Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/YYpB-POMq24GE8PToKYb_qfsIuQ.roa
File: YYpB-POMq24GE8PToKYb_qfsIuQ.roa (raw, json)
Hash identifier: Vxnz+EwssZ0XkhvCAPoqvuRm6GB40yPdoDtfIdsdWa0=
Subject key identifier: 61:8A:41:F8:F3:8C:AB:6E:06:13:C3:D3:A0:A6:1B:FE:A7:EC:22:E4
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 093F218A
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/YYpB-POMq24GE8PToKYb_qfsIuQ.roa
Signing time: Sat 01 Jan 2022 12:58:56 +0000
ROA not before: Sat 01 Jan 2022 12:58:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51035
IP address blocks: 2a02:2698:8800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155132298 (0x93f218a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=618a41f8f38cab6e0613c3d3a0a61bfea7ec22e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:33:6a:eb:08:a8:50:63:2d:a5:0a:78:bc:cb:
99:1f:d9:06:c8:14:9b:05:0b:7f:53:2d:09:f7:3a:
1a:52:c6:80:50:e6:1b:66:1f:42:7b:43:ca:d0:60:
38:76:1f:37:78:7d:ef:14:71:eb:25:d2:d2:0c:89:
83:e5:a2:b8:c4:61:fc:ba:54:bf:aa:9f:3b:98:01:
2d:d9:2d:7a:fb:d6:6b:7e:c7:dd:9b:fc:5c:d7:aa:
23:d0:77:35:99:a3:a3:4d:c3:ac:e1:b8:13:06:da:
28:d4:cd:b0:aa:39:0e:63:fb:60:9d:95:89:98:7a:
f9:b4:ed:fb:6d:36:a1:b2:a7:f5:c0:85:aa:22:c4:
9e:df:4c:01:0d:2f:85:79:cd:bd:c7:8f:83:47:6d:
d7:d0:4d:14:89:bc:18:99:a1:1f:ae:48:96:c1:96:
78:fd:a9:d1:93:28:08:ef:6a:ea:16:cc:48:c7:a0:
de:ba:45:3b:e8:34:d6:10:67:f9:22:d3:0c:a8:e3:
d0:5b:d9:64:b8:d2:50:ba:c0:7d:64:9e:53:20:6c:
1f:18:86:dd:29:0c:62:75:c5:f7:40:e7:3b:48:72:
c7:99:89:e9:93:8d:74:4c:b4:a5:da:6f:fa:cf:ea:
ab:c3:f5:33:5a:ad:2b:b4:ef:3d:b2:3e:98:c5:20:
a3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8A:41:F8:F3:8C:AB:6E:06:13:C3:D3:A0:A6:1B:FE:A7:EC:22:E4
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/YYpB-POMq24GE8PToKYb_qfsIuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8800::/38
Signature Algorithm: sha256WithRSAEncryption
c5:8c:b6:09:73:56:a9:c8:2a:f6:8f:37:02:94:2f:00:93:bd:
47:89:03:ba:ae:69:cf:76:c1:47:3d:b1:2e:db:05:ba:d8:fe:
88:06:fb:35:dd:d1:15:f4:a5:6f:66:c1:7e:13:28:8a:1e:13:
42:55:f5:e1:e1:2c:8e:13:ff:b2:91:8d:89:bd:92:96:2b:b3:
b8:f2:2d:3c:0c:ec:03:dd:31:36:9d:20:10:68:d8:64:44:bc:
76:11:6c:dc:34:2a:e1:01:29:65:8a:ab:ea:e6:15:3b:34:7e:
a4:cb:48:cc:df:34:b6:a1:68:18:46:cc:8f:b4:f5:79:d0:63:
69:80:9b:4a:8a:14:c2:ba:d7:f0:f6:8d:21:65:f2:98:91:da:
3e:2b:b8:15:0c:de:59:1d:fd:17:cd:d8:ef:fd:8b:a0:18:d1:
bd:31:ca:da:c8:5b:b4:8c:b9:1b:75:bc:61:09:c2:b9:5f:aa:
e5:c4:49:8c:a3:d5:4a:97:d0:ca:40:16:ce:72:c7:b9:17:c0:
13:2c:d9:04:19:da:fd:e4:62:15:09:a8:f7:64:c3:4f:4a:b4:
1e:54:99:84:3b:f2:6e:d1:23:df:78:73:4d:58:97:db:03:f1:
8b:34:69:a2:af:a3:4a:46:9b:92:e4:f3:05:8d:80:04:45:b1:
a7:30:f6:2e
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECT8hijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE4YTQxZjhmMzhj
YWI2ZTA2MTNjM2QzYTBhNjFiZmVhN2VjMjJlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEzausIqFBjLaUKeLzLmR/ZBsgUmwULf1MtCfc6GlLGgFDm
G2YfQntDytBgOHYfN3h97xRx6yXS0gyJg+WiuMRh/LpUv6qfO5gBLdktevvWa37H
3Zv8XNeqI9B3NZmjo03DrOG4EwbaKNTNsKo5DmP7YJ2ViZh6+bTt+202obKn9cCF
qiLEnt9MAQ0vhXnNvcePg0dt19BNFIm8GJmhH65IlsGWeP2p0ZMoCO9q6hbMSMeg
3rpFO+g01hBn+SLTDKjj0FvZZLjSULrAfWSeUyBsHxiG3SkMYnXF90DnO0hyx5mJ
6ZONdEy0pdpv+s/qq8P1M1qtK7TvPbI+mMUgo3kCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRhikH484yrbgYTw9Ogphv+p+wi5DAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L1lZcEItUE9NcTI0R0U4UFRvS1liX3Fmc0l1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJpiIMA0GCSqGSIb3DQEBCwUA
A4IBAQDFjLYJc1apyCr2jzcClC8Ak71HiQO6rmnPdsFHPbEu2wW62P6IBvs13dEV
9KVvZsF+EyiKHhNCVfXh4SyOE/+ykY2JvZKWK7O48i08DOwD3TE2nSAQaNhkRLx2
EWzcNCrhASlliqvq5hU7NH6ky0jM3zS2oWgYRsyPtPV50GNpgJtKihTCutfw9o0h
ZfKYkdo+K7gVDN5ZHf0Xzdjv/YugGNG9McrayFu0jLkbdbxhCcK5X6rlxEmMo9VK
l9DKQBbOcse5F8ATLNkEGdr95GIVCaj3ZMNPSrQeVJmEO/Ju0SPfeHNNWJfbA/GL
NGmir6NKRpuS5PMFjYAERbGnMPYu
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:57 2025 by rpki-client