Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YH-nL31wlJ8LSuNymQwTBoUQErs.roa
File: YH-nL31wlJ8LSuNymQwTBoUQErs.roa (raw, json)
Hash identifier: RH+E3DsJTOq5czvP15+n3eYrq8+0TKUkIaOEt5rh2ag=
Subject key identifier: 60:7F:A7:2F:7D:70:94:9F:0B:4A:E3:72:99:0C:13:06:85:10:12:BB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAFA72794F9DFCF54A8577A522974D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YH-nL31wlJ8LSuNymQwTBoUQErs.roa
Signing time: Sun 01 Jan 2023 10:05:19 +0000
ROA not before: Sun 01 Jan 2023 10:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58653
IP address blocks: 193.235.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:fa:72:79:4f:9d:fc:f5:4a:85:77:a5:22:97:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=607fa72f7d70949f0b4ae372990c1306851012bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bf:95:9a:70:8b:2c:2c:3a:38:66:4c:6c:3e:
08:d5:71:45:a0:e3:16:c1:93:7f:09:06:6c:fe:41:
2e:b5:81:6c:05:e1:23:27:05:b6:b8:1f:c3:83:2d:
db:c2:27:ae:18:3d:87:9f:49:69:f9:8c:51:8c:79:
0d:1d:7a:31:61:47:e7:d7:6e:12:a3:8b:6a:5f:4e:
0d:fc:55:af:4c:f7:9f:1a:0a:e4:43:87:1e:cb:77:
51:58:ba:29:60:b6:02:ca:af:de:66:a4:d9:0c:16:
b1:0d:9e:6c:94:d9:2b:b4:85:f6:a9:33:7f:0c:da:
ca:54:af:f5:f3:11:0f:65:85:75:ec:f8:cd:dc:d4:
05:7f:b6:62:56:d3:c3:13:f9:fd:3d:3a:e3:3e:2e:
be:f2:dc:b0:29:88:77:27:af:14:44:82:61:ed:a1:
14:33:48:85:df:5d:19:c0:97:36:07:0f:6c:9d:04:
0d:a1:ef:69:8f:a0:55:7e:40:9e:16:3d:84:e6:25:
6c:0c:13:cc:f1:5a:49:e6:eb:73:24:70:50:91:de:
c1:14:f6:10:51:1d:f8:d1:94:d9:33:80:1a:8a:3f:
e9:7a:b3:77:4b:6f:94:da:e7:24:2b:6d:ff:b9:06:
b7:43:89:df:9b:6b:82:2f:7c:13:f1:c8:d6:b3:02:
40:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7F:A7:2F:7D:70:94:9F:0B:4A:E3:72:99:0C:13:06:85:10:12:BB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YH-nL31wlJ8LSuNymQwTBoUQErs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.235.104.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a0:9c:f2:bc:57:c3:d9:70:37:53:f5:b3:e2:cd:6b:f3:e1:
14:a1:65:36:3b:76:11:ae:67:f2:02:74:07:12:b0:64:52:eb:
bf:8a:31:f1:9c:4a:3a:d1:dd:7d:75:50:36:d8:5f:21:98:74:
3c:b2:b1:ab:18:24:da:6b:b6:d8:7f:53:e2:24:85:e3:3b:5a:
8d:5e:3e:81:bc:c9:2e:22:e7:99:d6:93:6a:91:04:d2:71:41:
f3:15:5c:7c:bf:95:88:ac:a8:56:30:2c:01:1a:e7:eb:a2:c8:
c9:14:4b:32:53:d0:93:1a:19:3c:4b:28:66:f0:bb:54:e8:0a:
a0:b6:19:56:66:b7:6b:01:1f:61:ae:4f:93:45:f2:b7:1b:52:
ee:7a:8b:2d:01:8b:9c:c0:0a:87:9c:cd:67:7b:e3:db:b9:e8:
d9:37:e7:80:9c:99:fc:cb:89:e5:8a:92:a4:2a:02:4e:43:d3:
df:f6:5d:59:17:13:f6:30:b1:ba:1f:e7:77:9a:ac:19:5b:fc:
56:23:23:8d:b6:09:60:ae:b9:72:09:47:e0:57:41:51:57:3b:
14:ae:68:44:ab:2e:11:45:53:b2:bb:d9:af:d9:09:e4:6b:cf:
bd:5a:47:e9:c9:af:1d:3f:5d:9d:c1:2d:be:8a:57:94:37:26:
d8:30:5a:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyvpyeU+d/PVKhXelIpdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDdmYTcyZjdkNzA5NDlmMGI0YWUzNzI5OTBjMTMwNjg1MTAxMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAib+VmnCLLCw6OGZMbD4I1XFFoOMW
wZN/CQZs/kEutYFsBeEjJwW2uB/Dgy3bwieuGD2Hn0lp+YxRjHkNHXoxYUfn124S
o4tqX04N/FWvTPefGgrkQ4cey3dRWLopYLYCyq/eZqTZDBaxDZ5slNkrtIX2qTN/
DNrKVK/18xEPZYV17PjN3NQFf7ZiVtPDE/n9PTrjPi6+8tywKYh3J68URIJh7aEU
M0iF310ZwJc2Bw9snQQNoe9pj6BVfkCeFj2E5iVsDBPM8VpJ5utzJHBQkd7BFPYQ
UR340ZTZM4Aaij/perN3S2+U2uckK23/uQa3Q4nfm2uCL3wT8cjWswJAjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGB/py99cJSfC0rjcpkMEwaFEBK7MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWUgtbkwzMXdsSjhMU3VOeW1Rd1RCb1VRRXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwetoMA0G
CSqGSIb3DQEBCwUAA4IBAQA3oJzyvFfD2XA3U/Wz4s1r8+EUoWU2O3YRrmfyAnQH
ErBkUuu/ijHxnEo60d19dVA22F8hmHQ8srGrGCTaa7bYf1PiJIXjO1qNXj6BvMku
IueZ1pNqkQTScUHzFVx8v5WIrKhWMCwBGufrosjJFEsyU9CTGhk8Syhm8LtU6Aqg
thlWZrdrAR9hrk+TRfK3G1LueostAYucwAqHnM1ne+PbuejZN+eAnJn8y4nlipKk
KgJOQ9Pf9l1ZFxP2MLG6H+d3mqwZW/xWIyONtglgrrlyCUfgV0FRVzsUrmhEqy4R
RVOyu9mv2Qnka8+9Wkfpya8dP12dwS2+ileUNybYMFrR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:35 2025 by rpki-client