Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/yBmKz7-SS4hfnrNPS3EGl_gWcJE.roa
File: yBmKz7-SS4hfnrNPS3EGl_gWcJE.roa (raw, json)
Hash identifier: qmrZODP6W5gAmW3ohcu7zeu2xmMYHCc3haa0GTh8Bac=
Subject key identifier: C8:19:8A:CF:BF:92:4B:88:5F:9E:B3:4F:4B:71:06:97:F8:16:70:91
Certificate issuer: /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial: 018246864E099393D3A9C59F22247A7F2ACE
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/yBmKz7-SS4hfnrNPS3EGl_gWcJE.roa
Signing time: Thu 28 Jul 2022 20:36:23 +0000
ROA not before: Thu 28 Jul 2022 20:36:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21743
IP address blocks: 195.34.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:46:86:4e:09:93:93:d3:a9:c5:9f:22:24:7a:7f:2a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Validity
Not Before: Jul 28 20:36:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8198acfbf924b885f9eb34f4b710697f8167091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:60:60:36:13:92:71:d5:35:cc:55:3d:86:bd:
0d:9f:d0:83:7c:88:d6:8b:d7:65:ca:ae:20:00:59:
3c:ee:b6:54:81:06:62:47:51:59:ec:d1:17:54:fe:
a0:7c:af:80:d4:1f:d3:d3:68:d1:6b:14:27:1b:d0:
90:cd:8e:b7:44:37:27:50:b5:d5:03:48:ff:60:d7:
d7:45:c2:82:c8:7e:26:7c:c5:bd:ea:c1:26:c1:b5:
99:75:d5:66:7b:c7:cc:46:12:75:b2:ac:7b:ab:b6:
b2:c1:33:7a:78:d6:5e:78:4b:cd:e7:b4:00:03:1f:
bc:18:17:e7:f1:8b:c8:b3:79:98:65:bc:c4:30:31:
6d:dc:b1:07:33:22:ca:a4:9f:9d:4a:93:da:fa:50:
b7:96:62:45:59:94:26:63:00:20:1d:55:1a:f1:6b:
20:93:4d:33:22:81:3f:79:73:96:c6:cc:1b:26:22:
02:17:a2:ec:4f:e4:b4:6b:57:77:e7:99:86:1a:3c:
ad:e5:79:4b:1c:be:11:21:77:75:30:d2:c1:ff:d9:
ad:e6:64:ff:a4:8d:bf:cd:de:95:72:ab:cd:ba:06:
91:80:89:25:80:bb:06:6b:25:ad:76:a4:dd:38:9f:
08:6c:33:c0:cc:55:5d:a9:61:d2:36:fd:d2:58:d8:
39:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:19:8A:CF:BF:92:4B:88:5F:9E:B3:4F:4B:71:06:97:F8:16:70:91
X509v3 Authority Key Identifier:
keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/yBmKz7-SS4hfnrNPS3EGl_gWcJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.78.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:df:d7:68:71:06:44:ff:77:1b:0e:42:f2:85:b4:6c:e7:93:
68:f0:a4:23:91:aa:33:4e:11:38:bf:8c:f3:5b:5e:16:4c:48:
bf:1a:7f:ae:cc:a7:23:10:18:bb:c9:8f:f3:37:fe:c3:00:e5:
58:e0:af:49:8a:55:66:82:0a:e7:f3:e2:80:91:6b:fa:a4:59:
fa:ba:fc:65:17:9f:69:d6:3a:b5:64:43:ac:98:74:96:52:ad:
bb:a6:6a:39:7f:27:49:2f:81:ad:1a:4e:7e:d7:92:b2:80:6c:
f0:bb:04:b2:0c:de:69:13:05:57:0f:31:9e:de:dd:32:2d:3d:
1e:04:e3:dc:26:d7:67:9d:5d:1a:1f:af:14:e1:f6:6c:a6:5a:
c4:e6:dc:c1:99:8c:b5:91:34:64:c4:84:88:c3:5a:66:14:b7:
cb:78:c2:60:99:3e:8d:d4:56:e6:8e:16:b7:9e:c4:c2:fa:77:
06:54:1a:b5:f4:3f:a8:4f:83:10:79:f4:b5:d3:8e:f7:10:39:
39:53:72:30:5b:23:58:0a:5d:13:eb:80:36:31:ff:cc:a1:f9:
74:e7:c3:79:4f:ff:e5:83:70:d2:6b:b5:86:6a:16:40:33:4d:
54:60:8b:bc:cc:eb:70:b6:0d:09:be:7c:83:98:1e:95:1c:67:
94:ff:6d:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJGhk4Jk5PTqcWfIiR6fyrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjIwNzI4MjAzNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE5OGFjZmJmOTI0Yjg4NWY5ZWIzNGY0YjcxMDY5N2Y4MTY3MDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmBgNhOScdU1zFU9hr0Nn9CDfIjW
i9dlyq4gAFk87rZUgQZiR1FZ7NEXVP6gfK+A1B/T02jRaxQnG9CQzY63RDcnULXV
A0j/YNfXRcKCyH4mfMW96sEmwbWZddVme8fMRhJ1sqx7q7aywTN6eNZeeEvN57QA
Ax+8GBfn8YvIs3mYZbzEMDFt3LEHMyLKpJ+dSpPa+lC3lmJFWZQmYwAgHVUa8Wsg
k00zIoE/eXOWxswbJiICF6LsT+S0a1d355mGGjyt5XlLHL4RIXd1MNLB/9mt5mT/
pI2/zd6VcqvNugaRgIklgLsGayWtdqTdOJ8IbDPAzFVdqWHSNv3SWNg5LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgZis+/kkuIX56zT0txBpf4FnCRMB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEveUJtS3o3LVNTNGhmbnJOUFMzRUdsX2dXY0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyJOMA0G
CSqGSIb3DQEBCwUAA4IBAQCk39docQZE/3cbDkLyhbRs55No8KQjkaozThE4v4zz
W14WTEi/Gn+uzKcjEBi7yY/zN/7DAOVY4K9JilVmggrn8+KAkWv6pFn6uvxlF59p
1jq1ZEOsmHSWUq27pmo5fydJL4GtGk5+15KygGzwuwSyDN5pEwVXDzGe3t0yLT0e
BOPcJtdnnV0aH68U4fZsplrE5tzBmYy1kTRkxISIw1pmFLfLeMJgmT6N1Fbmjha3
nsTC+ncGVBq19D+oT4MQefS10473EDk5U3IwWyNYCl0T64A2Mf/Mofl058N5T//l
g3DSa7WGahZAM01UYIu8zOtwtg0JvnyDmB6VHGeU/22Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org