Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/y86lu8xDrpCP-NIEsLVQKs3WSEg.roa
File: y86lu8xDrpCP-NIEsLVQKs3WSEg.roa (raw, json)
Hash identifier: 0kstiXfTQevQgvhp58rJTUnXi3EGQ020f1cky8Zv3/I=
Subject key identifier: CB:CE:A5:BB:CC:43:AE:90:8F:F8:D2:04:B0:B5:50:2A:CD:D6:48:48
Certificate issuer: /CN=6940258a1a68ae605c073fb583b13e1376b778a7
Certificate serial: 32A4834E
Authority key identifier: 69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/y86lu8xDrpCP-NIEsLVQKs3WSEg.roa
Signing time: Sat 01 Jan 2022 08:59:54 +0000
ROA not before: Sat 01 Jan 2022 08:59:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205028
IP address blocks: 2a00:5fa0:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 849642318 (0x32a4834e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6940258a1a68ae605c073fb583b13e1376b778a7
Validity
Not Before: Jan 1 08:59:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbcea5bbcc43ae908ff8d204b0b5502acdd64848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:35:fd:2f:22:75:87:ac:64:7f:27:64:17:
b4:dd:d8:af:57:ff:9b:c0:f0:d4:50:d7:c5:1e:23:
b0:25:fb:78:0e:e7:4d:3f:7b:ab:9e:8f:20:e2:10:
fb:21:82:b1:78:95:b7:51:22:b3:4c:9c:71:67:a3:
5a:7f:cf:e8:80:c1:77:7a:f1:e9:aa:02:6a:3e:71:
fd:43:fd:20:4a:77:cf:9f:da:c6:74:fa:e6:72:72:
51:5f:a8:34:8e:f8:3e:1a:f5:94:70:a4:35:f6:fe:
2d:7e:f3:b3:a9:83:5b:ac:84:f7:79:f7:4d:e8:76:
ef:16:17:54:4f:d7:ec:47:5f:8e:d6:33:23:c6:7b:
00:c1:12:65:d8:b2:30:a8:7b:67:00:3f:09:dd:4e:
ea:f8:e1:c4:2c:5f:80:6d:20:ca:d8:fa:11:89:3f:
60:bd:b5:1f:8e:39:69:14:d8:54:96:ee:fb:9e:d2:
93:30:eb:16:cd:c7:47:62:a1:3d:14:a9:c7:14:89:
7a:f8:75:b0:b6:0d:0e:55:c4:11:9b:1f:8d:28:33:
07:fc:96:b4:ac:25:d6:99:5c:26:a1:d6:47:2d:f2:
45:5e:e1:dd:7c:b1:8f:ae:f6:6f:53:7c:14:2b:05:
e1:68:d8:38:72:ce:d3:2c:6c:8e:30:95:c4:0f:7f:
2b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CE:A5:BB:CC:43:AE:90:8F:F8:D2:04:B0:B5:50:2A:CD:D6:48:48
X509v3 Authority Key Identifier:
keyid:69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/y86lu8xDrpCP-NIEsLVQKs3WSEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:5fa0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
e3:45:74:cb:d9:e4:29:4e:42:cf:09:bb:73:4c:52:b5:69:8f:
a7:ff:5d:ca:73:7a:c5:b2:e5:44:d9:43:a1:ac:8a:d9:fa:7c:
10:d4:6e:c9:28:85:c7:7a:63:94:7c:b0:8e:62:06:88:55:0c:
b4:2a:f0:f5:47:1d:ca:90:ff:0f:44:12:ec:72:3b:09:70:17:
1e:db:4c:20:5e:6c:71:29:a1:ba:52:50:b0:41:42:73:27:ef:
2c:25:70:df:bc:96:1b:1b:5a:41:0b:02:c7:23:de:f6:23:fd:
5c:66:ea:04:39:b1:7d:09:57:c6:41:d0:1e:85:57:65:26:3c:
99:7b:78:b0:a0:19:d8:15:ba:87:ca:3d:90:27:a2:1a:46:2d:
6e:11:71:dd:ce:1c:19:c8:fa:d6:b9:59:d7:92:a4:78:5d:21:
7e:91:c6:0e:df:5c:0d:27:1a:f1:f7:a6:1c:e7:7e:85:2b:f9:
e0:a0:e6:f8:98:61:04:03:f1:4f:94:57:79:a4:53:dc:a1:23:
24:27:e5:bc:a7:e9:b5:af:bc:1c:2b:58:46:d6:d2:5e:06:7c:
ed:84:b0:86:b7:6e:c7:fa:9a:2a:c9:6e:b5:19:37:19:31:4a:
2f:ce:7a:ef:8a:a6:54:d4:82:3b:e6:18:e9:27:1a:b6:93:d7:
35:3b:51:6e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEMqSDTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OTQwMjU4YTFhNjhhZTYwNWMwNzNmYjU4M2IxM2UxMzc2Yjc3OGE3MB4XDTIyMDEw
MTA4NTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JjZWE1YmJjYzQz
YWU5MDhmZjhkMjA0YjBiNTUwMmFjZGQ2NDg0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALAxNf0vInWHrGR/J2QXtN3Yr1f/m8Dw1FDXxR4jsCX7eA7n
TT97q56PIOIQ+yGCsXiVt1Eis0yccWejWn/P6IDBd3rx6aoCaj5x/UP9IEp3z5/a
xnT65nJyUV+oNI74Phr1lHCkNfb+LX7zs6mDW6yE93n3Teh27xYXVE/X7EdfjtYz
I8Z7AMESZdiyMKh7ZwA/Cd1O6vjhxCxfgG0gytj6EYk/YL21H445aRTYVJbu+57S
kzDrFs3HR2KhPRSpxxSJevh1sLYNDlXEEZsfjSgzB/yWtKwl1plcJqHWRy3yRV7h
3Xyxj672b1N8FCsF4WjYOHLO0yxsjjCVxA9/K5MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTLzqW7zEOukI/40gSwtVAqzdZISDAfBgNVHSMEGDAWgBRpQCWKGmiuYFwH
P7WDsT4Tdrd4pzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FVQWxpaHBvcm1CY0J6LTFnN0UtRTNhM2VLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMTQzNGNkLWEzZDYtNDQ4OC04ODg4LTc0OWU5ODBlYzBiNy8x
L3k4Nmx1OHhEcnBDUC1OSUVzTFZRS3MzV1NFZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MTQzNGNkLWEzZDYtNDQ4OC04ODg4LTc0OWU5ODBlYzBiNy8xL2FVQWxpaHBvcm1C
Y0J6LTFnN0UtRTNhM2VLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAX6AQADANBgkqhkiG9w0BAQsF
AAOCAQEA40V0y9nkKU5Czwm7c0xStWmPp/9dynN6xbLlRNlDoayK2fp8ENRuySiF
x3pjlHywjmIGiFUMtCrw9UcdypD/D0QS7HI7CXAXHttMIF5scSmhulJQsEFCcyfv
LCVw37yWGxtaQQsCxyPe9iP9XGbqBDmxfQlXxkHQHoVXZSY8mXt4sKAZ2BW6h8o9
kCeiGkYtbhFx3c4cGcj61rlZ15KkeF0hfpHGDt9cDSca8femHOd+hSv54KDm+Jhh
BAPxT5RXeaRT3KEjJCflvKfpta+8HCtYRtbSXgZ87YSwhrdux/qaKslutRk3GTFK
L85674qmVNSCO+YY6ScatpPXNTtRbg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:10 2025 by rpki-client