Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/YMZA-81XsF58-28ycsFfXpvT-Qg.roa
File: YMZA-81XsF58-28ycsFfXpvT-Qg.roa (raw, json)
Hash identifier: I6eITjhflqCVD+HFRo0//5dUT+ZmMKyhWmRlsRXBX/Y=
Subject key identifier: 60:C6:40:FB:CD:57:B0:5E:7C:FB:6F:32:72:C1:5F:5E:9B:D3:F9:08
Certificate issuer: /CN=1bde70af153494354946648acd641163e2af1b1d
Certificate serial: 0183A7AE2D46C9E2BDEF10175C46E9AA9024
Authority key identifier: 1B:DE:70:AF:15:34:94:35:49:46:64:8A:CD:64:11:63:E2:AF:1B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G95wrxU0lDVJRmSKzWQRY-KvGx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/YMZA-81XsF58-28ycsFfXpvT-Qg.roa
Signing time: Wed 05 Oct 2022 10:25:53 +0000
ROA not before: Wed 05 Oct 2022 10:25:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8075
IP address blocks: 195.8.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:ae:2d:46:c9:e2:bd:ef:10:17:5c:46:e9:aa:90:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bde70af153494354946648acd641163e2af1b1d
Validity
Not Before: Oct 5 10:25:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60c640fbcd57b05e7cfb6f3272c15f5e9bd3f908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0e:11:1e:46:8a:77:06:2a:90:51:2f:4f:99:
f7:94:d7:5a:35:59:c0:38:4f:36:a0:64:70:c8:50:
0e:9b:27:64:f0:f7:a9:3c:f4:0b:b0:08:9e:c3:cc:
33:0c:4f:24:77:01:4d:31:15:41:07:1b:4b:e6:37:
56:90:a6:73:9c:82:cf:46:e5:ac:05:64:55:e6:52:
5d:2b:0e:ec:ba:1d:4a:d7:c9:22:5a:65:05:d1:7d:
f6:b0:90:65:d3:95:64:30:f3:d9:5b:8e:26:66:87:
48:81:2d:4b:89:b8:c6:d9:9d:4e:6b:1d:4a:99:34:
6a:b6:8f:7b:76:c6:f7:58:dc:28:6c:fd:38:dc:d7:
90:93:d7:94:34:a5:57:64:65:30:25:75:6f:e5:f0:
96:18:bf:a1:6f:a2:c9:7f:8d:1d:5f:8c:0c:ed:80:
21:a7:58:ce:ba:4a:33:f6:71:50:1d:30:7b:3b:5d:
5b:bd:a1:57:57:3a:00:5f:09:65:37:a8:de:3d:c3:
3a:88:ce:5e:0c:a8:48:80:09:ce:62:28:02:15:93:
42:60:55:b0:98:bd:0f:de:2a:f4:10:d1:09:17:cb:
d6:21:b2:c9:e8:c6:47:30:68:4d:34:64:fd:57:66:
6b:3a:85:41:0e:6c:97:09:4b:d6:8d:07:58:7f:d2:
8d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C6:40:FB:CD:57:B0:5E:7C:FB:6F:32:72:C1:5F:5E:9B:D3:F9:08
X509v3 Authority Key Identifier:
keyid:1B:DE:70:AF:15:34:94:35:49:46:64:8A:CD:64:11:63:E2:AF:1B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G95wrxU0lDVJRmSKzWQRY-KvGx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/YMZA-81XsF58-28ycsFfXpvT-Qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/148eca-c39f-4673-886f-ecf82302f726/1/G95wrxU0lDVJRmSKzWQRY-KvGx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:0e:33:be:75:a1:91:68:71:cc:0a:fa:58:17:4f:70:e3:4f:
