Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/yoLSzQ0YtTUnxlL2Z6z-ITqOk-8.roa
File: yoLSzQ0YtTUnxlL2Z6z-ITqOk-8.roa (raw, json)
Hash identifier: CSpY2SheJBDnotmUJJLTeR9tlqGfnw9B+85e6R+iR1E=
Subject key identifier: CA:82:D2:CD:0D:18:B5:35:27:C6:52:F6:67:AC:FE:21:3A:8E:93:EF
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 018B133FB57CDB32F3CBEE4102C4EF159539
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/yoLSzQ0YtTUnxlL2Z6z-ITqOk-8.roa
Signing time: Mon 09 Oct 2023 07:03:44 +0000
ROA not before: Mon 09 Oct 2023 07:03:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207503
IP address blocks: 82.193.248.0/24 maxlen: 24
82.193.254.0/24 maxlen: 24
156.67.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:3f:b5:7c:db:32:f3:cb:ee:41:02:c4:ef:15:95:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Oct 9 07:03:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca82d2cd0d18b53527c652f667acfe213a8e93ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cb:38:74:ff:0c:07:6f:c6:3c:41:bf:ea:b2:
f1:3e:21:4f:f2:78:8b:e9:7d:fa:24:b7:15:f0:c2:
a4:db:4a:19:dc:ed:3d:dd:57:22:28:25:45:6a:bd:
29:df:7f:8e:a4:5c:bc:0c:3d:38:b7:a8:6d:9b:a0:
d1:3c:1f:7f:a8:57:3a:e6:0b:3c:b6:29:8f:49:60:
ed:03:9c:4f:52:ac:de:1e:c2:86:20:94:f7:00:82:
43:8c:70:9d:9c:59:51:34:c4:90:b6:c7:fd:62:2c:
62:fe:3c:4d:1f:b6:27:5e:17:49:10:0c:05:f0:0a:
af:7f:30:c1:08:f1:c9:11:db:98:76:19:d7:3b:ca:
f3:12:34:1a:c1:c8:87:46:3b:70:2b:a4:09:cc:19:
45:3d:c2:3b:39:85:ac:55:0d:58:65:f8:57:aa:e8:
97:24:c8:fe:eb:b9:8a:a8:50:99:9b:8a:1e:4c:54:
af:9f:d4:4a:80:43:35:37:a0:bc:9f:94:52:f4:c4:
f7:a4:34:9b:bb:c0:14:fe:94:50:ce:15:61:f1:b6:
9d:88:ec:07:76:78:5e:1e:90:71:06:fb:61:d9:e2:
5a:cb:9a:91:9b:88:b2:84:96:99:0a:d5:ae:21:ea:
9d:f0:ae:eb:e9:80:72:03:3a:2b:6d:1a:1f:0d:b6:
76:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:82:D2:CD:0D:18:B5:35:27:C6:52:F6:67:AC:FE:21:3A:8E:93:EF
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/yoLSzQ0YtTUnxlL2Z6z-ITqOk-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.248.0/24
82.193.254.0/24
156.67.144.0/20
Signature Algorithm: sha256WithRSAEncryption
38:d3:4d:ac:50:b4:d5:78:d8:78:65:3a:1b:41:d2:fe:21:4a:
ef:30:3f:d0:45:b4:7e:2d:07:0b:d3:2f:81:e3:6b:e2:98:a2:
b7:67:74:a1:0f:23:bf:e4:61:eb:44:76:79:20:77:41:dc:3a:
a6:5d:82:0f:33:2b:89:79:0f:f6:53:e8:a3:8c:3a:4a:02:a3:
43:e9:32:cf:33:92:35:5d:eb:b4:72:4f:d8:77:20:d8:7a:bd:
b9:71:9a:01:6a:a8:e3:48:0e:fd:5e:93:ee:16:4a:42:be:11:
2c:f8:34:d8:f7:7e:e2:e2:d5:26:3a:48:36:fb:f1:1c:11:a5:
90:ed:13:d4:a9:4e:3e:98:52:14:97:8d:37:03:bc:19:97:ef:
85:d9:f0:4f:3c:24:18:f9:38:7c:ed:99:af:6f:13:4a:a9:09:
51:9b:29:d5:8c:5f:ce:54:47:c0:53:fb:e1:cd:a5:31:45:59:
c2:f9:84:6f:20:29:b5:6d:e2:b9:94:ae:51:be:78:b4:d8:40:
cf:ff:8b:71:d6:57:79:7c:ce:9f:84:bd:41:f4:3b:40:3a:61:
e7:21:78:75:1c:4f:7d:5c:fd:b0:c1:9a:87:f9:2d:9e:80:08:
be:fa:33:f5:96:4f:0d:59:21:94:fe:64:ed:1d:c0:a0:8b:4e:
9b:b6:5e:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsTP7V82zLzy+5BAsTvFZU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWFjMzY5Yzk0NTY5MTRhMTJlMDJkZmZjOGRkNzk5NzRl
YjFlZjgwHhcNMjMxMDA5MDcwMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTgyZDJjZDBkMThiNTM1MjdjNjUyZjY2N2FjZmUyMTNhOGU5M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8s4dP8MB2/GPEG/6rLxPiFP8niL
6X36JLcV8MKk20oZ3O093VciKCVFar0p33+OpFy8DD04t6htm6DRPB9/qFc65gs8
timPSWDtA5xPUqzeHsKGIJT3AIJDjHCdnFlRNMSQtsf9Yixi/jxNH7YnXhdJEAwF
8AqvfzDBCPHJEduYdhnXO8rzEjQawciHRjtwK6QJzBlFPcI7OYWsVQ1YZfhXquiX
JMj+67mKqFCZm4oeTFSvn9RKgEM1N6C8n5RS9MT3pDSbu8AU/pRQzhVh8badiOwH
dnheHpBxBvth2eJay5qRm4iyhJaZCtWuIeqd8K7r6YByAzorbRofDbZ2IQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMqC0s0NGLU1J8ZS9mes/iE6jpPvMB8GA1UdIwQY
MBaAFJ4aw2nJRWkUoS4C3/yN15l06x74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTct
ZDY4YzU3ZGI0Y2FlLzEveW9MU3pRMFl0VFVueGxMMlo2ei1JVHFPay04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTctZDY4YzU3ZGI0Y2Fl
LzEvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUsH4AwQA
UsH+AwQEnEOQMA0GCSqGSIb3DQEBCwUAA4IBAQA4002sULTVeNh4ZTobQdL+IUrv
MD/QRbR+LQcL0y+B42vimKK3Z3ShDyO/5GHrRHZ5IHdB3DqmXYIPMyuJeQ/2U+ij
jDpKAqND6TLPM5I1Xeu0ck/YdyDYer25cZoBaqjjSA79XpPuFkpCvhEs+DTY937i
4tUmOkg2+/EcEaWQ7RPUqU4+mFIUl403A7wZl++F2fBPPCQY+Th87ZmvbxNKqQlR
mynVjF/OVEfAU/vhzaUxRVnC+YRvICm1beK5lK5Rvni02EDP/4tx1ld5fM6fhL1B
9DtAOmHnIXh1HE99XP2wwZqH+S2egAi++jP1lk8NWSGU/mTtHcCgi06btl50
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:02 2025 by rpki-client