Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/9YWYTs59AoGab19W-J57MW1pAEQ.roa
File: 9YWYTs59AoGab19W-J57MW1pAEQ.roa (raw, json)
Hash identifier: pYGrk3R6JlfXjoikFhus9BngC/Zh9pRjZfty6PnxF0w=
Subject key identifier: F5:85:98:4E:CE:7D:02:81:9A:6F:5F:56:F8:9E:7B:31:6D:69:00:44
Certificate issuer: /CN=85a96f0d3abe6a9c14e792a71156d3c6efcfd4cd
Certificate serial: 8C44D9
Authority key identifier: 85:A9:6F:0D:3A:BE:6A:9C:14:E7:92:A7:11:56:D3:C6:EF:CF:D4:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/halvDTq-apwU55KnEVbTxu_P1M0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/9YWYTs59AoGab19W-J57MW1pAEQ.roa
Signing time: Sat 01 Jan 2022 00:53:09 +0000
ROA not before: Sat 01 Jan 2022 00:53:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203061
IP address blocks: 195.225.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9192665 (0x8c44d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85a96f0d3abe6a9c14e792a71156d3c6efcfd4cd
Validity
Not Before: Jan 1 00:53:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f585984ece7d02819a6f5f56f89e7b316d690044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:28:41:4b:c6:dc:9e:0c:c4:b7:f8:be:d0:21:
2d:1f:6d:42:2d:60:6e:f8:0f:44:e8:6f:f6:21:bf:
93:ba:af:7f:26:17:84:14:c3:1f:87:b2:1c:2c:d9:
82:34:ea:8c:cc:9a:5d:39:0d:5f:23:72:d9:f3:cf:
2d:be:f2:ad:bc:44:e2:50:92:4c:6c:08:4f:1b:9d:
90:f6:61:5d:fc:70:da:3d:1d:05:ac:d9:12:30:b2:
69:ff:ce:30:56:9c:0f:81:d3:07:b6:9b:3c:2a:9d:
f3:ee:83:ab:44:9f:b2:d8:e0:e6:11:1c:c6:fe:67:
80:06:97:95:f2:fd:75:e2:cd:3d:3c:05:58:f5:b8:
04:17:70:61:92:73:54:53:85:7d:c4:6a:61:4d:0b:
7c:94:1a:0f:8a:c8:e2:22:aa:42:ab:53:f6:35:fd:
ef:2e:dc:99:82:0c:8d:22:69:aa:58:fa:84:28:84:
96:8f:e1:d7:72:35:3d:a0:31:13:19:ca:83:54:53:
a1:be:94:f9:f3:f5:a7:db:bd:20:6b:97:cb:2b:03:
62:62:c0:62:84:50:27:9a:f8:c3:f3:f6:5d:75:67:
ff:c2:2c:2f:e9:b4:34:ad:94:27:78:6d:cb:2a:2e:
4d:ad:a1:0a:db:98:6a:71:fe:05:8b:51:89:08:1a:
d4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:85:98:4E:CE:7D:02:81:9A:6F:5F:56:F8:9E:7B:31:6D:69:00:44
X509v3 Authority Key Identifier:
keyid:85:A9:6F:0D:3A:BE:6A:9C:14:E7:92:A7:11:56:D3:C6:EF:CF:D4:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/halvDTq-apwU55KnEVbTxu_P1M0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/9YWYTs59AoGab19W-J57MW1pAEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/halvDTq-apwU55KnEVbTxu_P1M0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.81.0/24
Signature Algorithm: sha256WithRSAEncryption
