Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Yv4Zt0mjg0GG2dft_a-_kKQqXsM.roa
File: Yv4Zt0mjg0GG2dft_a-_kKQqXsM.roa (raw, json)
Hash identifier: EXORtXqvWX4FjLbhgpRHA3LHFwvQx0vVR2mF1+2LrpQ=
Subject key identifier: 62:FE:19:B7:49:A3:83:41:86:D9:D7:ED:FD:AF:BF:90:A4:2A:5E:C3
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01826491A6C2B9C2D1CB87F8E10AD913FAF6
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Yv4Zt0mjg0GG2dft_a-_kKQqXsM.roa
Signing time: Wed 03 Aug 2022 16:37:23 +0000
ROA not before: Wed 03 Aug 2022 16:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.92.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:91:a6:c2:b9:c2:d1:cb:87:f8:e1:0a:d9:13:fa:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 3 16:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62fe19b749a3834186d9d7edfdafbf90a42a5ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c9:48:17:27:03:c8:ec:dd:c8:0d:cf:47:cf:
cb:53:74:59:b7:b4:20:66:17:45:5b:97:8f:be:43:
7d:0a:92:10:4f:e3:a2:35:4c:84:dc:d7:5c:2a:8a:
08:a6:df:7e:2d:82:e5:6a:c7:1c:33:66:94:68:8c:
4d:34:10:54:6e:7c:52:1b:28:65:c7:c1:37:4d:f1:
cd:8f:5a:3c:4d:99:01:0a:ad:9b:82:4e:af:8c:d7:
ae:78:45:a6:61:35:8d:79:19:2b:73:5a:1c:d6:84:
1a:83:69:52:04:dc:82:67:80:c0:2b:1a:8b:46:0f:
97:35:99:e1:8b:5a:8f:bb:1e:82:d0:28:01:66:f4:
23:cc:ec:58:a7:5a:40:2f:49:5b:1c:d1:58:d8:88:
09:bf:0b:74:5f:17:9d:b6:a8:e8:e9:a2:46:59:28:
6a:6a:f1:2a:36:d8:e2:2d:f3:43:ee:29:d4:0e:8b:
35:49:49:0c:44:7d:45:1b:4b:24:85:fb:3b:e9:80:
29:04:7e:3e:5d:35:ae:6c:e2:11:3a:70:86:17:61:
bc:2b:2f:f4:20:e0:82:0a:c8:90:6a:c0:7e:9e:ad:
b0:0a:c5:8e:99:70:94:43:9c:c2:3d:c1:3a:d5:f3:
29:a3:85:ae:2a:6b:26:f1:0b:e5:00:10:6c:05:19:
fe:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FE:19:B7:49:A3:83:41:86:D9:D7:ED:FD:AF:BF:90:A4:2A:5E:C3
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Yv4Zt0mjg0GG2dft_a-_kKQqXsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.44.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:27:d6:e9:1a:d8:f6:5c:65:5d:f0:93:30:f4:9d:86:45:cc:
46:83:78:32:8f:34:13:e2:10:f1:3b:6e:96:a1:0b:27:31:84:
97:50:bc:62:be:5b:da:75:45:56:5e:db:3a:2e:82:19:5d:60:
5c:15:d6:42:c0:33:ef:5a:ed:03:c8:2d:6d:67:7f:d3:5f:48:
a3:7b:86:cd:7c:ff:b4:1e:dc:a4:28:51:f5:9a:34:3f:dc:e6:
e3:0d:c2:73:0e:cf:40:6d:15:39:64:52:6d:8c:a9:81:0d:e6:
60:b4:fc:39:c7:4c:50:09:8d:ad:2b:cc:3f:2e:9b:fc:0e:0d:
be:96:bd:8d:71:0b:a2:fe:23:ae:20:5e:a4:a1:88:7b:1e:9c:
f1:ca:45:c0:6e:51:ae:3d:76:ba:91:d9:82:7e:d0:29:ef:ff:
89:30:59:ca:69:8a:e6:65:d8:dc:31:4b:4b:a7:e7:5c:de:3e:
77:26:56:72:bb:ee:f1:79:93:3f:1f:69:78:01:ec:9e:e1:51:
02:25:ee:15:0b:da:89:df:ba:04:ff:1f:c9:60:81:6a:a8:74:
03:b0:11:39:6a:6d:98:7f:6e:ff:6c:56:70:96:a8:53:10:7b:
69:26:f6:98:d5:e8:73:c9:64:4b:c1:96:cc:d7:3b:76:0c:6a:
bd:78:33:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJkkabCucLRy4f44QrZE/r2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjIwODAzMTYzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZlMTliNzQ5YTM4MzQxODZkOWQ3ZWRmZGFmYmY5MGE0MmE1ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMlIFycDyOzdyA3PR8/LU3RZt7Qg
ZhdFW5ePvkN9CpIQT+OiNUyE3NdcKooIpt9+LYLlasccM2aUaIxNNBBUbnxSGyhl
x8E3TfHNj1o8TZkBCq2bgk6vjNeueEWmYTWNeRkrc1oc1oQag2lSBNyCZ4DAKxqL
Rg+XNZnhi1qPux6C0CgBZvQjzOxYp1pAL0lbHNFY2IgJvwt0Xxedtqjo6aJGWShq
avEqNtjiLfND7inUDos1SUkMRH1FG0skhfs76YApBH4+XTWubOIROnCGF2G8Ky/0
IOCCCsiQasB+nq2wCsWOmXCUQ5zCPcE61fMpo4WuKmsm8QvlABBsBRn+dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL+GbdJo4NBhtnX7f2vv5CkKl7DMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvWXY0WnQwbWpnMEdHMmRmdF9hLV9rS1FxWHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW1wsMA0G
CSqGSIb3DQEBCwUAA4IBAQCKJ9bpGtj2XGVd8JMw9J2GRcxGg3gyjzQT4hDxO26W
oQsnMYSXULxivlvadUVWXts6LoIZXWBcFdZCwDPvWu0DyC1tZ3/TX0ije4bNfP+0
HtykKFH1mjQ/3ObjDcJzDs9AbRU5ZFJtjKmBDeZgtPw5x0xQCY2tK8w/Lpv8Dg2+
lr2NcQui/iOuIF6koYh7HpzxykXAblGuPXa6kdmCftAp7/+JMFnKaYrmZdjcMUtL
p+dc3j53JlZyu+7xeZM/H2l4Aeye4VECJe4VC9qJ37oE/x/JYIFqqHQDsBE5am2Y
f27/bFZwlqhTEHtpJvaY1ehzyWRLwZbM1zt2DGq9eDNI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org