Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/YASW3qLCe1-_yBqs1vgMw3tBoKo.roa
File: YASW3qLCe1-_yBqs1vgMw3tBoKo.roa (raw, json)
Hash identifier: J7J2YS3xyu4PLs7rGs3EIbrH16dCoNXdYvN2yloI6CQ=
Subject key identifier: 60:04:96:DE:A2:C2:7B:5F:BF:C8:1A:AC:D6:F8:0C:C3:7B:41:A0:AA
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 01821FF542A39F537F4CD2E2F20304163D17
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/YASW3qLCe1-_yBqs1vgMw3tBoKo.roa
Signing time: Thu 21 Jul 2022 08:52:23 +0000
ROA not before: Thu 21 Jul 2022 08:52:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 77.73.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1f:f5:42:a3:9f:53:7f:4c:d2:e2:f2:03:04:16:3d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Jul 21 08:52:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=600496dea2c27b5fbfc81aacd6f80cc37b41a0aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:46:04:24:fc:35:28:4c:87:e3:91:ea:e0:7b:
2d:5f:46:39:ab:0c:6f:b2:29:0a:11:3f:f0:3a:c9:
5f:83:da:a6:5a:61:7a:53:2f:48:9e:56:12:39:25:
b7:07:77:9a:bc:e1:e8:64:33:2d:3a:d3:34:bb:0d:
25:a7:9c:59:a9:b1:9d:da:26:a6:e0:48:b5:d9:68:
f4:7d:aa:59:6e:c1:07:f8:57:53:ac:e1:c1:45:aa:
65:8e:e6:14:51:59:aa:f7:97:29:95:ae:5e:cb:e5:
df:3d:a7:74:f1:1c:b7:c2:a0:30:f9:4d:d4:51:52:
6e:f1:83:07:56:6e:14:96:27:ce:45:7b:af:f0:99:
63:33:8b:bd:9e:a0:3b:fd:81:9b:69:18:72:02:9e:
65:4b:0f:f5:30:1c:01:c6:41:7f:1c:f4:a0:18:e5:
d8:10:b1:b6:58:5d:49:ff:73:32:13:41:3b:2b:49:
2f:dc:aa:c4:5b:ad:83:59:ca:42:91:e6:ca:03:e7:
42:06:65:f5:c3:48:25:36:82:1b:bd:47:23:c9:9e:
05:92:84:a4:80:36:7d:02:b2:16:77:2a:f9:74:b8:
97:24:45:0a:71:52:6a:78:c8:1e:84:0a:c5:c0:56:
bb:5c:51:af:08:16:2d:e3:31:cd:ed:8c:74:93:2b:
d0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:04:96:DE:A2:C2:7B:5F:BF:C8:1A:AC:D6:F8:0C:C3:7B:41:A0:AA
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/YASW3qLCe1-_yBqs1vgMw3tBoKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:50:ce:dd:bf:eb:a1:40:af:1b:a0:bd:3d:bd:a7:e6:b5:2b:
f6:27:f8:bb:da:03:9c:ff:ab:49:f9:18:78:a7:64:ca:5b:cd:
3f:57:b8:61:a5:f8:29:eb:fc:5b:06:28:9b:5d:19:94:a9:3f:
ef:21:75:01:cd:de:23:84:07:b4:4b:8f:f4:3a:56:a9:d5:5d:
e2:eb:6f:e0:93:e9:ae:1b:8b:d9:23:43:03:09:86:2e:55:21:
8c:fe:af:41:97:55:67:d1:65:3a:e8:cc:f7:f1:b0:f9:3e:82:
57:84:d9:58:98:1b:f5:1e:18:b9:d5:da:e9:a2:bf:57:e6:cb:
17:c9:c6:b4:e9:b5:70:66:85:aa:ab:90:b7:49:bd:0d:e1:f7:
fe:5d:cb:82:2c:42:1b:a8:19:cc:13:b3:80:f2:0a:56:1d:33:
b5:88:63:4a:f1:97:ff:45:ab:eb:07:cf:a0:5d:28:e3:68:ca:
49:c4:00:89:c8:1d:06:5b:f8:26:f5:07:f2:a7:d0:f9:8d:d9:
34:e1:72:ce:d8:e0:54:48:ed:c5:10:8b:2f:03:f0:ff:cc:e5:
e2:6b:a7:54:b5:a3:bf:f8:2e:dd:f7:68:1d:8c:99:91:bd:fa:
1f:f0:9e:68:50:b4:7c:8f:83:2b:3e:f5:0e:c0:58:02:e4:c9:
70:d2:be:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIf9UKjn1N/TNLi8gMEFj0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjIwNzIxMDg1MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDA0OTZkZWEyYzI3YjVmYmZjODFhYWNkNmY4MGNjMzdiNDFhMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUYEJPw1KEyH45Hq4HstX0Y5qwxv
sikKET/wOslfg9qmWmF6Uy9InlYSOSW3B3eavOHoZDMtOtM0uw0lp5xZqbGd2iam
4Ei12Wj0fapZbsEH+FdTrOHBRapljuYUUVmq95cpla5ey+XfPad08Ry3wqAw+U3U
UVJu8YMHVm4UlifORXuv8JljM4u9nqA7/YGbaRhyAp5lSw/1MBwBxkF/HPSgGOXY
ELG2WF1J/3MyE0E7K0kv3KrEW62DWcpCkebKA+dCBmX1w0glNoIbvUcjyZ4FkoSk
gDZ9ArIWdyr5dLiXJEUKcVJqeMgehArFwFa7XFGvCBYt4zHN7Yx0kyvQCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAElt6iwntfv8garNb4DMN7QaCqMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvWUFTVzNxTENlMS1feUJxczF2Z013M3RCb0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmBMA0G
CSqGSIb3DQEBCwUAA4IBAQC0UM7dv+uhQK8boL09vafmtSv2J/i72gOc/6tJ+Rh4
p2TKW80/V7hhpfgp6/xbBiibXRmUqT/vIXUBzd4jhAe0S4/0Olap1V3i62/gk+mu
G4vZI0MDCYYuVSGM/q9Bl1Vn0WU66Mz38bD5PoJXhNlYmBv1Hhi51drpor9X5ssX
yca06bVwZoWqq5C3Sb0N4ff+XcuCLEIbqBnME7OA8gpWHTO1iGNK8Zf/RavrB8+g
XSjjaMpJxACJyB0GW/gm9Qfyp9D5jdk04XLO2OBUSO3FEIsvA/D/zOXia6dUtaO/
+C7d92gdjJmRvfof8J5oULR8j4MrPvUOwFgC5Mlw0r4W
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:34 2025 by rpki-client