Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/ybLONX659eQIdf0oeM2_sw1VPk8.roa
File: ybLONX659eQIdf0oeM2_sw1VPk8.roa (raw, json)
Hash identifier: 6UgMsoaym5bdWlunn6lM7QPIXerOuCo8U9umK2BLerM=
Subject key identifier: C9:B2:CE:35:7E:B9:F5:E4:08:75:FD:28:78:CD:BF:B3:0D:55:3E:4F
Certificate issuer: /CN=afa474a5ea601c809291ee79bae3918964d0871e
Certificate serial: 4C03
Authority key identifier: AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/ybLONX659eQIdf0oeM2_sw1VPk8.roa
Signing time: Tue 03 May 2022 08:17:27 +0000
ROA not before: Tue 03 May 2022 08:17:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39803
IP address blocks: 195.189.138.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19459 (0x4c03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa474a5ea601c809291ee79bae3918964d0871e
Validity
Not Before: May 3 08:17:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9b2ce357eb9f5e40875fd2878cdbfb30d553e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:80:4b:16:02:db:bc:93:b3:0a:68:85:37:
e4:7e:72:49:4e:de:93:a9:34:5f:14:a1:bb:fd:1a:
1e:b7:c6:84:26:eb:30:80:78:13:0c:4f:0e:81:84:
25:81:32:a0:e0:c6:13:08:39:df:1e:d0:cf:2d:36:
25:c9:4b:6e:4f:62:6a:f5:e1:1e:6d:ef:75:2e:47:
8e:01:f0:0e:21:e9:30:de:0a:8f:72:c4:99:37:04:
4e:93:38:d1:07:dc:92:f2:12:9a:a8:10:ca:e0:1a:
9c:85:71:29:7c:4e:47:ff:bb:f3:de:4f:cc:a3:95:
1e:27:36:71:35:67:86:2b:96:0a:12:23:de:17:5c:
b0:23:27:f5:33:dc:6f:bc:16:c7:8c:d0:de:d9:57:
97:c2:40:ca:7f:72:df:b8:cf:71:9c:24:05:46:f9:
66:91:c8:56:9c:e2:60:13:78:db:23:e3:49:f8:b2:
62:ba:cb:9d:da:2e:d0:0a:55:1b:45:b6:af:44:aa:
1f:9d:9f:15:b3:8f:17:97:44:57:95:a5:28:8c:1a:
d4:9d:6a:0d:50:7b:00:b9:3f:fa:27:d1:27:f8:ae:
0a:91:42:47:99:ea:78:fa:a1:e0:a4:d0:ae:bd:ee:
ee:89:d3:cc:bd:a0:e9:7f:dd:f1:40:cc:2d:3c:1a:
69:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B2:CE:35:7E:B9:F5:E4:08:75:FD:28:78:CD:BF:B3:0D:55:3E:4F
X509v3 Authority Key Identifier:
keyid:AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/ybLONX659eQIdf0oeM2_sw1VPk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/r6R0pepgHICSke55uuORiWTQhx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.138.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:1f:97:85:e8:33:b8:ba:b4:2c:62:bc:0f:07:d1:96:79:03:
4c:c5:05:12:10:a5:0f:fe:a4:5a:f2:a2:89:5d:bf:4b:1c:6e:
46:a2:bc:19:bc:e9:11:0c:26:66:80:38:18:0d:41:e6:76:1e:
e4:8b:8a:ce:0a:fd:a3:2a:50:a8:68:7c:0a:5a:80:8a:7a:98:
16:04:f2:3d:50:1a:43:bc:89:06:0c:57:74:79:4b:d6:4d:91:
8c:6e:74:f6:66:57:a6:03:6c:9b:e9:aa:2c:e6:42:d8:64:93:
df:ab:32:6c:17:c8:cc:98:37:ab:62:60:8a:cc:26:4d:18:2c:
77:ab:86:8e:47:6e:13:07:3a:cf:41:1a:74:cb:27:b0:c8:d4:
d6:05:47:d0:a7:b1:d0:b0:5b:9f:2d:2d:03:2e:99:53:a2:74:
08:89:85:16:b8:e6:89:45:70:f4:6d:03:77:ce:28:3d:9e:52:
a2:22:e6:cb:67:b3:e5:0e:b1:75:01:8d:03:01:48:24:fd:61:
04:f6:ae:29:67:9e:a3:a7:36:09:d7:e4:4e:31:4f:69:27:3f:
4e:59:5f:1e:0c:ca:20:3b:9d:45:86:8b:f3:82:b0:0a:0d:aa:
12:78:51:49:95:45:af:85:db:ce:02:72:8d:5c:fc:08:bb:48:
52:c3:75:54
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICTAMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYWZh
NDc0YTVlYTYwMWM4MDkyOTFlZTc5YmFlMzkxODk2NGQwODcxZTAeFw0yMjA1MDMw
ODE3MjdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGM5YjJjZTM1N2ViOWY1
ZTQwODc1ZmQyODc4Y2RiZmIzMGQ1NTNlNGYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0LYBLFgLbvJOzCmiFN+R+cklO3pOpNF8Uobv9Gh63xoQm6zCA
eBMMTw6BhCWBMqDgxhMIOd8e0M8tNiXJS25PYmr14R5t73UuR44B8A4h6TDeCo9y
xJk3BE6TONEH3JLyEpqoEMrgGpyFcSl8Tkf/u/PeT8yjlR4nNnE1Z4YrlgoSI94X
XLAjJ/Uz3G+8FseM0N7ZV5fCQMp/ct+4z3GcJAVG+WaRyFac4mATeNsj40n4smK6
y53aLtAKVRtFtq9Eqh+dnxWzjxeXRFeVpSiMGtSdag1QewC5P/on0Sf4rgqRQkeZ
6nj6oeCk0K697u6J08y9oOl/3fFAzC08GmnPAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUybLONX659eQIdf0oeM2/sw1VPk8wHwYDVR0jBBgwFoAUr6R0pepgHICSke55
uuORiWTQhx4wDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9y
NlIwcGVwZ0hJQ1NrZTU1dXVPUmlXVFFoeDQuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzY0L2NjNGQ3Ni0zYWU5LTQ5MWUtOWJkMi0xOTNjYzYxYmNlNjEvMS95
YkxPTlg2NTllUUlkZjBvZU0yX3N3MVZQazgucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY0L2Nj
NGQ3Ni0zYWU5LTQ5MWUtOWJkMi0xOTNjYzYxYmNlNjEvMS9yNlIwcGVwZ0hJQ1Nr
ZTU1dXVPUmlXVFFoeDQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHDvYowDQYJKoZIhvcNAQELBQADggEB
AAsfl4XoM7i6tCxivA8H0ZZ5A0zFBRIQpQ/+pFryooldv0scbkaivBm86REMJmaA
OBgNQeZ2HuSLis4K/aMqUKhofApagIp6mBYE8j1QGkO8iQYMV3R5S9ZNkYxudPZm
V6YDbJvpqizmQthkk9+rMmwXyMyYN6tiYIrMJk0YLHerho5HbhMHOs9BGnTLJ7DI
1NYFR9CnsdCwW58tLQMumVOidAiJhRa45olFcPRtA3fOKD2eUqIi5stns+UOsXUB
jQMBSCT9YQT2rilnnqOnNgnX5E4xT2knP05ZXx4MyiA7nUWGi/OCsAoNqhJ4UUmV
Ra+F284Cco1c/Ai7SFLDdVQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:07 2023 by rpki-client on console-fra.rpki-client.org