Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vYCF_CIHKWnKT5Bn4W-FocanByI.roa
File: vYCF_CIHKWnKT5Bn4W-FocanByI.roa (raw, json)
Hash identifier: BJIiC9sQG4uUdogIt8vTvyD/mgT1bB9/aJY1EWRzOII=
Subject key identifier: BD:80:85:FC:22:07:29:69:CA:4F:90:67:E1:6F:85:A1:C6:A7:07:22
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 128DD356
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vYCF_CIHKWnKT5Bn4W-FocanByI.roa
Signing time: Sat 01 Jan 2022 10:05:50 +0000
ROA not before: Sat 01 Jan 2022 10:05:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200376
IP address blocks: 5.202.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311284566 (0x128dd356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 10:05:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd8085fc22072969ca4f9067e16f85a1c6a70722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8e:21:2c:0f:36:de:64:9c:55:6a:b3:06:35:
b2:0e:a5:e7:55:48:44:59:8c:8f:5e:94:9c:83:7a:
93:cc:9e:56:dd:53:19:72:8d:1d:b2:59:83:74:69:
17:8c:89:47:31:d1:3e:c3:e6:b8:f2:0a:1a:a0:4c:
2a:9d:52:d7:80:42:fc:eb:8c:db:cd:94:8c:69:cb:
7e:8b:4c:6b:7b:8c:e6:c6:e0:45:d6:f0:ec:2e:85:
76:99:1c:f4:24:80:f5:ca:97:2d:6c:74:eb:b8:27:
60:19:e7:61:0c:63:45:ef:ac:15:f7:73:d4:a9:0e:
e2:0a:cb:7c:3a:50:6e:c7:ab:0d:48:54:8c:b2:b3:
e0:39:1b:18:4e:19:37:00:11:3b:9e:7f:3c:a9:78:
c8:c6:b5:93:7b:39:09:43:b6:b4:1f:35:fc:ee:d4:
34:05:42:3e:dc:7d:a3:62:23:84:ce:bf:a5:ed:84:
b2:85:4b:b4:5f:32:bc:0d:e3:48:d5:55:19:2b:54:
41:8a:10:48:df:5c:8d:68:68:d3:03:fb:76:66:fc:
ed:75:51:a5:cf:60:05:d9:26:59:05:4f:f8:ac:e4:
76:05:c9:8f:b4:ab:21:5a:74:26:56:71:ee:89:7a:
7f:c7:eb:ff:d0:7d:bd:e2:f9:fe:d4:0a:84:ca:1f:
85:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:80:85:FC:22:07:29:69:CA:4F:90:67:E1:6F:85:A1:C6:A7:07:22
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vYCF_CIHKWnKT5Bn4W-FocanByI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.86.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:a0:ba:7e:9d:fa:2f:84:0e:9d:b1:17:66:d9:17:4d:4e:5f:
45:1f:7b:8e:dd:29:05:c8:8a:64:c6:63:d5:63:36:e5:dc:ff:
73:02:17:9d:ad:9e:de:3d:34:78:91:db:07:bc:a8:15:bc:cb:
45:16:17:6c:02:ea:5e:19:b2:ff:cc:8f:77:4e:6a:2e:dc:a3:
68:1c:64:81:2b:e2:5b:e4:e9:aa:da:ec:a9:f0:71:e1:61:75:
7a:78:dc:51:eb:d7:da:0c:eb:71:27:7b:dc:fa:0b:c6:2e:a5:
cd:64:a0:6d:2e:ab:9f:a5:f6:89:40:6a:8c:87:d7:fc:47:2d:
5a:d9:0a:cb:4e:4d:ca:07:89:67:18:90:bd:07:24:7b:bc:4d:
00:0c:3a:69:aa:fa:e5:3d:ed:a3:32:d2:d9:b2:6f:1d:7f:b5:
30:26:14:10:20:6a:7c:ac:9f:7c:44:01:6a:e6:28:09:5b:6c:
f2:e8:50:4e:ad:e0:75:d1:53:ce:88:ea:20:bb:6c:6c:d1:4f:
78:aa:05:bb:07:34:76:77:88:2b:e7:e5:0a:4c:a7:20:96:0e:
3b:16:dc:e8:ba:6c:00:ee:93:9d:60:72:d3:bc:fb:ae:38:d8:
e6:c2:ba:d0:f1:fc:35:02:0d:85:0d:6a:1a:54:93:68:0d:ff:
e3:65:6c:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEo3TVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFlNjkzNjhhYmQzNDUzOGZlNzdkZGFhYmNkYzgzNWFmNTk1ZWJhMB4XDTIyMDEw
MTEwMDU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ4MDg1ZmMyMjA3
Mjk2OWNhNGY5MDY3ZTE2Zjg1YTFjNmE3MDcyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCOISwPNt5knFVqswY1sg6l51VIRFmMj16UnIN6k8yeVt1T
GXKNHbJZg3RpF4yJRzHRPsPmuPIKGqBMKp1S14BC/OuM282UjGnLfotMa3uM5sbg
Rdbw7C6Fdpkc9CSA9cqXLWx067gnYBnnYQxjRe+sFfdz1KkO4grLfDpQbserDUhU
jLKz4DkbGE4ZNwARO55/PKl4yMa1k3s5CUO2tB81/O7UNAVCPtx9o2IjhM6/pe2E
soVLtF8yvA3jSNVVGStUQYoQSN9cjWho0wP7dmb87XVRpc9gBdkmWQVP+KzkdgXJ
j7SrIVp0JlZx7ol6f8fr/9B9veL5/tQKhMofhZkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9gIX8IgcpacpPkGfhb4WhxqcHIjAfBgNVHSMEGDAWgBSaHmk2ir00U4/n
fdqrzcg1r1leujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8x
L3ZZQ0ZfQ0lIS1duS1Q1Qm40Vy1Gb2NhbkJ5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
Nzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8xL21oNXBOb3E5TkZP
UDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAXKVjANBgkqhkiG9w0BAQsFAAOC
AQEAnKC6fp36L4QOnbEXZtkXTU5fRR97jt0pBciKZMZj1WM25dz/cwIXna2e3j00
eJHbB7yoFbzLRRYXbALqXhmy/8yPd05qLtyjaBxkgSviW+TpqtrsqfBx4WF1enjc
UevX2gzrcSd73PoLxi6lzWSgbS6rn6X2iUBqjIfX/EctWtkKy05NygeJZxiQvQck
e7xNAAw6aar65T3tozLS2bJvHX+1MCYUECBqfKyffEQBauYoCVts8uhQTq3gddFT
zojqILtsbNFPeKoFuwc0dneIK+flCkynIJYOOxbc6LpsAO6TnWBy07z7rjjY5sK6
0PH8NQINhQ1qGlSTaA3/42VsLA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:54 2023 by rpki-client on console-fra.rpki-client.org