Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/Y3yEi47qSuLWaHQ1ZSgQbZEYknI.roa
File: Y3yEi47qSuLWaHQ1ZSgQbZEYknI.roa (raw, json)
Hash identifier: d8cXDQ2T4niGiPsoYQfthU47RtsJ8WnYluoLxzuc7iA=
Subject key identifier: 63:7C:84:8B:8E:EA:4A:E2:D6:68:74:35:65:28:10:6D:91:18:92:72
Certificate issuer: /CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Certificate serial: 06CCADE4
Authority key identifier: 3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/Y3yEi47qSuLWaHQ1ZSgQbZEYknI.roa
Signing time: Sat 01 Jan 2022 08:58:21 +0000
ROA not before: Sat 01 Jan 2022 08:58:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60236
IP address blocks: 2a0f:2a00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114077156 (0x6ccade4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Validity
Not Before: Jan 1 08:58:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=637c848b8eea4ae2d66874356528106d91189272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6f:e8:1b:2f:78:68:87:d9:bc:1e:60:d5:cb:
1c:6c:1f:4b:5f:be:44:88:4b:4c:0c:9a:34:10:69:
9b:1b:f6:e2:7f:4c:12:83:3f:ba:e3:16:c7:b5:32:
c2:d5:2c:95:b5:ed:88:6f:97:0c:eb:65:04:ca:09:
cb:6d:f0:c7:04:08:5f:46:7e:09:7a:a0:d1:e6:6b:
05:bc:1c:ea:11:38:5b:52:71:9a:8a:78:21:3a:1c:
97:30:91:6d:00:9b:ab:de:f0:90:17:3b:67:63:b5:
04:2b:83:ea:85:d8:32:90:e1:ea:2d:29:1f:87:f0:
af:84:c4:35:74:30:90:0b:47:7a:f4:f2:ca:1a:aa:
e4:ce:9b:7e:d1:d1:71:3f:cd:1e:dc:f7:2c:23:80:
b1:ea:6a:8a:3f:0a:83:7d:1a:f5:5a:ed:6e:9a:5f:
e7:7e:bd:b4:4c:df:85:bc:cd:11:8a:de:d5:92:aa:
9d:ab:75:a3:7f:5f:5e:ad:4d:4a:71:13:0c:19:39:
41:77:9e:d0:f9:78:8d:6f:f1:65:e0:e2:0d:c8:65:
47:34:e5:8f:39:02:40:29:ab:2c:d2:ea:75:c3:86:
cf:c8:4a:ee:90:1e:49:77:0e:c7:52:71:a5:d2:a8:
b9:64:72:84:49:8b:f5:99:ca:80:5c:bd:9b:a9:dd:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7C:84:8B:8E:EA:4A:E2:D6:68:74:35:65:28:10:6D:91:18:92:72
X509v3 Authority Key Identifier:
keyid:3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/Y3yEi47qSuLWaHQ1ZSgQbZEYknI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2a00::/48
Signature Algorithm: sha256WithRSAEncryption
9f:80:35:f0:d5:78:74:d1:14:1f:c8:10:2e:34:a6:04:0e:52:
45:8b:3b:c8:f6:0a:57:b6:3c:b9:e2:19:d9:1e:37:f4:da:5f:
92:9e:5c:82:7e:1b:6d:c7:9d:85:5f:91:1e:3c:9e:50:93:3f:
8e:87:9b:6b:18:65:b0:8a:19:62:eb:66:46:84:52:68:c6:86:
da:d1:72:84:1d:01:1c:d0:14:40:2d:6b:4f:fa:c7:a2:46:25:
27:11:75:e1:8c:ad:78:2d:1f:31:77:fa:8c:3d:4b:c0:21:ca:
23:db:d8:95:19:b9:9c:ba:7b:61:32:e3:0f:5d:8c:0f:b2:ba:
b3:4a:14:86:52:1f:7d:7e:99:a9:6b:d0:59:fe:69:ce:87:f0:
2c:e7:9c:9c:84:83:18:0d:1c:4a:88:9c:7f:ca:64:8f:ee:53:
27:fa:13:a2:c3:2d:40:f2:df:05:c9:f9:b6:6b:63:f3:b8:75:
92:e7:0b:bd:4e:92:dc:31:af:13:06:4c:49:ff:f2:31:d9:a9:
7b:b0:c3:ea:ab:07:17:0d:25:50:0c:6f:1d:ca:cb:c4:2a:c7:
5b:b0:1d:d4:f1:9e:e9:d9:f3:47:78:11:8d:14:06:28:0e:62:
1b:67:92:1d:eb:da:77:e8:d1:1b:1b:c2:08:34:0d:95:d4:10:
a8:27:f8:b1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBsyt5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZjJiNGZjZWE0YjcyMmYyYTZmNmM3MDVjNTU4OWVlMWFiYzYyMGFlMB4XDTIyMDEw
MTA4NTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM3Yzg0OGI4ZWVh
NGFlMmQ2Njg3NDM1NjUyODEwNmQ5MTE4OTI3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5v6BsveGiH2bweYNXLHGwfS1++RIhLTAyaNBBpmxv24n9M
EoM/uuMWx7UywtUslbXtiG+XDOtlBMoJy23wxwQIX0Z+CXqg0eZrBbwc6hE4W1Jx
mop4IToclzCRbQCbq97wkBc7Z2O1BCuD6oXYMpDh6i0pH4fwr4TENXQwkAtHevTy
yhqq5M6bftHRcT/NHtz3LCOAsepqij8Kg30a9Vrtbppf5369tEzfhbzNEYre1ZKq
nat1o39fXq1NSnETDBk5QXee0Pl4jW/xZeDiDchlRzTljzkCQCmrLNLqdcOGz8hK
7pAeSXcOx1JxpdKouWRyhEmL9ZnKgFy9m6ndWmkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRjfISLjupK4tZodDVlKBBtkRiScjAfBgNVHSMEGDAWgBQ/K0/OpLci8qb2
xwXFWJ7hq8YgrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B5dFB6cVMzSXZLbTlzY0Z4VmllNGF2R0lLNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvODViMjM3LWQwNDEtNDQ5Ny1hNzI5LTYyNTNhZDA4Zjg1OC8x
L1kzeUVpNDdxU3VMV2FIUTFaU2dRYlpFWWtuSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
ODViMjM3LWQwNDEtNDQ5Ny1hNzI5LTYyNTNhZDA4Zjg1OC8xL1B5dFB6cVMzSXZL
bTlzY0Z4VmllNGF2R0lLNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPKgAAADANBgkqhkiG9w0BAQsF
AAOCAQEAn4A18NV4dNEUH8gQLjSmBA5SRYs7yPYKV7Y8ueIZ2R439Npfkp5cgn4b
bcedhV+RHjyeUJM/joebaxhlsIoZYutmRoRSaMaG2tFyhB0BHNAUQC1rT/rHokYl
JxF14YyteC0fMXf6jD1LwCHKI9vYlRm5nLp7YTLjD12MD7K6s0oUhlIffX6ZqWvQ
Wf5pzofwLOecnISDGA0cSoicf8pkj+5TJ/oTosMtQPLfBcn5tmtj87h1kucLvU6S
3DGvEwZMSf/yMdmpe7DD6qsHFw0lUAxvHcrLxCrHW7Ad1PGe6dnzR3gRjRQGKA5i
G2eSHevad+jRGxvCCDQNldQQqCf4sQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:33 2024 by rpki-client on console-fra.rpki-client.org