Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/YCu3EfYtkl3lo_qGzoQi32q2NQ8.roa
File: YCu3EfYtkl3lo_qGzoQi32q2NQ8.roa (raw, json)
Hash identifier: yGlqb/3rK82Diag7L7aGATrWU2A97JvRvWlBVxmndpE=
Subject key identifier: 60:2B:B7:11:F6:2D:92:5D:E5:A3:FA:86:CE:84:22:DF:6A:B6:35:0F
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 018C35E8712BDCB39277E678FC1C32031E6F
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/YCu3EfYtkl3lo_qGzoQi32q2NQ8.roa
Signing time: Mon 04 Dec 2023 17:37:54 +0000
ROA not before: Mon 04 Dec 2023 17:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 193.106.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:e8:71:2b:dc:b3:92:77:e6:78:fc:1c:32:03:1e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Dec 4 17:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=602bb711f62d925de5a3fa86ce8422df6ab6350f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:16:ff:ff:06:e4:59:2d:4a:3e:02:db:6d:1e:
fd:c3:14:af:15:73:76:ac:b6:6b:eb:7b:38:0f:e9:
b6:a6:cd:b9:c9:e8:9b:98:80:38:18:0b:9f:36:8c:
5f:be:ba:69:84:bb:7b:a4:1a:28:7d:28:ff:24:be:
33:61:91:72:98:c8:e9:db:48:f1:c3:47:30:ef:8e:
82:5f:fe:42:b3:2a:13:28:49:ff:8b:3d:c4:17:26:
4d:06:51:96:6c:95:43:e3:5b:f3:7b:79:0b:d2:4d:
b3:8f:30:96:23:1f:06:f5:ee:f0:b3:c2:aa:e7:68:
f0:70:10:a6:e3:ee:aa:d4:51:48:55:4c:68:1a:1a:
5c:7f:fc:a5:92:fd:6f:36:0f:41:f1:d3:64:b0:52:
17:ac:a3:11:d4:e4:ca:84:bc:b7:01:d9:dd:19:ac:
57:14:86:11:d0:d4:4e:12:9c:f4:24:ea:e6:54:47:
26:64:3c:36:e7:c0:a0:bf:e8:85:69:46:3c:bd:d9:
e1:85:3e:d1:6d:ce:28:68:46:26:13:c7:db:de:d3:
6e:c9:8e:a9:c1:f9:19:88:fa:ba:6f:e0:eb:4f:33:
60:3d:ec:12:06:59:57:14:10:e1:f0:c1:ee:65:d1:
12:99:f9:c4:e8:f2:50:c6:e4:4f:a4:61:80:f2:b9:
0d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2B:B7:11:F6:2D:92:5D:E5:A3:FA:86:CE:84:22:DF:6A:B6:35:0F
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/YCu3EfYtkl3lo_qGzoQi32q2NQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.196.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:75:64:1d:dc:25:89:58:5e:7b:2a:15:13:24:59:8e:2a:49:
e0:8b:d2:5b:27:90:df:6d:42:f8:8a:19:44:5e:fb:0a:0e:1d:
5f:57:fc:ee:84:d0:66:47:d5:c9:78:e4:be:c5:bd:aa:c0:c5:
dd:dc:0d:31:4d:c5:2b:65:e3:25:b6:d1:cb:79:d7:a8:0e:5f:
d4:eb:42:ca:e2:9e:ed:4e:33:59:fe:82:0e:5e:11:33:7d:9e:
70:d0:7e:86:6d:b2:f8:6a:48:09:2b:5e:c4:84:c4:3a:48:a7:
2e:dc:c9:70:8d:68:34:d9:c0:90:74:9c:4c:4e:c5:8d:a7:ef:
8b:21:31:81:4e:00:8f:dc:c4:b9:da:2d:0c:36:b2:8c:b8:f4:
be:02:1b:8f:c6:74:59:75:65:1f:94:53:2d:19:e2:57:f6:76:
b8:66:6f:db:21:57:db:d5:df:9c:6a:52:ea:97:fe:5c:94:49:
4b:23:cb:e3:20:e4:34:70:5d:11:eb:2f:21:ce:7e:a3:bb:d4:
54:3e:3f:ce:ce:0c:41:b8:b9:9c:6b:50:65:bd:fe:9e:3a:33:
f1:dc:9a:72:c3:1d:57:2c:85:c0:b3:e4:b7:02:df:83:1b:65:
58:31:f9:78:f1:5a:65:b5:3f:8c:14:6d:7f:7a:2d:2c:6b:64:
3f:6d:72:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw16HEr3LOSd+Z4/BwyAx5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjMxMjA0MTczNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJiYjcxMWY2MmQ5MjVkZTVhM2ZhODZjZTg0MjJkZjZhYjYzNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxb//wbkWS1KPgLbbR79wxSvFXN2
rLZr63s4D+m2ps25yeibmIA4GAufNoxfvrpphLt7pBoofSj/JL4zYZFymMjp20jx
w0cw746CX/5CsyoTKEn/iz3EFyZNBlGWbJVD41vze3kL0k2zjzCWIx8G9e7ws8Kq
52jwcBCm4+6q1FFIVUxoGhpcf/ylkv1vNg9B8dNksFIXrKMR1OTKhLy3AdndGaxX
FIYR0NROEpz0JOrmVEcmZDw258Cgv+iFaUY8vdnhhT7Rbc4oaEYmE8fb3tNuyY6p
wfkZiPq6b+DrTzNgPewSBllXFBDh8MHuZdESmfnE6PJQxuRPpGGA8rkN5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGArtxH2LZJd5aP6hs6EIt9qtjUPMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvWUN1M0VmWXRrbDNsb19xR3pvUWkzMnEyTlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWrEMA0G
CSqGSIb3DQEBCwUAA4IBAQA/dWQd3CWJWF57KhUTJFmOKkngi9JbJ5DfbUL4ihlE
XvsKDh1fV/zuhNBmR9XJeOS+xb2qwMXd3A0xTcUrZeMlttHLedeoDl/U60LK4p7t
TjNZ/oIOXhEzfZ5w0H6GbbL4akgJK17EhMQ6SKcu3MlwjWg02cCQdJxMTsWNp++L
ITGBTgCP3MS52i0MNrKMuPS+AhuPxnRZdWUflFMtGeJX9na4Zm/bIVfb1d+calLq
l/5clElLI8vjIOQ0cF0R6y8hzn6ju9RUPj/OzgxBuLmca1Blvf6eOjPx3Jpywx1X
LIXAs+S3At+DG2VYMfl48VpltT+MFG1/ei0sa2Q/bXKs
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:01 2025 by rpki-client