Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YTUIMGwUOsvSQd-rkJNrmfv9V1A.roa
File: YTUIMGwUOsvSQd-rkJNrmfv9V1A.roa (raw, json)
Hash identifier: GhN5+HVPLEaVnUgqB1sI00YZMlXOSCFhFhZ/tavxppU=
Subject key identifier: 61:35:08:30:6C:14:3A:CB:D2:41:DF:AB:90:93:6B:99:FB:FD:57:50
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01853B107F12B6D60DC87B463F16C33069A7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YTUIMGwUOsvSQd-rkJNrmfv9V1A.roa
Signing time: Thu 22 Dec 2022 18:20:14 +0000
ROA not before: Thu 22 Dec 2022 18:20:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4785
IP address blocks: 194.242.2.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3b:10:7f:12:b6:d6:0d:c8:7b:46:3f:16:c3:30:69:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 22 18:20:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=613508306c143acbd241dfab90936b99fbfd5750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cd:3b:16:60:89:eb:02:69:29:ad:c5:e1:cc:
d2:80:64:ae:aa:b8:c7:e9:f8:37:70:23:95:d7:be:
59:a4:77:7f:1f:4d:f1:f6:a4:38:19:b8:a8:92:ec:
a4:fb:53:a6:6b:93:e7:7a:08:a0:e5:3a:0d:2a:e8:
f2:b3:47:d1:5c:53:e0:fb:45:ef:27:36:bb:ea:63:
74:21:78:27:86:77:ff:96:84:55:74:29:49:b3:cb:
46:1a:34:76:cf:95:ec:fe:7a:10:d6:2f:df:3c:70:
5e:9d:53:70:32:61:49:e9:ad:31:37:9c:78:d9:95:
52:25:6f:88:ba:46:49:83:ce:96:99:e4:11:ff:70:
e4:19:64:06:72:05:6a:b0:1d:b6:24:ae:a1:7f:d9:
40:6c:f4:f6:94:e0:b9:4f:0f:d2:34:3c:43:4f:85:
98:c0:7a:d1:15:bf:1a:1b:90:9c:23:cf:73:43:7e:
3c:42:2e:1f:2a:4e:3e:e7:4e:e1:cc:88:1c:82:95:
80:e7:19:12:ff:6d:d9:55:f2:b7:70:3f:29:50:81:
67:d9:63:49:b2:30:4a:d7:d6:85:bf:24:9b:1e:2b:
26:0b:f1:26:2a:7f:c7:91:f7:ca:07:28:b3:1b:5d:
4a:99:34:13:4d:f6:cd:be:d7:98:3f:82:2a:12:36:
0e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:35:08:30:6C:14:3A:CB:D2:41:DF:AB:90:93:6B:99:FB:FD:57:50
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YTUIMGwUOsvSQd-rkJNrmfv9V1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:c1:a9:fb:5d:43:d9:d0:cc:03:c1:c1:08:37:2d:4a:31:43:
15:72:18:be:36:23:f1:50:57:5d:f3:c3:7e:3c:66:0b:36:74:
4e:a7:26:c6:8c:7a:21:4e:56:69:4d:78:62:28:7d:e8:2b:4b:
ec:58:15:d3:1b:23:bc:1c:85:87:fa:51:8d:fe:0c:f3:75:63:
ac:d7:10:e2:af:a1:ab:98:e9:dc:c4:32:5f:96:dc:93:ba:2c:
e0:59:fe:98:39:a3:a9:e8:d7:4c:c8:3d:29:96:5c:28:ee:23:
cd:cb:7b:fb:ea:2a:12:48:36:5f:b3:19:59:85:f2:31:5d:7c:
01:72:32:12:f7:b1:70:3a:0c:30:2c:f1:42:60:f7:61:c2:2e:
aa:ce:a9:59:b4:58:ce:15:8e:dd:77:a8:21:ad:7d:9e:d2:ea:
e0:85:2c:e3:37:50:60:33:a0:e6:5b:15:a5:8a:d3:c4:01:52:
35:13:3f:05:74:20:a7:9b:c5:29:18:7a:b0:6f:b2:b1:1c:49:
fb:90:f7:86:7b:51:24:2d:97:f1:b5:62:5d:85:ef:73:1d:0d:
c7:65:93:32:cf:f8:60:e5:30:c7:ac:d7:82:82:b4:5f:ec:ad:
5b:8c:3e:fa:94:da:15:e1:d1:19:34:3d:32:b9:7d:fb:5a:c7:
8b:df:77:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU7EH8SttYNyHtGPxbDMGmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjIyMTgyMDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTM1MDgzMDZjMTQzYWNiZDI0MWRmYWI5MDkzNmI5OWZiZmQ1NzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj807FmCJ6wJpKa3F4czSgGSuqrjH
6fg3cCOV175ZpHd/H03x9qQ4Gbiokuyk+1Oma5Pnegig5ToNKujys0fRXFPg+0Xv
Jza76mN0IXgnhnf/loRVdClJs8tGGjR2z5Xs/noQ1i/fPHBenVNwMmFJ6a0xN5x4
2ZVSJW+IukZJg86WmeQR/3DkGWQGcgVqsB22JK6hf9lAbPT2lOC5Tw/SNDxDT4WY
wHrRFb8aG5CcI89zQ348Qi4fKk4+507hzIgcgpWA5xkS/23ZVfK3cD8pUIFn2WNJ
sjBK19aFvySbHismC/EmKn/HkffKByizG11KmTQTTfbNvteYP4IqEjYOPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGE1CDBsFDrL0kHfq5CTa5n7/VdQMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWVRVSU1Hd1VPc3ZTUWQtcmtKTnJtZnY5VjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
wvICMA0GCSqGSIb3DQEBCwUAA4IBAQB6wan7XUPZ0MwDwcEINy1KMUMVchi+NiPx
UFdd88N+PGYLNnROpybGjHohTlZpTXhiKH3oK0vsWBXTGyO8HIWH+lGN/gzzdWOs
1xDir6GrmOncxDJfltyTuizgWf6YOaOp6NdMyD0pllwo7iPNy3v76ioSSDZfsxlZ
hfIxXXwBcjIS97FwOgwwLPFCYPdhwi6qzqlZtFjOFY7dd6ghrX2e0urghSzjN1Bg
M6DmWxWlitPEAVI1Ez8FdCCnm8UpGHqwb7KxHEn7kPeGe1EkLZfxtWJdhe9zHQ3H
ZZMyz/hg5TDHrNeCgrRf7K1bjD76lNoV4dEZND0yuX37WseL33ca
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org