Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/9e5259-3d31-402d-b390-4c8fae529936/1/Y0KTBDgYOy3lmuItik3SHFyj8hw.roa
File: Y0KTBDgYOy3lmuItik3SHFyj8hw.roa (raw, json)
Hash identifier: Pht36hhzJVa6py2/OW8Gf7an0rbVw1A2eOnvuVFbQsM=
Subject key identifier: 63:42:93:04:38:18:3B:2D:E5:9A:E2:2D:8A:4D:D2:1C:5C:A3:F2:1C
Certificate issuer: /CN=e89f228577fa91b2709e70b819ff469c4cc2ea91
Certificate serial: 07351E5E
Authority key identifier: E8:9F:22:85:77:FA:91:B2:70:9E:70:B8:19:FF:46:9C:4C:C2:EA:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6J8ihXf6kbJwnnC4Gf9GnEzC6pE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/9e5259-3d31-402d-b390-4c8fae529936/1/Y0KTBDgYOy3lmuItik3SHFyj8hw.roa
Signing time: Sat 01 Jan 2022 11:57:46 +0000
ROA not before: Sat 01 Jan 2022 11:57:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42321
IP address blocks: 194.0.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120921694 (0x7351e5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e89f228577fa91b2709e70b819ff469c4cc2ea91
Validity
Not Before: Jan 1 11:57:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6342930438183b2de59ae22d8a4dd21c5ca3f21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:69:00:cf:b6:d4:ba:1d:6d:fe:11:ba:87:87:
cc:88:30:49:15:25:31:ea:05:31:a5:b0:10:2c:14:
ab:02:5d:8d:f6:b2:5b:59:2f:77:b8:8c:8b:d2:a0:
c4:c3:3e:31:a3:cc:31:17:62:20:97:b7:96:45:bc:
57:17:af:94:97:96:bf:86:bd:03:b1:11:c2:20:6e:
bc:c7:af:10:00:35:5b:34:99:81:57:49:39:53:7f:
da:ae:ae:2c:24:3d:7c:0c:28:19:a3:38:80:01:00:
96:7f:fc:4b:41:58:84:20:c0:93:f9:94:1b:28:3c:
35:ae:ff:e8:64:83:d4:e2:36:00:86:af:f1:40:29:
7d:f0:f3:c9:03:66:95:5b:97:10:f4:c0:59:bb:12:
84:5e:e9:4d:ad:42:52:81:50:3c:07:f7:d8:39:dc:
c6:cc:cb:9f:c0:ca:f1:97:4a:d9:1e:8e:22:9e:60:
7e:d1:39:cc:69:e7:48:fb:67:25:dc:ea:a7:54:04:
e2:01:fa:f4:15:50:2d:7e:5a:e6:cc:7c:5b:70:59:
60:fe:0a:72:aa:87:aa:f3:04:c7:20:b9:b0:99:ad:
2c:66:d3:6c:75:3b:d3:b2:91:bd:bb:e6:ea:e0:c7:
a2:39:ba:19:4e:d1:f7:f2:5a:34:a0:61:92:e1:58:
c3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:42:93:04:38:18:3B:2D:E5:9A:E2:2D:8A:4D:D2:1C:5C:A3:F2:1C
X509v3 Authority Key Identifier:
keyid:E8:9F:22:85:77:FA:91:B2:70:9E:70:B8:19:FF:46:9C:4C:C2:EA:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6J8ihXf6kbJwnnC4Gf9GnEzC6pE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9e5259-3d31-402d-b390-4c8fae529936/1/Y0KTBDgYOy3lmuItik3SHFyj8hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9e5259-3d31-402d-b390-4c8fae529936/1/6J8ihXf6kbJwnnC4Gf9GnEzC6pE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:28:5c:c1:5e:5f:8b:36:c0:72:cc:00:c2:f8:f1:6f:a0:2e:
