Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/YN0bFCXrh1ujZu-k2GwA0eVKYcM.roa
File: YN0bFCXrh1ujZu-k2GwA0eVKYcM.roa (raw, json)
Hash identifier: DwTMDAhaN0OsCzFqrdCnP/4qaLi5XCf9C4OGaKhSUL0=
Subject key identifier: 60:DD:1B:14:25:EB:87:5B:A3:66:EF:A4:D8:6C:00:D1:E5:4A:61:C3
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 074A17DF
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/YN0bFCXrh1ujZu-k2GwA0eVKYcM.roa
Signing time: Sat 01 Jan 2022 12:01:28 +0000
ROA not before: Sat 01 Jan 2022 12:01:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208794
IP address blocks: 193.43.139.0/24 maxlen: 24
2a0e:b280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122296287 (0x74a17df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 1 12:01:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60dd1b1425eb875ba366efa4d86c00d1e54a61c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:97:18:12:ed:69:61:5e:0d:dd:83:b9:09:52:
0a:53:f1:78:f4:16:95:2a:8a:e7:08:58:3f:90:55:
7c:91:1b:95:78:ea:55:fe:21:66:9b:62:02:11:3b:
f6:08:1f:03:c6:03:fb:8d:e5:63:48:0a:e3:5d:a9:
55:6c:87:94:a1:4b:22:10:1c:52:40:67:9a:47:c9:
c9:db:32:80:c3:22:96:22:7d:13:45:ac:e6:e2:d9:
59:b2:11:37:1e:b7:b6:72:1e:39:14:26:2b:05:aa:
05:c4:15:38:3f:e2:fc:31:48:0d:92:78:65:11:b7:
bb:8e:73:0f:44:dc:56:80:aa:73:89:bf:5b:b7:63:
97:29:b7:9e:c1:b9:05:65:66:e6:36:32:d2:51:20:
93:c5:5c:29:57:37:c9:ec:bd:d5:cb:32:22:d2:03:
51:56:7a:7e:23:8b:ba:83:9d:a0:ef:6f:6d:c0:39:
7f:93:cb:e9:05:40:32:02:37:ef:09:79:c5:9c:12:
2c:36:bb:32:0d:36:1f:ed:8f:2f:36:54:bb:92:f6:
e0:2b:00:16:3a:1b:db:5b:66:63:86:2f:49:41:e0:
fd:34:67:d8:1a:64:92:51:d1:58:a1:47:25:33:eb:
85:f0:06:89:53:05:dd:c0:2b:b6:26:c3:d9:5e:a5:
da:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DD:1B:14:25:EB:87:5B:A3:66:EF:A4:D8:6C:00:D1:E5:4A:61:C3
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/YN0bFCXrh1ujZu-k2GwA0eVKYcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.139.0/24
IPv6:
2a0e:b280::/29
Signature Algorithm: sha256WithRSAEncryption
91:d1:49:13:c8:60:84:cd:2d:2b:07:c0:c5:bc:db:e3:c8:db:
14:14:ea:99:a4:b2:f3:1a:65:92:e8:95:85:93:a5:70:e5:c8:
36:08:85:1b:8d:4c:41:60:f1:bc:4d:4c:80:2f:66:4f:28:0a:
80:5a:7a:30:e9:08:b0:3b:ca:7d:af:5f:b7:83:df:7b:82:fd:
6d:bf:38:4c:ca:3e:7f:0f:f8:15:69:72:8a:83:be:9e:b8:21:
a9:24:5b:75:6c:17:8f:b0:bb:73:bd:40:c1:26:0a:1a:2e:34:
6d:76:03:ec:18:37:55:31:48:eb:c1:ce:5f:19:1e:f5:d2:da:
ab:b5:f6:a4:7c:b9:f4:c2:86:43:8a:6c:60:3a:94:3f:74:bc:
53:58:c3:b5:8c:3c:eb:59:64:5f:3d:5e:10:39:39:be:c7:78:
eb:69:7b:26:0d:b0:7e:e8:b5:ed:6c:d3:be:a5:52:37:76:f6:
36:71:d3:40:70:3e:87:f3:60:b0:16:cb:00:3f:6e:9f:0e:d6:
68:ea:a5:27:ca:8a:68:e8:aa:33:7d:68:6b:b3:9c:d4:be:60:
ac:4b:9a:1f:b0:db:43:76:90:22:e6:8e:bc:7a:84:2a:6d:8c:
63:4e:f1:3e:fe:f0:d7:46:5f:87:f5:02:e0:37:d6:99:38:eb:
33:0a:36:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB0oX3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NGZjODg3Yzk3NzM5MzU3NWRlNjI1N2U3NWZhOTljZGUyMDM3YzZjMB4XDTIyMDEw
MTEyMDEyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBkZDFiMTQyNWVi
ODc1YmEzNjZlZmE0ZDg2YzAwZDFlNTRhNjFjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeXGBLtaWFeDd2DuQlSClPxePQWlSqK5whYP5BVfJEblXjq
Vf4hZptiAhE79ggfA8YD+43lY0gK412pVWyHlKFLIhAcUkBnmkfJydsygMMiliJ9
E0Ws5uLZWbIRNx63tnIeORQmKwWqBcQVOD/i/DFIDZJ4ZRG3u45zD0TcVoCqc4m/
W7djlym3nsG5BWVm5jYy0lEgk8VcKVc3yey91csyItIDUVZ6fiOLuoOdoO9vbcA5
f5PL6QVAMgI37wl5xZwSLDa7Mg02H+2PLzZUu5L24CsAFjob21tmY4YvSUHg/TRn
2BpkklHRWKFHJTPrhfAGiVMF3cArtibD2V6l2jUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRg3RsUJeuHW6Nm76TYbADR5UphwzAfBgNVHSMEGDAWgBRE/Ih8l3OTV13m
JX51+pnN4gN8bDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JQeUlmSmR6azFkZDVpVi1kZnFaemVJRGZHdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvZjA3YzY2LTQ3M2QtNDM1YS1iNjkzLWMzNjljMWQ0YzMzNy8x
L1lOMGJGQ1hyaDF1alp1LWsyR3dBMGVWS1ljTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
ZjA3YzY2LTQ3M2QtNDM1YS1iNjkzLWMzNjljMWQ0YzMzNy8xL1JQeUlmSmR6azFk
ZDVpVi1kZnFaemVJRGZHdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMErizANBAIAAjAHAwUDKg6ygDAN
BgkqhkiG9w0BAQsFAAOCAQEAkdFJE8hghM0tKwfAxbzb48jbFBTqmaSy8xplkuiV
hZOlcOXINgiFG41MQWDxvE1MgC9mTygKgFp6MOkIsDvKfa9ft4Pfe4L9bb84TMo+
fw/4FWlyioO+nrghqSRbdWwXj7C7c71AwSYKGi40bXYD7Bg3VTFI68HOXxke9dLa
q7X2pHy59MKGQ4psYDqUP3S8U1jDtYw861lkXz1eEDk5vsd462l7Jg2wfui17WzT
vqVSN3b2NnHTQHA+h/NgsBbLAD9unw7WaOqlJ8qKaOiqM31oa7Oc1L5grEuaH7Db
Q3aQIuaOvHqEKm2MY07xPv7w10Zfh/UC4DfWmTjrMwo2Dg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:30 2023 by rpki-client on console-ams.rpki-client.org