Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/Y5k82FvpsVB1VRX0E16cG9edIys.roa
File: Y5k82FvpsVB1VRX0E16cG9edIys.roa (raw, json)
Hash identifier: MVkmakzM89fHv2sFtfSv+/tyM8WTuHcjc+G/q5oYS70=
Subject key identifier: 63:99:3C:D8:5B:E9:B1:50:75:55:15:F4:13:5E:9C:1B:D7:9D:23:2B
Certificate issuer: /CN=60599373b0b6f04319d08becb5ad5792a13bda92
Certificate serial: 02DD3217
Authority key identifier: 60:59:93:73:B0:B6:F0:43:19:D0:8B:EC:B5:AD:57:92:A1:3B:DA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFmTc7C28EMZ0Ivsta1XkqE72pI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/Y5k82FvpsVB1VRX0E16cG9edIys.roa
Signing time: Sat 01 Jan 2022 13:55:10 +0000
ROA not before: Sat 01 Jan 2022 13:55:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44801
IP address blocks: 91.199.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48050711 (0x2dd3217)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60599373b0b6f04319d08becb5ad5792a13bda92
Validity
Not Before: Jan 1 13:55:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63993cd85be9b150755515f4135e9c1bd79d232b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bc:3f:2b:d0:0c:df:29:83:88:0b:4c:3b:98:
ec:fb:19:d9:97:00:88:0e:cf:f2:ed:40:a9:16:93:
e2:29:66:c4:dc:6d:66:b1:c7:e3:7b:97:a6:9a:35:
e0:39:43:04:39:1b:71:93:18:84:b4:81:bb:49:39:
bb:26:21:f8:55:ba:5c:8e:9e:1b:17:41:46:35:09:
84:8c:7b:be:3b:50:67:b1:e8:96:f3:50:e9:81:f1:
48:35:d3:da:dc:7b:b5:38:3f:13:18:34:41:3f:12:
de:62:ba:d5:31:94:63:e1:01:f4:fb:3c:9d:64:3b:
5d:71:52:76:69:f3:d4:70:f6:77:a7:5a:eb:d9:96:
cd:cf:99:56:d7:b0:5d:2b:cf:7e:85:cb:ff:02:54:
05:83:29:1b:9d:23:40:40:06:90:a8:69:c0:bc:d1:
f2:a8:1a:bf:87:7b:46:ce:49:f7:42:77:e0:ba:70:
29:d7:4d:1c:c1:44:bb:a2:81:bc:7c:ad:48:3a:fd:
d7:0b:5e:60:66:1a:8e:0a:45:91:f9:a3:3e:52:7f:
0b:5d:c1:fe:1b:2a:77:12:d7:9c:0b:7b:4a:93:39:
f8:b4:9d:7a:a5:c1:15:72:5d:05:9a:e4:cc:26:1f:
20:11:16:d2:2e:54:82:8e:59:23:43:78:3f:57:41:
71:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:99:3C:D8:5B:E9:B1:50:75:55:15:F4:13:5E:9C:1B:D7:9D:23:2B
X509v3 Authority Key Identifier:
keyid:60:59:93:73:B0:B6:F0:43:19:D0:8B:EC:B5:AD:57:92:A1:3B:DA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFmTc7C28EMZ0Ivsta1XkqE72pI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/Y5k82FvpsVB1VRX0E16cG9edIys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/YFmTc7C28EMZ0Ivsta1XkqE72pI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.252.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:3d:59:18:dd:1f:ea:46:04:01:8b:e9:c2:eb:60:93:a9:bb:
