Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ytNpglup6mLIfbiTdykxc_eajd4.roa
File: ytNpglup6mLIfbiTdykxc_eajd4.roa (raw, json)
Hash identifier: aEOgEuoC4y8o9wvCj6hImLA6JXH21KPblBffQ/SyWp0=
Subject key identifier: CA:D3:69:82:5B:A9:EA:62:C8:7D:B8:93:77:29:31:73:F7:9A:8D:DE
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0C1CE9EF
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ytNpglup6mLIfbiTdykxc_eajd4.roa
Signing time: Wed 19 Jan 2022 14:45:30 +0000
ROA not before: Wed 19 Jan 2022 14:45:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212704
IP address blocks: 2a0c:9a40:8070::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203221487 (0xc1ce9ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 19 14:45:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cad369825ba9ea62c87db89377293173f79a8dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5d:e6:1e:4f:a2:78:bd:0d:5e:6c:92:97:73:
27:76:39:1f:6f:67:cf:d4:83:22:2c:6b:e9:b6:40:
a2:93:21:d4:b6:53:d8:bb:d0:7f:3c:74:b9:72:b2:
31:e1:dd:78:9e:e7:38:5b:f1:0b:da:42:33:cf:cb:
fa:4b:42:ff:f7:ff:66:b3:45:03:cd:43:6d:27:5d:
24:ac:f1:8b:d3:d2:78:21:36:a6:8e:bb:8c:c3:e1:
ca:bd:a4:35:67:1c:e0:e4:ae:60:7e:de:3e:e1:a9:
65:37:22:e1:5d:ad:4b:42:a9:c1:61:12:20:ab:fe:
0c:b7:87:bf:0f:75:b9:40:4b:77:e6:9c:ae:d9:17:
51:d7:c7:0c:e4:32:f3:59:4f:c0:7b:cb:3a:84:1e:
5b:1e:6c:61:0d:2d:de:d6:0c:6f:b2:76:5e:cc:3f:
6f:06:39:bd:b7:85:c8:e9:0d:5a:5e:3d:51:5d:10:
95:3a:ad:ad:14:a7:a0:60:d1:28:bd:0e:75:95:25:
56:05:81:ea:a0:84:83:ed:49:85:92:02:3a:f6:d7:
20:9d:42:94:36:0d:67:0f:79:2f:e4:cc:c7:6e:61:
da:bf:e4:5a:7c:5a:20:ed:28:e0:2d:5f:f5:f9:b0:
f3:46:b4:cc:87:c3:d5:88:e7:70:1e:59:27:99:79:
70:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D3:69:82:5B:A9:EA:62:C8:7D:B8:93:77:29:31:73:F7:9A:8D:DE
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ytNpglup6mLIfbiTdykxc_eajd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8070::/44
Signature Algorithm: sha256WithRSAEncryption
43:a4:c4:73:ce:92:7f:1a:a1:10:bf:a6:ac:e6:40:f5:1f:1c:
e4:d6:65:ff:53:bf:f5:87:9d:51:5f:e0:8e:6c:1d:38:93:74:
b9:84:12:c5:69:6b:15:e7:63:1f:c6:3c:c3:84:34:e6:0f:91:
a5:15:4a:63:f3:d3:a4:3a:8f:47:a0:b7:ba:0f:6c:bf:3d:45:
bc:30:ac:ad:3f:92:44:4f:2e:f1:e2:f6:fb:e9:8a:5c:d7:22:
4d:00:d2:d5:11:3f:9a:09:16:98:56:c6:54:65:90:3f:a1:24:
18:2d:e7:98:e3:83:7b:0f:79:83:01:87:e4:d7:5a:2d:2c:0e:
16:de:07:62:7a:a0:e0:c2:65:29:83:00:e8:1e:6a:1c:7d:ba:
14:8e:2f:a4:f4:20:0e:3d:fe:a5:15:28:d7:3b:f5:d3:1d:cc:
45:98:2d:aa:84:c6:92:bb:26:df:9c:19:68:4f:d1:56:78:e8:
61:f4:7c:15:a7:f8:03:00:dd:55:17:24:75:b3:d6:b8:32:4a:
a0:f2:28:28:88:e7:5e:04:0b:9f:87:3c:d3:dc:5d:74:8f:9c:
87:9b:9f:90:b9:b0:9a:7a:af:f0:01:07:03:fe:48:e9:99:23:
d7:9d:d7:e4:34:1b:20:6d:34:93:c1:dd:de:2c:1f:0c:89:47:
e4:62:7e:4a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDBzp7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDEx
OTE0NDUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FkMzY5ODI1YmE5
ZWE2MmM4N2RiODkzNzcyOTMxNzNmNzlhOGRkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVd5h5Poni9DV5skpdzJ3Y5H29nz9SDIixr6bZAopMh1LZT
2LvQfzx0uXKyMeHdeJ7nOFvxC9pCM8/L+ktC//f/ZrNFA81DbSddJKzxi9PSeCE2
po67jMPhyr2kNWcc4OSuYH7ePuGpZTci4V2tS0KpwWESIKv+DLeHvw91uUBLd+ac
rtkXUdfHDOQy81lPwHvLOoQeWx5sYQ0t3tYMb7J2Xsw/bwY5vbeFyOkNWl49UV0Q
lTqtrRSnoGDRKL0OdZUlVgWB6qCEg+1JhZICOvbXIJ1ClDYNZw95L+TMx25h2r/k
WnxaIO0o4C1f9fmw80a0zIfD1YjncB5ZJ5l5cCcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTK02mCW6nqYsh9uJN3KTFz95qN3jAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
L3l0TnBnbHVwNm1MSWZiaVRkeWt4Y19lYWpkNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMmkCAcDANBgkqhkiG9w0BAQsF
AAOCAQEAQ6TEc86SfxqhEL+mrOZA9R8c5NZl/1O/9YedUV/gjmwdOJN0uYQSxWlr
FedjH8Y8w4Q05g+RpRVKY/PTpDqPR6C3ug9svz1FvDCsrT+SRE8u8eL2++mKXNci
TQDS1RE/mgkWmFbGVGWQP6EkGC3nmOODew95gwGH5NdaLSwOFt4HYnqg4MJlKYMA
6B5qHH26FI4vpPQgDj3+pRUo1zv10x3MRZgtqoTGkrsm35wZaE/RVnjoYfR8Faf4
AwDdVRckdbPWuDJKoPIoKIjnXgQLn4c809xddI+ch5ufkLmwmnqv8AEHA/5I6Zkj
153X5DQbIG00k8Hd3iwfDIlH5GJ+Sg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:28 2023 by rpki-client on console-ams.rpki-client.org