Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/yg3HInxz79EfcPZ2250Z8-afiPc.roa
File: yg3HInxz79EfcPZ2250Z8-afiPc.roa (raw, json)
Hash identifier: FPTBULiwVOwW/M1w8oAu15ZTEcj9OsIYcuTV1/nY6wc=
Subject key identifier: CA:0D:C7:22:7C:73:EF:D1:1F:70:F6:76:DB:9D:19:F3:E6:9F:88:F7
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0184B14096D76159F01C301557330E6A47AC
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/yg3HInxz79EfcPZ2250Z8-afiPc.roa
Signing time: Sat 26 Nov 2022 00:05:10 +0000
ROA not before: Sat 26 Nov 2022 00:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21071
IP address blocks: 2a0b:b87:ff12::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b1:40:96:d7:61:59:f0:1c:30:15:57:33:0e:6a:47:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 26 00:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca0dc7227c73efd11f70f676db9d19f3e69f88f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e9:a7:d8:34:26:85:14:43:0e:01:83:c0:80:
83:e0:ac:f1:e5:97:80:a8:25:ae:40:48:b0:e0:4f:
80:06:6c:cd:57:0f:35:9e:5b:ea:35:4b:62:cf:7d:
67:08:ad:17:b2:ce:c2:47:2a:c3:64:9e:b5:7e:3d:
a9:83:db:74:34:b9:74:fb:10:44:6f:d7:25:ce:39:
9b:da:71:a6:2c:87:37:f8:31:a6:35:40:3c:27:d3:
c2:d5:6b:45:e5:72:6b:5c:96:49:a9:29:2e:91:16:
54:43:89:73:83:58:1f:5b:68:d5:3e:b0:e9:81:15:
78:d2:15:8f:b8:bc:f7:ed:50:fd:c9:5a:38:5d:bf:
29:0a:6b:d7:e7:14:68:dc:c4:fd:c7:a3:a4:52:2e:
51:07:19:1d:eb:e0:bc:33:25:f0:3c:c8:90:5c:18:
73:8e:f5:cc:5f:cb:49:14:f8:ca:2a:3d:22:27:ad:
8e:d2:56:e7:0c:29:26:e7:ec:31:1d:00:12:80:8b:
3a:9b:0f:d2:d5:40:50:39:cd:ce:0f:7a:12:ae:8c:
cd:c3:f9:ef:c5:4c:78:f4:f6:90:f1:f1:53:ff:22:
89:87:3b:67:d4:5c:fb:e6:55:b1:04:67:ab:15:4e:
07:88:e9:68:da:76:2a:07:f8:0e:5b:7f:6f:c6:e9:
77:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0D:C7:22:7C:73:EF:D1:1F:70:F6:76:DB:9D:19:F3:E6:9F:88:F7
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/yg3HInxz79EfcPZ2250Z8-afiPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff12::/48
Signature Algorithm: sha256WithRSAEncryption
aa:3d:16:ac:f3:ba:01:a0:5f:7a:26:0e:c4:60:ac:cc:c4:e4:
74:36:8e:4f:19:02:a9:b2:dc:b5:ad:1d:14:3b:e0:7c:21:1b:
2f:11:28:6e:1c:49:e0:71:44:b4:b0:e7:eb:c6:ac:75:2f:42:
f1:fa:82:d0:53:f8:ab:1d:d9:0b:86:35:f5:e6:81:ee:c0:1d:
6c:12:5b:90:f2:75:1c:a5:3e:11:55:f7:43:2a:79:14:c6:bf:
9d:21:2e:48:ec:6c:01:6f:40:ab:5f:24:d1:27:b1:ae:f0:69:
2f:68:a1:1d:dc:b8:18:3f:02:e1:6d:85:56:a5:53:cb:b5:79:
c1:1b:28:73:0a:eb:98:fe:64:72:03:02:c1:de:05:a2:5e:62:
94:bc:25:2d:d0:54:b8:44:22:36:04:cc:9b:a7:1c:79:b9:d4:
62:73:40:f3:b6:02:e8:f9:c9:ef:c1:9e:16:ee:bc:d9:18:c5:
6c:e3:4c:9a:06:b8:f6:fa:05:15:dd:3c:23:ab:29:33:f3:b2:
5c:6a:ef:93:b0:53:78:f4:56:ba:df:a7:42:27:0b:b7:33:26:
76:70:ec:b9:69:08:87:78:78:17:51:6b:d7:0c:b1:d4:b3:30:
18:a1:f9:f7:60:17:85:65:54:df:3d:a4:54:0a:b4:63:1f:e6:
e6:b5:50:60
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYSxQJbXYVnwHDAVVzMOakesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMTI2MDAwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBkYzcyMjdjNzNlZmQxMWY3MGY2NzZkYjlkMTlmM2U2OWY4OGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+mn2DQmhRRDDgGDwICD4Kzx5ZeA
qCWuQEiw4E+ABmzNVw81nlvqNUtiz31nCK0Xss7CRyrDZJ61fj2pg9t0NLl0+xBE
b9clzjmb2nGmLIc3+DGmNUA8J9PC1WtF5XJrXJZJqSkukRZUQ4lzg1gfW2jVPrDp
gRV40hWPuLz37VD9yVo4Xb8pCmvX5xRo3MT9x6OkUi5RBxkd6+C8MyXwPMiQXBhz
jvXMX8tJFPjKKj0iJ62O0lbnDCkm5+wxHQASgIs6mw/S1UBQOc3OD3oSrozNw/nv
xUx49PaQ8fFT/yKJhztn1Fz75lWxBGerFU4HiOlo2nYqB/gOW39vxul3mQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMoNxyJ8c+/RH3D2dtudGfPmn4j3MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEveWczSElueHo3OUVmY1BaMjI1MFo4LWFmaVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/8S
MA0GCSqGSIb3DQEBCwUAA4IBAQCqPRas87oBoF96Jg7EYKzMxOR0No5PGQKpsty1
rR0UO+B8IRsvEShuHEngcUS0sOfrxqx1L0Lx+oLQU/irHdkLhjX15oHuwB1sEluQ
8nUcpT4RVfdDKnkUxr+dIS5I7GwBb0CrXyTRJ7Gu8GkvaKEd3LgYPwLhbYVWpVPL
tXnBGyhzCuuY/mRyAwLB3gWiXmKUvCUt0FS4RCI2BMybpxx5udRic0DztgLo+cnv
wZ4W7rzZGMVs40yaBrj2+gUV3Twjqykz87Jcau+TsFN49Fa636dCJwu3MyZ2cOy5
aQiHeHgXUWvXDLHUszAYofn3YBeFZVTfPaRUCrRjH+bmtVBg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org