10:d1:a7:77:a8:fd:85:b4:ab:a6:79:1e:4c:4f:5c:87:82:b8:
2d:14:4e:00:18:45:50:1f:99:66:9c:10:d3:ac:d1:ea:49:b5:
ec:b0:72:cf:0b:21:21:d5:d7:4d:fd:f2:5c:2b:7d:dc:14:e9:
d6:11:e7:51:08:15:5b:94:c7:36:ee:1a:08:6b:ee:7b:fa:4d:
ea:b4:d1:02:7f:f0:49:a3:d6:73:fa:c1:8f:f6:e4:54:96:8b:
63:26:71:05:f6:f0:9b:db:00:88:e2:c0:05:4f:37:3c:c1:51:
e8:f6:6d:91:3b:71:17:7d:88:e1:b1:05:64:78:c0:3b:0d:f2:
c1:8e:16:c8:b9:c8:8a:7a:dc:bc:61:b0:b5:f7:2e:1f:53:26:
1c:ab:de:f2:d9:03:71:fe:50:d7:1b:78:8f:65:7a:00:77:ab:
d0:96:4b:41:47:1f:90:5a:c2:d4:5c:93:70:db:2e:2b:40:c6:
08:4c:96:53:c2:ca:17:6d:ea:27:08:52:c5:47:c0:00:16:14:
07:af:1d:51:40:1c:c4:20:24:1c:27:f7:60:9c:de:f3:8d:a7:
91:90:47:9f:08:39:e7:44:4b:f9:35:f5:c9:99:e0:93:fe:f2:
5e:a6:80:5a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAt0yFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU5OTM3M2IwYjZmMDQzMTlkMDhiZWNiNWFkNTc5MmExM2JkYTkyMB4XDTIyMDEw
MTEzNTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM5OTNjZDg1YmU5
YjE1MDc1NTUxNWY0MTM1ZTljMWJkNzlkMjMyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALS8PyvQDN8pg4gLTDuY7PsZ2ZcAiA7P8u1AqRaT4ilmxNxt
ZrHH43uXppo14DlDBDkbcZMYhLSBu0k5uyYh+FW6XI6eGxdBRjUJhIx7vjtQZ7Ho
lvNQ6YHxSDXT2tx7tTg/Exg0QT8S3mK61TGUY+EB9Ps8nWQ7XXFSdmnz1HD2d6da
69mWzc+ZVtewXSvPfoXL/wJUBYMpG50jQEAGkKhpwLzR8qgav4d7Rs5J90J34Lpw
KddNHMFEu6KBvHytSDr91wteYGYajgpFkfmjPlJ/C13B/hsqdxLXnAt7SpM5+LSd
eqXBFXJdBZrkzCYfIBEW0i5Ugo5ZI0N4P1dBcdECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRjmTzYW+mxUHVVFfQTXpwb150jKzAfBgNVHSMEGDAWgBRgWZNzsLbwQxnQ
i+y1rVeSoTvakjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGbVRjN0MyOEVNWjBJdnN0YTFYa3FFNzJwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvM2YyN2IzLTcxMTAtNGQ4Yy1hMGQ4LTAzMTA5YzE1NTEwZC8x
L1k1azgyRnZwc1ZCMVZSWDBFMTZjRzllZEl5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
M2YyN2IzLTcxMTAtNGQ4Yy1hMGQ4LTAzMTA5YzE1NTEwZC8xL1lGbVRjN0MyOEVN
WjBJdnN0YTFYa3FFNzJwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvH/DANBgkqhkiG9w0BAQsFAAOC
AQEAXD1ZGN0f6kYEAYvpwutgk6m7ENGnd6j9hbSrpnkeTE9ch4K4LRROABhFUB+Z
ZpwQ06zR6km17LByzwshIdXXTf3yXCt93BTp1hHnUQgVW5THNu4aCGvue/pN6rTR
An/wSaPWc/rBj/bkVJaLYyZxBfbwm9sAiOLABU83PMFR6PZtkTtxF32I4bEFZHjA
Ow3ywY4WyLnIinrcvGGwtfcuH1MmHKve8tkDcf5Q1xt4j2V6AHer0JZLQUcfkFrC
1FyTcNsuK0DGCEyWU8LKF23qJwhSxUfAABYUB68dUUAcxCAkHCf3YJze842nkZBH
nwg550RL+TX1yZngk/7yXqaAWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:06 2024 by rpki-client on console-ams.rpki-client.org