Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/yXkyk1wDXGzUl6pEjDmN5AuikMM.roa
File: yXkyk1wDXGzUl6pEjDmN5AuikMM.roa (raw, json)
Hash identifier: 7Ut1F4lZY0K6Pehdnt+hEQlORQhZtxsmBrj9ebinZ+g=
Subject key identifier: C9:79:32:93:5C:03:5C:6C:D4:97:AA:44:8C:39:8D:E4:0B:A2:90:C3
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 09344DE6
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/yXkyk1wDXGzUl6pEjDmN5AuikMM.roa
Signing time: Sat 01 Jan 2022 12:58:49 +0000
ROA not before: Sat 01 Jan 2022 12:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41843
IP address blocks: 2a02:2698:5400::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154422758 (0x9344de6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c97932935c035c6cd497aa448c398de40ba290c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b9:35:bc:5f:9d:71:44:fe:14:03:a8:fb:87:
d7:be:c9:ee:bb:1d:c4:2e:21:9a:f0:1e:39:36:1f:
5f:0c:82:04:6c:29:a8:25:90:2c:6a:90:13:98:b4:
17:84:3d:6f:88:21:6f:73:ab:92:fc:4a:91:8f:01:
9b:9e:33:af:90:51:24:7e:73:4a:ba:99:4f:85:2d:
33:df:ce:14:90:9d:1b:6e:ce:ad:d9:da:6e:53:75:
ab:3a:39:61:f8:ab:21:e7:1b:75:a9:a8:ea:08:08:
b2:ad:c8:00:86:e1:6c:f3:27:94:b5:f0:ba:df:2d:
34:b3:ef:db:ff:02:75:63:dc:5d:67:63:b3:8e:e8:
82:cd:39:7a:93:65:f2:c5:74:59:02:9e:c5:a2:10:
e0:d2:72:46:21:12:d1:50:58:c4:6a:65:7c:ba:fc:
8e:b5:c1:f9:d2:ac:12:fd:9f:22:5e:95:d3:7a:cc:
73:23:a5:95:25:23:da:d7:01:21:f8:89:64:95:a0:
03:f2:e3:dd:ef:1f:54:a1:3c:80:8c:44:63:c4:6a:
50:35:e7:ef:f7:c9:17:24:03:92:4c:df:23:72:a6:
44:24:f0:87:29:11:c3:82:1b:e2:d1:8c:df:e4:0a:
2e:27:17:a2:4a:6c:0e:9a:71:28:96:2f:7b:07:2d:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:79:32:93:5C:03:5C:6C:D4:97:AA:44:8C:39:8D:E4:0B:A2:90:C3
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/yXkyk1wDXGzUl6pEjDmN5AuikMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5400::/38
Signature Algorithm: sha256WithRSAEncryption
55:d3:fb:55:e3:09:48:9a:b8:bb:73:ae:2d:70:58:fa:60:1c:
f3:ed:5a:ae:30:4b:3b:b5:7d:ea:14:cc:f3:b4:0a:01:54:6c:
ad:ee:d7:df:91:48:1f:a9:82:77:29:16:54:f4:99:93:64:1a:
9a:a8:5a:52:ac:eb:c5:ec:ee:1c:9d:8e:27:ff:b2:32:12:c7:
e8:f9:b0:ec:d9:4b:1d:cc:05:16:c0:88:a2:db:fc:c7:48:1a:
0a:dd:50:3c:18:fe:bd:1c:d4:54:e4:1e:aa:18:55:f8:0f:08:
55:82:33:79:87:35:9a:f1:0b:d8:b1:01:41:46:cd:c6:06:08:
e2:23:63:70:bd:b4:58:a9:77:c2:ca:8d:c2:04:ea:9a:e5:63:
b8:a2:e3:ef:d8:c7:95:e9:e7:18:4a:c2:0e:56:d0:56:f6:ce:
25:ad:0e:42:47:44:c5:56:08:29:94:87:51:55:4b:42:2e:c9:
50:54:a3:f0:38:00:74:92:fd:97:49:ea:d1:63:20:f8:05:c5:
63:34:6d:0c:b1:c4:a2:41:0e:1f:21:55:f7:22:4f:ef:65:52:
14:d2:87:9f:01:d0:d3:c6:6d:f0:bc:e2:1d:6d:dd:c4:6b:ce:
06:8d:38:ad:72:77:5f:71:30:0e:07:08:f5:ef:07:c1:b6:e5:
c5:10:00:b2
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECTRN5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk3OTMyOTM1YzAz
NWM2Y2Q0OTdhYTQ0OGMzOThkZTQwYmEyOTBjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKC5NbxfnXFE/hQDqPuH177J7rsdxC4hmvAeOTYfXwyCBGwp
qCWQLGqQE5i0F4Q9b4ghb3OrkvxKkY8Bm54zr5BRJH5zSrqZT4UtM9/OFJCdG27O
rdnablN1qzo5YfirIecbdamo6ggIsq3IAIbhbPMnlLXwut8tNLPv2/8CdWPcXWdj
s47ogs05epNl8sV0WQKexaIQ4NJyRiES0VBYxGplfLr8jrXB+dKsEv2fIl6V03rM
cyOllSUj2tcBIfiJZJWgA/Lj3e8fVKE8gIxEY8RqUDXn7/fJFyQDkkzfI3KmRCTw
hykRw4Ib4tGM3+QKLicXokpsDppxKJYvewctlrcCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTJeTKTXANcbNSXqkSMOY3kC6KQwzAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L3lYa3lrMXdEWEd6VWw2cEVqRG1ONUF1aWtNTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJphUMA0GCSqGSIb3DQEBCwUA
A4IBAQBV0/tV4wlImri7c64tcFj6YBzz7VquMEs7tX3qFMzztAoBVGyt7tffkUgf
qYJ3KRZU9JmTZBqaqFpSrOvF7O4cnY4n/7IyEsfo+bDs2UsdzAUWwIii2/zHSBoK
3VA8GP69HNRU5B6qGFX4DwhVgjN5hzWa8QvYsQFBRs3GBgjiI2NwvbRYqXfCyo3C
BOqa5WO4ouPv2MeV6ecYSsIOVtBW9s4lrQ5CR0TFVggplIdRVUtCLslQVKPwOAB0
kv2XSerRYyD4BcVjNG0MscSiQQ4fIVX3Ik/vZVIU0oefAdDTxm3wvOIdbd3Ea84G
jTitcndfcTAOBwj17wfBtuXFEACy
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:47 2025 by rpki-client