Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/wY3zNLBX6Q79qiV4BJ-N2N3CCkA.roa
File: wY3zNLBX6Q79qiV4BJ-N2N3CCkA.roa (raw, json)
Hash identifier: CifVj3SX3KwNqpZ8BoUb0XX6dIlCvqaJ+9c59Nli3kA=
Subject key identifier: C1:8D:F3:34:B0:57:E9:0E:FD:AA:25:78:04:9F:8D:D8:DD:C2:0A:40
Certificate issuer: /CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4
Certificate serial: 0182D7A93F1CDF18CD78EFDA19AFFB4897BE
Authority key identifier: B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/wY3zNLBX6Q79qiV4BJ-N2N3CCkA.roa
Signing time: Fri 26 Aug 2022 00:59:29 +0000
ROA not before: Fri 26 Aug 2022 00:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209030
IP address blocks: 82.202.191.0/24 maxlen: 24
82.202.190.0/24 maxlen: 24
82.202.189.0/24 maxlen: 24
82.202.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d7:a9:3f:1c:df:18:cd:78:ef:da:19:af:fb:48:97:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4
Validity
Not Before: Aug 26 00:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c18df334b057e90efdaa2578049f8dd8ddc20a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1a:92:41:c0:60:6f:e3:66:19:07:82:2f:ac:
e3:42:ff:55:06:b7:5b:5b:f3:00:56:96:06:42:e0:
75:c9:57:10:e3:f2:bd:a9:16:8f:5c:c1:99:b6:f5:
87:9c:c2:cc:d2:1d:f8:86:6c:50:f7:d2:35:7c:2f:
cd:15:20:71:e2:37:4a:78:10:26:df:36:0b:33:b0:
5f:16:f9:dd:04:c5:1b:cc:81:bd:c5:aa:d7:4a:4a:
ff:2f:dc:cd:a4:5a:9b:b4:a5:26:a1:d5:ca:15:f3:
db:a7:f3:53:bc:17:a9:b7:0d:61:e9:5a:e6:fb:aa:
06:c7:ad:f1:73:e5:81:f2:86:c4:eb:ea:09:73:be:
ab:fd:c9:80:2d:d8:c9:06:18:19:26:c7:46:26:ed:
10:61:c7:62:9e:83:9b:98:80:fe:d1:95:e3:f6:45:
7c:ee:a9:b4:f2:2e:30:07:ff:d8:a0:bb:aa:df:e3:
8a:2a:1d:6f:0b:b0:ce:51:1c:e4:33:71:af:7c:79:
d8:7b:0a:1f:c9:54:95:72:df:a2:f2:9d:c5:bb:92:
13:08:60:ac:b0:82:2c:f5:93:3b:39:b9:1a:d2:b3:
3d:de:f0:f6:9f:fd:48:19:c5:7a:79:86:b0:d9:53:
e7:73:30:ae:d7:2c:d3:94:5b:63:16:97:d6:70:cb:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:8D:F3:34:B0:57:E9:0E:FD:AA:25:78:04:9F:8D:D8:DD:C2:0A:40
X509v3 Authority Key Identifier:
keyid:B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/wY3zNLBX6Q79qiV4BJ-N2N3CCkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.202.188.0/22
Signature Algorithm: sha256WithRSAEncryption
02:0f:d1:9f:9e:f0:15:84:71:ef:4b:bb:08:ae:57:2c:6e:88:
a1:13:7c:c0:0e:25:a2:b3:f5:5a:ad:13:17:6e:dd:e5:ae:41:
d4:ad:95:ba:f9:5b:34:9b:69:1f:94:f8:90:74:9e:54:c7:11:
00:d7:6c:10:28:95:97:4c:03:ec:a4:0a:43:1c:6e:72:c1:ff:
c6:68:b1:a1:bc:8b:fa:bf:58:20:d1:44:bb:be:12:01:62:c2:
2b:ab:ed:19:3a:8a:e4:5e:a6:b9:46:a1:07:72:01:3e:92:93:
b7:3f:d6:50:65:60:6b:98:fc:7f:58:88:32:72:b2:c1:6f:06:
9f:47:50:67:5b:9a:a1:a4:4e:ee:fe:f4:db:52:83:f6:ad:95:
2e:06:3a:e9:83:fa:72:5f:14:b1:12:b1:39:07:e9:61:22:e4:
a2:33:75:28:f9:48:d2:cc:f0:dd:75:9a:d2:e3:05:3d:28:3d:
3f:ec:92:d6:b9:07:59:67:ae:22:d2:12:d6:34:ae:89:d0:d8:
52:3c:05:44:e6:ab:d6:1e:a7:65:be:3f:e8:1c:98:48:4c:f8:
c1:46:61:4c:57:78:7c:f8:e2:b1:a2:2f:7e:a9:89:a4:3e:56:
13:e7:99:b0:3e:39:30:25:10:a0:e1:f4:ae:9f:d8:c7:e9:4d:
d2:41:60:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLXqT8c3xjNeO/aGa/7SJe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWZhMzdiZDBkZGFkZWI3ZmVhMmI5YmU2NGIxMTA4ZTIw
ZGU5YjQwHhcNMjIwODI2MDA1OTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMThkZjMzNGIwNTdlOTBlZmRhYTI1NzgwNDlmOGRkOGRkYzIwYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRqSQcBgb+NmGQeCL6zjQv9VBrdb
W/MAVpYGQuB1yVcQ4/K9qRaPXMGZtvWHnMLM0h34hmxQ99I1fC/NFSBx4jdKeBAm
3zYLM7BfFvndBMUbzIG9xarXSkr/L9zNpFqbtKUmodXKFfPbp/NTvBeptw1h6Vrm
+6oGx63xc+WB8obE6+oJc76r/cmALdjJBhgZJsdGJu0QYcdinoObmID+0ZXj9kV8
7qm08i4wB//YoLuq3+OKKh1vC7DOURzkM3GvfHnYewofyVSVct+i8p3Fu5ITCGCs
sIIs9ZM7Obka0rM93vD2n/1IGcV6eYaw2VPnczCu1yzTlFtjFpfWcMtf9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGN8zSwV+kO/aoleASfjdjdwgpAMB8GA1UdIwQY
MBaAFLWvo3vQ3a3rf+orm+ZLEQjiDem0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYt
NWE5NWNjODBjZDFiLzEvd1kzek5MQlg2UTc5cWlWNEJKLU4yTjNDQ2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYtNWE5NWNjODBjZDFi
LzEvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUsq8MA0G
CSqGSIb3DQEBCwUAA4IBAQACD9GfnvAVhHHvS7sIrlcsboihE3zADiWis/VarRMX
bt3lrkHUrZW6+Vs0m2kflPiQdJ5UxxEA12wQKJWXTAPspApDHG5ywf/GaLGhvIv6
v1gg0US7vhIBYsIrq+0ZOorkXqa5RqEHcgE+kpO3P9ZQZWBrmPx/WIgycrLBbwaf
R1BnW5qhpE7u/vTbUoP2rZUuBjrpg/pyXxSxErE5B+lhIuSiM3Uo+UjSzPDddZrS
4wU9KD0/7JLWuQdZZ64i0hLWNK6J0NhSPAVE5qvWHqdlvj/oHJhITPjBRmFMV3h8
+OKxoi9+qYmkPlYT55mwPjkwJRCg4fSun9jH6U3SQWBG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:53 2023 by rpki-client on console-fra.rpki-client.org