ab:d9:99:02:eb:33:0e:62:88:7e:6f:47:d8:c6:c6:78:c2:96:
38:2e:6a:4f:d0:ad:bb:2a:c6:05:43:77:35:ff:cf:80:34:88:
c9:d8:72:83:42:c1:2f:df:72:94:21:84:10:bb:40:f5:1e:a6:
6a:a0:a9:83:38:1f:a2:24:6f:d9:ae:64:e9:c3:10:f7:29:a5:
60:ff:75:5e:3a:f7:9b:23:20:d9:cf:3c:13:43:b2:fd:27:d8:
dd:d3:28:0f:ce:d1:85:9c:f9:bb:de:78:c5:32:50:1e:61:ba:
ed:ef:8d:72:14:f7:48:57:bc:82:ae:b1:29:b3:8f:05:06:e2:
7f:27:ff:2e:c6:1a:f3:fd:61:dd:cc:df:44:91:a4:eb:15:cc:
ba:0e:1e:ec:a3:e0:13:f6:28:cb:a2:13:fc:fb:5a:e4:79:b6:
63:2d:29:52:51:20:5f:7e:c6:34:e7:0b:00:0b:ae:a6:75:0e:
30:4c:a3:ed:05:82:31:70:63:ef:ec:4a:f0:2a:c0:77:79:a9:
ea:a9:50:06:2b:f3:c2:da:5b:50:c1:eb:76:80:2d:ae:91:93:
a4:c7:57:c6:fb:31:f3:f9:58:c3:76:3f:20:67:99:db:4e:2f:
0f:12:0d:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOnri1GyeK97xAXXEbpqpAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZGU3MGFmMTUzNDk0MzU0OTQ2NjQ4YWNkNjQxMTYzZTJh
ZjFiMWQwHhcNMjIxMDA1MTAyNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGM2NDBmYmNkNTdiMDVlN2NmYjZmMzI3MmMxNWY1ZTliZDNmOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw4RHkaKdwYqkFEvT5n3lNdaNVnA
OE82oGRwyFAOmydk8PepPPQLsAiew8wzDE8kdwFNMRVBBxtL5jdWkKZznILPRuWs
BWRV5lJdKw7suh1K18kiWmUF0X32sJBl05VkMPPZW44mZodIgS1LibjG2Z1Oax1K
mTRqto97dsb3WNwobP043NeQk9eUNKVXZGUwJXVv5fCWGL+hb6LJf40dX4wM7YAh
p1jOukoz9nFQHTB7O11bvaFXVzoAXwllN6jePcM6iM5eDKhIgAnOYigCFZNCYFWw
mL0P3ir0ENEJF8vWIbLJ6MZHMGhNNGT9V2ZrOoVBDmyXCUvWjQdYf9KNowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDGQPvNV7BefPtvMnLBX16b0/kIMB8GA1UdIwQY
MBaAFBvecK8VNJQ1SUZkis1kEWPirxsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzk1d3J4VTBsRFZKUm1TS3pXUVJZLUt2R3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xNDhlY2EtYzM5Zi00NjczLTg4NmYt
ZWNmODIzMDJmNzI2LzEvWU1aQS04MVhzRjU4LTI4eWNzRmZYcHZULVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xNDhlY2EtYzM5Zi00NjczLTg4NmYtZWNmODIzMDJmNzI2
LzEvRzk1d3J4VTBsRFZKUm1TS3pXUVJZLUt2R3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwgrMA0G
CSqGSIb3DQEBCwUAA4IBAQB+DjO+daGRaHHMCvpYF09w40+r2ZkC6zMOYoh+b0fY
xsZ4wpY4LmpP0K27KsYFQ3c1/8+ANIjJ2HKDQsEv33KUIYQQu0D1HqZqoKmDOB+i
JG/ZrmTpwxD3KaVg/3VeOvebIyDZzzwTQ7L9J9jd0ygPztGFnPm73njFMlAeYbrt
741yFPdIV7yCrrEps48FBuJ/J/8uxhrz/WHdzN9EkaTrFcy6Dh7so+AT9ijLohP8
+1rkebZjLSlSUSBffsY05wsAC66mdQ4wTKPtBYIxcGPv7ErwKsB3eanqqVAGK/PC
2ltQwet2gC2ukZOkx1fG+zHz+VjDdj8gZ5nbTi8PEg02
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:48 2024 by rpki-client on console-fra.rpki-client.org