TGdoHatksjCrGrNro04OyKt3bxff
TG+LG0169XTrXq3QkxzdzQt68Ve+6NjiJ1VoglECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRhUGV4VYOG9z4LrLJXyplKU1nRqzAfBgNVHSMEGDAWgBToAfI86CHCZNZ3
J1NuwYNTdZTF8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZBSHlQT2dod21UV2R5ZFRic0dEVTNXVXhmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8x
L1lWQmxlRldEaHZjLUM2eXlWOHFaU2xOWjBhcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
ZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8xLzZBSHlQT2dod21U
V2R5ZFRic0dEVTNXVXhmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAMEKRAMEAcEKXgMEAMEK/AMEAcEK
/gMEAMELAzANBgkqhkiG9w0BAQsFAAOCAQEAHk/LvC1hPREuaSspm6Z4MpO1WaD0
jf8Meb8sqkQF5RxL6N1YWjX3FTL7DNH9k2LhguoDpAE6nbvh+9n7iMVdRrwRgjXk
7CAOnqvJsO2oqMoRGQ5SqFGGoXPIzPbztt/54jkF5siplzv7SGxtOVejmt9zvJoS
Y3cdLxJMJM8VvpGD8ZF8ZHeTsNXN8VpWZiKT6XMrdmHGj/W91i3fdxOBL+MEN/mx
b6FsI+SZ+TJ6IJZAm2O5bxnZkYiQC+pzIga7FQrR+2NtFePq7PqAOC711ya9fEWR
EL4lHKH6pMmRxEx65yENS5q9WZ8wjDoFlIDkgNvbFah+B7zKJEd8fcQEbQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:57 2023 by rpki-client on console-fra.rpki-client.org