Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/YDy2qpZVM6mQFhG9YDiRwC3E600.roa
File: YDy2qpZVM6mQFhG9YDiRwC3E600.roa (raw, json)
Hash identifier: Q/oGQP75oaax82cxOzKE6H4CDHmsc5CdDVd+L7q42Jk=
Subject key identifier: 60:3C:B6:AA:96:55:33:A9:90:16:11:BD:60:38:91:C0:2D:C4:EB:4D
Certificate issuer: /CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Certificate serial: 01887BC955833ED0E165DA9A9C77B52BDE78
Authority key identifier: 47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/YDy2qpZVM6mQFhG9YDiRwC3E600.roa
Signing time: Fri 02 Jun 2023 11:06:11 +0000
ROA not before: Fri 02 Jun 2023 11:06:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208097
IP address blocks: 84.38.245.0/24 maxlen: 24
192.122.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:c9:55:83:3e:d0:e1:65:da:9a:9c:77:b5:2b:de:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Validity
Not Before: Jun 2 11:06:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=603cb6aa965533a9901611bd603891c02dc4eb4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:20:a1:7f:13:d9:3a:1f:7c:f8:74:f3:98:9a:
f3:d1:a2:e8:0d:b5:0c:ef:cc:13:7b:99:8b:2f:30:
aa:e4:b0:7c:e8:4b:c9:10:29:81:48:87:25:43:1a:
dc:a1:5d:2a:8a:90:1a:2e:15:7d:36:c1:a6:3e:de:
18:b0:4b:c7:cc:80:90:dd:de:19:e3:30:8a:4c:e6:
96:98:b7:e4:5a:67:eb:c8:02:4d:9d:df:fe:db:00:
8e:21:4c:ad:94:a9:20:e5:03:83:dd:49:90:db:43:
9f:62:43:2d:66:34:c7:09:99:ee:9f:01:8f:37:ca:
64:ad:36:a6:af:b8:c9:67:f1:cf:8c:56:35:18:a3:
9c:da:48:2b:32:36:7b:67:c0:7b:27:c7:2e:2f:80:
ef:46:b6:f0:94:ca:9f:56:a4:99:7f:39:d1:56:9f:
d6:56:1a:1f:f5:43:28:10:6a:6e:45:14:d6:34:62:
bf:7d:77:56:7f:f6:86:2c:2e:c6:87:6c:60:40:fd:
3f:72:81:6a:cd:03:3a:ab:1c:4a:84:02:38:a7:31:
02:21:8d:15:b1:d9:76:2e:72:a4:2b:7f:30:e4:40:
2a:0e:93:98:02:00:23:8a:fb:ea:12:7e:c3:1e:f8:
d7:6f:1c:7d:da:b5:a8:b7:82:b9:22:ee:ba:3a:b4:
54:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3C:B6:AA:96:55:33:A9:90:16:11:BD:60:38:91:C0:2D:C4:EB:4D
X509v3 Authority Key Identifier:
keyid:47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/YDy2qpZVM6mQFhG9YDiRwC3E600.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/R7cFTWVhU9LVWt2Lnf4_bRN60n4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.245.0/24
192.122.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:13:2b:a8:03:3b:da:fc:f7:c4:16:68:c5:79:37:94:3d:1a:
43:5b:5a:61:dc:42:b0:71:56:4c:d4:0e:ff:4b:42:04:e0:0e:
5d:40:df:68:95:60:e2:5a:23:35:2e:24:2b:12:8c:15:e3:9c:
45:63:ad:1e:72:dd:e8:d4:d3:d5:ca:3f:4f:7c:b9:3b:e6:b3:
6c:0f:27:48:55:3b:78:47:43:18:92:ea:05:83:5a:1a:23:7a:
55:50:3d:86:b3:73:7f:b6:78:9e:3d:d7:f1:c1:84:d8:a2:0f:
7b:de:c3:a5:de:72:79:74:1c:fb:1a:50:8b:32:23:a2:84:93:
b3:6c:e1:37:d6:bb:2f:8a:07:92:2d:4a:83:21:72:9f:e2:d0:
21:79:b1:d5:62:b6:2a:fe:f1:13:87:be:7f:e1:23:a9:91:07:
f4:a6:eb:77:b8:71:e4:36:39:27:b1:b2:ed:13:63:57:6e:59:
3a:29:f7:dd:c1:af:23:58:a8:37:91:b7:00:df:56:da:ef:ee:
36:d7:58:cf:6b:d3:ff:2d:cc:e9:32:e3:af:8a:91:49:8d:be:
0d:e3:40:08:ca:0d:8f:9b:b6:a4:b2:19:45:f6:4e:e8:d7:c2:
0a:b3:92:4a:31:b9:5c:0f:2d:7a:94:00:84:9a:a9:fd:3f:b7:
b8:61:4b:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh7yVWDPtDhZdqanHe1K954MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjcwNTRkNjU2MTUzZDJkNTVhZGQ4YjlkZmUzZjZkMTM3
YWQyN2UwHhcNMjMwNjAyMTEwNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNjYjZhYTk2NTUzM2E5OTAxNjExYmQ2MDM4OTFjMDJkYzRlYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCChfxPZOh98+HTzmJrz0aLoDbUM
78wTe5mLLzCq5LB86EvJECmBSIclQxrcoV0qipAaLhV9NsGmPt4YsEvHzICQ3d4Z
4zCKTOaWmLfkWmfryAJNnd/+2wCOIUytlKkg5QOD3UmQ20OfYkMtZjTHCZnunwGP
N8pkrTamr7jJZ/HPjFY1GKOc2kgrMjZ7Z8B7J8cuL4DvRrbwlMqfVqSZfznRVp/W
Vhof9UMoEGpuRRTWNGK/fXdWf/aGLC7Gh2xgQP0/coFqzQM6qxxKhAI4pzECIY0V
sdl2LnKkK38w5EAqDpOYAgAjivvqEn7DHvjXbxx92rWot4K5Iu66OrRUdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGA8tqqWVTOpkBYRvWA4kcAtxOtNMB8GA1UdIwQY
MBaAFEe3BU1lYVPS1Vrdi53+P20TetJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYt
MGZkODYyZGEzYWUxLzEvWUR5MnFwWlZNNm1RRmhHOVlEaVJ3QzNFNjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYtMGZkODYyZGEzYWUx
LzEvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCb1AwQA
wHr9MA0GCSqGSIb3DQEBCwUAA4IBAQAuEyuoAzva/PfEFmjFeTeUPRpDW1ph3EKw
cVZM1A7/S0IE4A5dQN9olWDiWiM1LiQrEowV45xFY60ect3o1NPVyj9PfLk75rNs
DydIVTt4R0MYkuoFg1oaI3pVUD2Gs3N/tniePdfxwYTYog973sOl3nJ5dBz7GlCL
MiOihJOzbOE31rsvigeSLUqDIXKf4tAhebHVYrYq/vETh75/4SOpkQf0put3uHHk
NjknsbLtE2NXblk6Kffdwa8jWKg3kbcA31ba7+4211jPa9P/LczpMuOvipFJjb4N
40AIyg2Pm7akshlF9k7o18IKs5JKMblcDy16lACEmqn9P7e4YUsU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:47 2025 by rpki-client