Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/y-rc9Cv8gQ4Dz_avF2SZTauIths.roa
File: y-rc9Cv8gQ4Dz_avF2SZTauIths.roa (raw, json)
Hash identifier: sFQS2FMoMj+HL+qCAUYD7Gap3T/8OZg1LWaEy8BpsZ0=
Subject key identifier: CB:EA:DC:F4:2B:FC:81:0E:03:CF:F6:AF:17:64:99:4D:AB:88:B6:1B
Certificate issuer: /CN=02cc691476a6e7895b0e456116444f91937bf01e
Certificate serial: 37DFF0EC
Authority key identifier: 02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/y-rc9Cv8gQ4Dz_avF2SZTauIths.roa
Signing time: Sat 01 Jan 2022 16:04:51 +0000
ROA not before: Sat 01 Jan 2022 16:04:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 195.250.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937423084 (0x37dff0ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02cc691476a6e7895b0e456116444f91937bf01e
Validity
Not Before: Jan 1 16:04:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbeadcf42bfc810e03cff6af1764994dab88b61b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b1:51:cb:8b:5e:0b:28:27:1e:e8:98:98:e9:
3c:06:cb:ca:a9:b7:c5:3a:4a:e1:b7:9c:f2:34:44:
44:55:5d:f5:c0:6d:6d:43:56:e1:08:55:01:14:f5:
71:d9:d6:43:ae:e1:23:d8:25:e9:0a:66:20:1c:b4:
c7:04:b0:a6:4b:50:85:1c:19:58:95:88:cb:fb:44:
30:4c:29:e2:c2:a2:6a:2d:5a:99:07:b1:9f:85:5c:
e7:d3:ea:85:6c:e3:d7:74:31:ed:60:a4:d6:5e:c3:
ac:c0:e5:40:6d:33:36:e9:89:50:5a:fc:36:95:b0:
14:3c:a3:c1:b3:47:94:1f:54:47:e1:f4:fb:fe:8b:
71:57:af:d7:69:63:07:48:f4:05:4f:d8:0a:bb:ee:
80:39:30:ac:85:ad:71:b1:c7:1e:ff:80:8c:b1:ac:
a0:6d:db:d8:28:dd:9e:a9:c5:0e:21:57:39:14:ee:
e3:49:bb:28:6a:71:e2:57:16:c7:46:34:6d:15:9e:
f3:3d:3f:e7:b3:2a:8b:3c:ab:79:65:d5:b6:5c:c0:
ec:09:75:a2:73:e5:de:96:dc:8f:2e:ec:cf:af:2a:
a6:cc:7d:e7:49:63:e2:cf:bc:fc:a8:ac:9d:78:fa:
57:b5:ae:e4:1a:4d:c3:68:e0:d9:71:4a:51:77:48:
d9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EA:DC:F4:2B:FC:81:0E:03:CF:F6:AF:17:64:99:4D:AB:88:B6:1B
X509v3 Authority Key Identifier:
keyid:02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/y-rc9Cv8gQ4Dz_avF2SZTauIths.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/AsxpFHam54lbDkVhFkRPkZN78B4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.250.48.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ab:48:b7:90:66:15:86:b8:b3:b3:62:06:96:06:57:10:5b:
82:9e:ec:d5:20:da:dd:5a:33:da:a4:b9:29:fc:f2:8d:c3:c1:
da:78:65:3f:14:70:9f:27:d9:06:d8:58:9c:26:bd:b8:cb:1f:
a6:a6:d7:04:c2:81:6e:73:98:fa:a2:db:24:0b:25:e3:bb:75:
5d:83:a5:03:d5:f6:01:de:c5:ae:e8:44:54:1b:73:e2:07:87:
18:05:93:1d:b2:fd:ac:43:fe:ec:7f:92:bc:ba:a3:b7:db:12:
b3:f4:fc:67:82:5a:ca:c7:34:f9:95:37:7b:8c:0d:de:c1:61:
52:26:48:83:ae:9e:0b:17:68:78:b4:96:42:f2:f0:45:b8:43:
9b:4e:6e:57:2c:72:b8:0f:5b:17:40:36:f8:08:cc:a5:ce:e9:
c7:88:b8:bc:7b:42:24:19:d6:38:d4:9e:44:6b:0f:3f:2c:4e:
13:07:37:8f:74:af:de:2a:31:98:a7:c2:5a:70:c6:16:fb:5c:
fe:55:bf:ea:b8:75:2c:9a:7d:16:aa:be:5e:ca:20:02:5f:0b:
f4:88:4e:4c:c9:90:b9:58:db:13:67:55:0f:3b:26:4e:d4:fb:
91:b0:52:35:5c:f8:7b:be:a8:0c:bf:8f:47:70:9d:de:d3:f0:
34:4e:20:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN9/w7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmNjNjkxNDc2YTZlNzg5NWIwZTQ1NjExNjQ0NGY5MTkzN2JmMDFlMB4XDTIyMDEw
MTE2MDQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JlYWRjZjQyYmZj
ODEwZTAzY2ZmNmFmMTc2NDk5NGRhYjg4YjYxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+xUcuLXgsoJx7omJjpPAbLyqm3xTpK4bec8jRERFVd9cBt
bUNW4QhVART1cdnWQ67hI9gl6QpmIBy0xwSwpktQhRwZWJWIy/tEMEwp4sKiai1a
mQexn4Vc59PqhWzj13Qx7WCk1l7DrMDlQG0zNumJUFr8NpWwFDyjwbNHlB9UR+H0
+/6LcVev12ljB0j0BU/YCrvugDkwrIWtcbHHHv+AjLGsoG3b2CjdnqnFDiFXORTu
40m7KGpx4lcWx0Y0bRWe8z0/57MqizyreWXVtlzA7Al1onPl3pbcjy7sz68qpsx9
50lj4s+8/KisnXj6V7Wu5BpNw2jg2XFKUXdI2Y0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTL6tz0K/yBDgPP9q8XZJlNq4i2GzAfBgNVHSMEGDAWgBQCzGkUdqbniVsO
RWEWRE+Rk3vwHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FzeHBGSGFtNTRsYkRrVmhGa1JQa1pONzhCNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvOWE2ODYwLTIyNGYtNGIzNC1hOWI2LWJjMTkyYmI3MzAyNS8x
L3ktcmM5Q3Y4Z1E0RHpfYXZGMlNaVGF1SXRocy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
OWE2ODYwLTIyNGYtNGIzNC1hOWI2LWJjMTkyYmI3MzAyNS8xL0FzeHBGSGFtNTRs
YkRrVmhGa1JQa1pONzhCNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMP6MDANBgkqhkiG9w0BAQsFAAOC
AQEAG6tIt5BmFYa4s7NiBpYGVxBbgp7s1SDa3Voz2qS5KfzyjcPB2nhlPxRwnyfZ
BthYnCa9uMsfpqbXBMKBbnOY+qLbJAsl47t1XYOlA9X2Ad7FruhEVBtz4geHGAWT
HbL9rEP+7H+SvLqjt9sSs/T8Z4Jaysc0+ZU3e4wN3sFhUiZIg66eCxdoeLSWQvLw
RbhDm05uVyxyuA9bF0A2+AjMpc7px4i4vHtCJBnWONSeRGsPPyxOEwc3j3Sv3iox
mKfCWnDGFvtc/lW/6rh1LJp9Fqq+XsogAl8L9IhOTMmQuVjbE2dVDzsmTtT7kbBS
NVz4e76oDL+PR3Cd3tPwNE4gTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:12 2024 by rpki-client on console-fra.rpki-client.org