Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/y5Yw1mrWtIsvde1sldRdr1_iJak.roa
File: y5Yw1mrWtIsvde1sldRdr1_iJak.roa (raw, json)
Hash identifier: nUKhzT7JGv7sn8vfmOh9MxVPUL41tNq3PQZtR31cK0g=
Subject key identifier: CB:96:30:D6:6A:D6:B4:8B:2F:75:ED:6C:95:D4:5D:AF:5F:E2:25:A9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01841933F5C30DFC1B5E679EC0A836859206
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/y5Yw1mrWtIsvde1sldRdr1_iJak.roa
Signing time: Thu 27 Oct 2022 11:29:06 +0000
ROA not before: Thu 27 Oct 2022 11:29:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201018
IP address blocks: 89.107.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:33:f5:c3:0d:fc:1b:5e:67:9e:c0:a8:36:85:92:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 27 11:29:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb9630d66ad6b48b2f75ed6c95d45daf5fe225a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:03:01:b5:ef:57:c6:43:2d:07:0f:57:04:76:
cb:60:8b:64:0d:f4:2b:4b:be:8f:c6:de:9e:82:54:
7d:29:e0:83:ed:d7:45:b4:b6:57:4e:58:00:14:e6:
ab:ce:1e:66:85:25:8f:6d:ae:a5:cc:1a:00:25:10:
78:8f:04:2d:84:af:98:3b:7b:7e:99:7e:b1:0d:3d:
5c:87:88:a5:96:b9:55:7c:9d:7a:10:38:76:f8:69:
e6:1c:84:0e:3c:f2:1e:15:a6:66:71:66:0b:dd:d2:
d2:19:b6:e0:c6:b6:35:3e:aa:34:dc:3a:95:52:f8:
cf:3b:51:5a:fe:99:f6:53:7e:b5:69:19:cc:79:5b:
06:35:dd:28:21:de:da:d9:99:74:c7:fc:d8:13:96:
ad:71:0f:d1:ce:03:6d:9c:50:d7:0a:cc:9c:11:28:
0a:36:37:07:f1:94:39:a4:d0:f0:c9:7a:dc:94:f8:
4f:62:cb:4b:67:fc:99:16:17:34:03:d7:ca:ae:3f:
36:9d:a4:64:59:8e:26:55:d9:50:1d:a7:82:cb:0b:
7c:83:e2:a9:31:25:4b:6c:fc:b5:1a:67:b3:bf:2c:
71:16:5c:ba:fd:f0:67:a7:6f:e9:e2:e0:9f:57:4e:
5c:b9:a5:6a:1e:d7:fc:06:0f:0c:2e:41:7d:40:96:
09:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:96:30:D6:6A:D6:B4:8B:2F:75:ED:6C:95:D4:5D:AF:5F:E2:25:A9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/y5Yw1mrWtIsvde1sldRdr1_iJak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.140.0/24
Signature Algorithm: sha256WithRSAEncryption
61:22:e0:cd:05:33:08:29:73:b3:c0:8d:d6:82:72:22:09:39:
00:c8:2c:33:b3:61:42:9d:93:24:15:44:9a:61:7b:49:51:c7:
b2:93:6b:29:e0:a2:9d:1a:7b:ae:28:3d:69:4f:d7:84:03:4c:
91:a6:c9:9c:f3:e4:ab:83:ef:72:17:51:fb:61:a9:c6:d9:e9:
e9:4d:42:9e:74:f2:d1:be:18:f1:ec:02:e8:47:3a:62:48:e6:
1c:97:f8:73:b0:e5:98:d1:3d:77:ee:4c:b0:10:d5:2d:c9:08:
18:be:44:29:c3:94:0c:08:cc:d3:42:87:17:c4:4b:69:a1:c3:
ce:2b:7b:dd:cd:00:25:13:1d:72:50:15:85:a0:68:c1:91:2b:
70:0e:be:cc:d7:40:b9:46:34:be:f7:23:31:18:8c:12:ee:d1:
14:ae:ed:4b:17:5f:8e:4e:eb:e6:50:ec:7c:d4:5d:41:72:6a:
77:33:27:93:fc:df:6f:bb:e6:a9:74:df:28:b6:97:a4:81:d4:
d5:f8:27:5b:4b:40:7c:bd:79:c1:25:e3:cc:3b:e7:8f:00:cc:
f1:1b:65:3b:81:e8:08:a1:5a:01:9b:65:74:53:95:5b:ee:e6:
95:16:6e:d0:f0:09:b6:42:ff:10:0f:42:42:fe:1b:34:8f:ef:
db:78:c8:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQZM/XDDfwbXmeewKg2hZIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI3MTEyOTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk2MzBkNjZhZDZiNDhiMmY3NWVkNmM5NWQ0NWRhZjVmZTIyNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAMBte9XxkMtBw9XBHbLYItkDfQr
S76Pxt6eglR9KeCD7ddFtLZXTlgAFOarzh5mhSWPba6lzBoAJRB4jwQthK+YO3t+
mX6xDT1ch4illrlVfJ16EDh2+GnmHIQOPPIeFaZmcWYL3dLSGbbgxrY1Pqo03DqV
UvjPO1Fa/pn2U361aRnMeVsGNd0oId7a2Zl0x/zYE5atcQ/RzgNtnFDXCsycESgK
NjcH8ZQ5pNDwyXrclPhPYstLZ/yZFhc0A9fKrj82naRkWY4mVdlQHaeCywt8g+Kp
MSVLbPy1GmezvyxxFly6/fBnp2/p4uCfV05cuaVqHtf8Bg8MLkF9QJYJvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuWMNZq1rSLL3XtbJXUXa9f4iWpMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveTVZdzFtcld0SXN2ZGUxc2xkUmRyMV9pSmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWuMMA0G
CSqGSIb3DQEBCwUAA4IBAQBhIuDNBTMIKXOzwI3WgnIiCTkAyCwzs2FCnZMkFUSa
YXtJUceyk2sp4KKdGnuuKD1pT9eEA0yRpsmc8+Srg+9yF1H7YanG2enpTUKedPLR
vhjx7ALoRzpiSOYcl/hzsOWY0T137kywENUtyQgYvkQpw5QMCMzTQocXxEtpocPO
K3vdzQAlEx1yUBWFoGjBkStwDr7M10C5RjS+9yMxGIwS7tEUru1LF1+OTuvmUOx8
1F1Bcmp3MyeT/N9vu+apdN8otpekgdTV+CdbS0B8vXnBJePMO+ePAMzxG2U7gegI
oVoBm2V0U5Vb7uaVFm7Q8Am2Qv8QD0JC/hs0j+/beMj4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:17 2025 by rpki-client