b1:c8:4a:3b:98:90:96:c0:1d:97:ae:11:c3:1e:3f:38:85:c3:
24:c2:a0:df:92:15:bb:94:49:dd:08:3a:51:ac:65:90:8b:a6:
5b:c1:e5:ed:33:74:d5:36:ef:38:70:b1:ba:80:e4:93:44:1d:
0e:6b:cc:f4:39:63:2c:d7:3e:b5:bd:70:96:5c:00:e5:e7:0d:
74:68:f9:1f:14:a0:f3:36:bb:6b:55:04:72:6e:28:7d:fe:fd:
35:f9:19:e5:07:86:e3:60:f0:06:ad:88:d7:e5:2f:b7:5c:ee:
d8:da:1c:e9:2b:73:7a:f2:7d:b6:e3:b0:ce:bc:13:f6:59:b6:
f2:a3:61:84:ad:37:f2:81:65:84:ec:10:33:21:e5:2f:2d:c6:
37:ba:50:65:e0:6f:d9:68:c1:c8:c0:98:32:84:2a:84:19:dc:
83:32:36:4a:65:56:dc:c8:10:c8:21:c4:13:6d:ef:5d:28:12:
5c:85:76:16:10:64:8a:04:59:7a:44:0e:99:cf:0b:af:b7:ca:
2c:05:d9:fe:6e:05:a9:5c:2c:a8:3a:4f:18:63:72:3f:05:a6:
60:16:71:34:2b:6d:8e:4b:4b:e3:95:ed:62:91:bd:92:de:16:
a1:cd:10:67
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBzUeXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODlmMjI4NTc3ZmE5MWIyNzA5ZTcwYjgxOWZmNDY5YzRjYzJlYTkxMB4XDTIyMDEw
MTExNTc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM0MjkzMDQzODE4
M2IyZGU1OWFlMjJkOGE0ZGQyMWM1Y2EzZjIxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlpAM+21Lodbf4RuoeHzIgwSRUlMeoFMaWwECwUqwJdjfay
W1kvd7iMi9KgxMM+MaPMMRdiIJe3lkW8VxevlJeWv4a9A7ERwiBuvMevEAA1WzSZ
gVdJOVN/2q6uLCQ9fAwoGaM4gAEAln/8S0FYhCDAk/mUGyg8Na7/6GSD1OI2AIav
8UApffDzyQNmlVuXEPTAWbsShF7pTa1CUoFQPAf32DncxszLn8DK8ZdK2R6OIp5g
ftE5zGnnSPtnJdzqp1QE4gH69BVQLX5a5sx8W3BZYP4KcqqHqvMExyC5sJmtLGbT
bHU707KRvbvm6uDHojm6GU7R9/JaNKBhkuFYwx0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRjQpMEOBg7LeWa4i2KTdIcXKPyHDAfBgNVHSMEGDAWgBTonyKFd/qRsnCe
cLgZ/0acTMLqkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZKOGloWGY2a2JKd25uQzRHZjlHbkV6QzZwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvOWU1MjU5LTNkMzEtNDAyZC1iMzkwLTRjOGZhZTUyOTkzNi8x
L1kwS1RCRGdZT3kzbG11SXRpazNTSEZ5ajhody5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
OWU1MjU5LTNkMzEtNDAyZC1iMzkwLTRjOGZhZTUyOTkzNi8xLzZKOGloWGY2a2JK
d25uQzRHZjlHbkV6QzZwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIAyjANBgkqhkiG9w0BAQsFAAOC
AQEAbShcwV5fizbAcswAwvjxb6AuschKO5iQlsAdl64Rwx4/OIXDJMKg35IVu5RJ
3Qg6UaxlkIumW8Hl7TN01TbvOHCxuoDkk0QdDmvM9DljLNc+tb1wllwA5ecNdGj5
HxSg8za7a1UEcm4off79NfkZ5QeG42DwBq2I1+Uvt1zu2Noc6StzevJ9tuOwzrwT
9lm28qNhhK038oFlhOwQMyHlLy3GN7pQZeBv2WjByMCYMoQqhBncgzI2SmVW3MgQ
yCHEE23vXSgSXIV2FhBkigRZekQOmc8Lr7fKLAXZ/m4FqVwsqDpPGGNyPwWmYBZx
NCttjktL45XtYpG9kt4Woc0QZw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:49 2023 by rpki-client on console.sobornost.net