70:00:10:20:84:ce:66:01:c0:7d:11:a2:52:8e:55:7f:32:4d:
b7:c9:4c:45:1c:9e:b2:92:51:ca:49:5d:d6:5c:83:57:fc:8e:
51:b5:db:64:9b:db:37:dd:6e:9c:d9:94:34:02:9e:2b:86:ff:
ca:30:5b:d4:01:2c:b0:01:01:69:fa:78:95:ac:de:32:b7:d3:
d5:56:fa:87:55:04:da:ba:8e:fe:7f:f6:50:3d:34:7b:c3:7d:
0c:d5:01:51:db:30:c2:aa:3c:b7:9d:f9:f4:f8:3e:de:e6:5f:
e1:61:60:f2:32:f3:3e:76:5d:38:68:0b:23:fc:7c:4e:d3:fe:
9b:7f:42:47:6c:1c:bd:a9:f0:4d:4f:34:8b:c4:bd:00:05:49:
a1:41:e5:db:8f:67:23:d9:75:29:5d:d1:a5:8e:ec:45:13:be:
95:2f:6d:d4:6f:05:27:cb:dc:09:47:ca:5e:6d:c7:21:e4:12:
fa:63:25:b1:8e:81:1e:b7:44:61:91:b6:05:4f:91:51:23:1a:
7a:44:90:3b:4b:b9:c4:9e:a8:33:d3:82:fc:c2:bf:e2:77:5b:
fc:ba:91:4b:97:a7:58:bd:cd:96:53:2e:c3:cd:b4:8b:3b:aa:
94:17:58:7d:8a:d1:51:94:59:c9:fd:ce:0c:22:89:9f:9c:ef:
1c:a0:22:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIxE2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWE5NmYwZDNhYmU2YTljMTRlNzkyYTcxMTU2ZDNjNmVmY2ZkNGNkMB4XDTIyMDEw
MTAwNTMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU4NTk4NGVjZTdk
MDI4MTlhNmY1ZjU2Zjg5ZTdiMzE2ZDY5MDA0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIoQUvG3J4MxLf4vtAhLR9tQi1gbvgPROhv9iG/k7qvfyYX
hBTDH4eyHCzZgjTqjMyaXTkNXyNy2fPPLb7yrbxE4lCSTGwITxudkPZhXfxw2j0d
BazZEjCyaf/OMFacD4HTB7abPCqd8+6Dq0Sfstjg5hEcxv5ngAaXlfL9deLNPTwF
WPW4BBdwYZJzVFOFfcRqYU0LfJQaD4rI4iKqQqtT9jX97y7cmYIMjSJpqlj6hCiE
lo/h13I1PaAxExnKg1RTob6U+fP1p9u9IGuXyysDYmLAYoRQJ5r4w/P2XXVn/8Is
L+m0NK2UJ3htyyouTa2hCtuYanH+BYtRiQga1AkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1hZhOzn0CgZpvX1b4nnsxbWkARDAfBgNVHSMEGDAWgBSFqW8NOr5qnBTn
kqcRVtPG78/UzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hhbHZEVHEtYXB3VTU1S25FVmJUeHVfUDFNMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMWU1ZDY3LWY2MjYtNDkyNS05OGYzLTIwZGM3ZTA1NzJmNC8x
LzlZV1lUczU5QW9HYWIxOVctSjU3TVcxcEFFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MWU1ZDY3LWY2MjYtNDkyNS05OGYzLTIwZGM3ZTA1NzJmNC8xL2hhbHZEVHEtYXB3
VTU1S25FVmJUeHVfUDFNMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPhUTANBgkqhkiG9w0BAQsFAAOC
AQEAcAAQIITOZgHAfRGiUo5VfzJNt8lMRRyespJRykld1lyDV/yOUbXbZJvbN91u
nNmUNAKeK4b/yjBb1AEssAEBafp4lazeMrfT1Vb6h1UE2rqO/n/2UD00e8N9DNUB
Udswwqo8t5359Pg+3uZf4WFg8jLzPnZdOGgLI/x8TtP+m39CR2wcvanwTU80i8S9
AAVJoUHl249nI9l1KV3RpY7sRRO+lS9t1G8FJ8vcCUfKXm3HIeQS+mMlsY6BHrdE
YZG2BU+RUSMaekSQO0u5xJ6oM9OC/MK/4ndb/LqRS5enWL3NllMuw820izuqlBdY
fYrRUZRZyf3ODCKJn5zvHKAiJg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:08 2023 by rpki-client on console-ams.rpki-client.org