Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YcwkrPzQzB5TrsCWbGkHIkw8f8U.roa
File: YcwkrPzQzB5TrsCWbGkHIkw8f8U.roa (raw, json)
Hash identifier: 6z6OgJ/k1n6+aV15BW9xdd5KR7u+WoAsX6xDAMYRjto=
Subject key identifier: 61:CC:24:AC:FC:D0:CC:1E:53:AE:C0:96:6C:69:07:22:4C:3C:7F:C5
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505AE364768FAFF3F0C8E1BE29BAF806E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YcwkrPzQzB5TrsCWbGkHIkw8f8U.roa
Signing time: Mon 12 Dec 2022 09:33:01 +0000
ROA not before: Mon 12 Dec 2022 09:33:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24767
IP address blocks: 193.201.228.0/22 maxlen: 24
188.162.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:ae:36:47:68:fa:ff:3f:0c:8e:1b:e2:9b:af:80:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:33:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61cc24acfcd0cc1e53aec0966c6907224c3c7fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:44:dc:ae:38:7b:5b:cc:28:9b:e6:af:ef:ad:
c7:6e:63:46:e0:14:d4:e4:bd:05:d3:78:6f:55:66:
86:43:5e:f7:56:e5:ac:ed:7c:d1:3d:10:ae:d9:ff:
47:73:22:79:62:6a:d4:a8:74:4a:fb:96:96:63:fc:
0c:f9:84:56:90:59:4b:48:3d:b9:9a:18:c8:38:92:
9e:73:6a:3a:bb:28:5d:b7:a4:25:c7:8c:ed:53:68:
ca:6d:72:72:80:ad:00:bf:06:1c:a1:4f:7f:92:c3:
7d:88:c2:53:30:b4:79:28:17:5f:79:d0:da:c5:72:
09:21:a4:95:d4:cc:a0:f6:05:b1:8c:a2:44:6d:95:
94:69:4a:5c:a6:fc:63:3b:d5:56:4f:73:8a:be:54:
e7:17:07:66:3d:e0:17:bc:9f:fd:62:8d:e0:58:09:
4a:5d:c8:40:35:33:9b:3a:c0:25:fe:e0:0a:65:ba:
78:51:cb:71:3d:b1:8a:eb:93:7c:c4:79:79:44:cd:
af:4a:d7:de:f6:81:3e:ab:66:b7:64:48:e4:61:5c:
73:03:b3:22:b2:e2:58:40:5b:f5:89:e6:93:68:ce:
cf:54:61:74:f4:34:b2:7c:86:4c:43:fb:2c:aa:e2:
ad:54:48:dd:c1:5e:4c:74:21:1a:b5:07:0c:df:d9:
48:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CC:24:AC:FC:D0:CC:1E:53:AE:C0:96:6C:69:07:22:4C:3C:7F:C5
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YcwkrPzQzB5TrsCWbGkHIkw8f8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
Signature Algorithm: sha256WithRSAEncryption
23:3d:70:27:fd:69:c8:c0:ba:a6:93:3b:2e:29:4e:a1:cc:88:
8a:ce:ba:16:d6:3b:70:59:80:30:3e:00:f5:1b:fd:3c:80:25:
b1:e1:8a:a5:df:64:ee:10:f9:61:1f:4c:e8:3c:87:6e:42:68:
5e:f2:de:ec:3c:2f:38:50:02:1d:e6:2b:04:bd:b4:16:d9:61:
a1:d3:c4:0a:a5:13:a8:35:38:d5:06:10:72:c3:f3:52:a2:b9:
35:59:73:70:cd:46:c1:b7:eb:e0:3a:61:61:e9:c5:f9:56:67:
4f:aa:68:17:63:6e:18:65:70:20:53:2a:e1:bd:54:1e:72:5f:
ec:fe:e7:fb:f5:13:6a:d4:b9:50:8a:ac:ab:fe:6a:51:e3:bc:
7b:47:76:15:0e:d1:9a:6c:81:e2:13:dc:5b:8e:e6:8d:aa:ff:
70:a1:e4:76:a3:a0:70:09:f4:71:eb:ba:b3:a7:53:28:bd:40:
e9:ee:72:ea:52:fb:95:cd:1a:a0:68:ce:88:51:82:83:10:9c:
9c:65:48:0c:59:1c:25:37:a7:18:c1:0c:87:07:e5:54:34:52:
db:c3:fa:8c:73:0f:bd:9a:83:06:89:ce:57:58:d9:80:ab:08:
a2:b0:e1:35:fb:39:ba:26:4e:c6:26:29:10:4e:db:0a:23:78:
a1:bc:2f:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUFrjZHaPr/PwyOG+Kbr4BuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkzMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWNjMjRhY2ZjZDBjYzFlNTNhZWMwOTY2YzY5MDcyMjRjM2M3ZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkTcrjh7W8wom+av763HbmNG4BTU
5L0F03hvVWaGQ173VuWs7XzRPRCu2f9HcyJ5YmrUqHRK+5aWY/wM+YRWkFlLSD25
mhjIOJKec2o6uyhdt6Qlx4ztU2jKbXJygK0AvwYcoU9/ksN9iMJTMLR5KBdfedDa
xXIJIaSV1Myg9gWxjKJEbZWUaUpcpvxjO9VWT3OKvlTnFwdmPeAXvJ/9Yo3gWAlK
XchANTObOsAl/uAKZbp4UctxPbGK65N8xHl5RM2vStfe9oE+q2a3ZEjkYVxzA7Mi
suJYQFv1ieaTaM7PVGF09DSyfIZMQ/ssquKtVEjdwV5MdCEatQcM39lIAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGHMJKz80MweU67AlmxpByJMPH/FMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWWN3a3JQelF6QjVUcnNDV2JHa0hJa3c4ZjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwMAvKIDBALB
yeQDBAXDBYADBAXDEGAwDQYJKoZIhvcNAQELBQADggEBACM9cCf9acjAuqaTOy4p
TqHMiIrOuhbWO3BZgDA+APUb/TyAJbHhiqXfZO4Q+WEfTOg8h25CaF7y3uw8LzhQ
Ah3mKwS9tBbZYaHTxAqlE6g1ONUGEHLD81KiuTVZc3DNRsG36+A6YWHpxflWZ0+q
aBdjbhhlcCBTKuG9VB5yX+z+5/v1E2rUuVCKrKv+alHjvHtHdhUO0ZpsgeIT3FuO
5o2q/3Ch5HajoHAJ9HHrurOnUyi9QOnucupS+5XNGqBozohRgoMQnJxlSAxZHCU3
pxjBDIcH5VQ0UtvD+oxzD72agwaJzldY2YCrCKKw4TX7ObomTsYmKRBO2wojeKG8
L1E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:05 2025 by rpki-client