Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/yRcaqKp7o94RXkhDPIkABlUmF7w.roa
File: yRcaqKp7o94RXkhDPIkABlUmF7w.roa (raw, json)
Hash identifier: gwS7faKajueyDZ0ddmn0EO4X4cK7y5uIDpaOyiNF/v0=
Subject key identifier: C9:17:1A:A8:AA:7B:A3:DE:11:5E:48:43:3C:89:00:06:55:26:17:BC
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0189B5AC0A01EB265D5431868249A3196420
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/yRcaqKp7o94RXkhDPIkABlUmF7w.roa
Signing time: Wed 02 Aug 2023 09:54:58 +0000
ROA not before: Wed 02 Aug 2023 09:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 91.132.160.0/22 maxlen: 22
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:ac:0a:01:eb:26:5d:54:31:86:82:49:a3:19:64:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Aug 2 09:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9171aa8aa7ba3de115e48433c890006552617bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:71:80:4d:21:03:d3:19:67:cf:e7:f0:00:08:
83:97:9a:da:61:7f:00:fd:97:d8:8a:4b:1b:95:fd:
46:e3:02:45:c3:f8:27:9c:1a:fc:69:e8:1e:0f:8d:
e6:b7:d3:9a:2d:15:91:4e:95:9f:c4:70:32:db:ff:
47:45:d2:f7:d1:be:b9:bf:ba:64:e5:e1:4e:9f:99:
c4:86:be:6a:ec:c3:14:c4:a1:27:3d:fc:93:2b:3e:
86:4f:51:36:a9:6b:d3:00:97:25:da:98:4d:8c:a7:
f5:f4:17:48:6b:f7:da:f6:e3:b5:96:fa:f7:2b:e9:
3a:76:da:a7:3b:bd:6d:ee:02:c5:b8:70:f1:f0:bd:
64:82:d4:ae:f1:0d:b9:66:c4:a5:0a:0c:d7:be:ce:
f8:56:9c:02:ac:54:f7:3f:48:6c:85:05:aa:55:a7:
3f:6f:1e:91:52:dd:41:09:2d:aa:cd:ae:bd:2a:f3:
dd:a5:6c:43:ba:7a:cf:8c:44:8f:a3:02:07:b2:51:
07:96:ea:55:b0:26:53:95:c5:95:f5:2f:11:08:04:
65:5d:7a:c4:ce:71:3d:a2:d4:c9:61:44:4f:1a:bb:
f2:89:64:2c:7b:fa:f0:9f:cf:42:f9:9e:61:1e:c1:
ec:03:6d:59:17:4b:11:4e:40:6b:ee:a0:f7:41:ef:
eb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:17:1A:A8:AA:7B:A3:DE:11:5E:48:43:3C:89:00:06:55:26:17:BC
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/yRcaqKp7o94RXkhDPIkABlUmF7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.160.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:84:3a:64:3e:b7:93:7b:6b:c0:50:61:3b:3e:a6:93:c8:fc:
9e:a2:f9:2d:c6:f7:3e:70:4d:e1:b5:41:81:df:19:83:46:13:
66:29:1b:37:bf:9d:64:c9:12:d9:a4:3b:00:ae:9e:f8:13:bf:
0e:1b:4f:00:7a:6b:8a:ba:91:ee:09:d3:2a:54:89:2d:fc:6c:
f4:36:c8:ab:dd:27:91:93:9c:e1:1d:51:39:0a:15:97:e3:c4:
d8:16:04:94:0b:96:d8:ca:7e:86:fe:dc:71:ca:c2:5e:83:82:
61:9c:b5:11:ee:bb:bd:30:be:2a:88:36:e3:35:3d:94:5c:dd:
d5:08:9d:70:8b:8a:a0:8c:fe:6b:c0:34:04:ba:38:ca:de:c8:
33:27:ab:ff:0f:65:24:36:83:e1:fa:e3:7a:b0:9c:8a:0c:89:
dd:05:33:be:c6:e5:08:8d:1a:b6:80:dd:95:4e:a7:51:b1:9b:
47:f5:7c:26:7a:4c:0e:ee:d7:75:50:d9:f7:00:d2:30:75:0f:
b6:9d:c5:00:b7:39:f6:b3:17:93:c6:3c:05:d7:3d:8c:91:33:
a8:d4:8d:67:ad:43:d2:22:fb:c2:58:69:4f:fb:c7:03:05:76:
22:af:95:b7:06:0e:32:14:43:09:5a:e8:78:43:9f:af:d2:8a:
ca:66:4c:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm1rAoB6yZdVDGGgkmjGWQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwODAyMDk1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE3MWFhOGFhN2JhM2RlMTE1ZTQ4NDMzYzg5MDAwNjU1MjYxN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnGATSED0xlnz+fwAAiDl5raYX8A
/ZfYiksblf1G4wJFw/gnnBr8aegeD43mt9OaLRWRTpWfxHAy2/9HRdL30b65v7pk
5eFOn5nEhr5q7MMUxKEnPfyTKz6GT1E2qWvTAJcl2phNjKf19BdIa/fa9uO1lvr3
K+k6dtqnO71t7gLFuHDx8L1kgtSu8Q25ZsSlCgzXvs74VpwCrFT3P0hshQWqVac/
bx6RUt1BCS2qza69KvPdpWxDunrPjESPowIHslEHlupVsCZTlcWV9S8RCARlXXrE
znE9otTJYURPGrvyiWQse/rwn89C+Z5hHsHsA21ZF0sRTkBr7qD3Qe/rQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMkXGqiqe6PeEV5IQzyJAAZVJhe8MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEveVJjYXFLcDdvOTRSWGtoRFBJa0FCbFVtRjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW4SgAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQCLhDpkPreTe2vAUGE7PqaTyPyeovktxvc+
cE3htUGB3xmDRhNmKRs3v51kyRLZpDsArp74E78OG08AemuKupHuCdMqVIkt/Gz0
Nsir3SeRk5zhHVE5ChWX48TYFgSUC5bYyn6G/txxysJeg4JhnLUR7ru9ML4qiDbj
NT2UXN3VCJ1wi4qgjP5rwDQEujjK3sgzJ6v/D2UkNoPh+uN6sJyKDIndBTO+xuUI
jRq2gN2VTqdRsZtH9XwmekwO7td1UNn3ANIwdQ+2ncUAtzn2sxeTxjwF1z2MkTOo
1I1nrUPSIvvCWGlP+8cDBXYir5W3Bg4yFEMJWuh4Q5+v0orKZkyx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:47 2025 by rpki-client