Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/ycPrG9aBAp1zzATFpn7lZxhc7kE.roa
File: ycPrG9aBAp1zzATFpn7lZxhc7kE.roa (raw, json)
Hash identifier: N/kEdnf0Z6TS5VYy5rKnTMYSlVEassCEXaNS6gMzkiw=
Subject key identifier: C9:C3:EB:1B:D6:81:02:9D:73:CC:04:C5:A6:7E:E5:67:18:5C:EE:41
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 0183FE8FF860ADE0971F184E4D740A70DE58
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/ycPrG9aBAp1zzATFpn7lZxhc7kE.roa
Signing time: Sat 22 Oct 2022 07:19:51 +0000
ROA not before: Sat 22 Oct 2022 07:19:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4944
IP address blocks: 2a02:d2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:8f:f8:60:ad:e0:97:1f:18:4e:4d:74:0a:70:de:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Oct 22 07:19:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9c3eb1bd681029d73cc04c5a67ee567185cee41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:66:98:db:75:6c:10:10:90:ef:4d:76:c2:4e:
13:61:a6:96:15:f0:e8:fa:a9:7a:5e:91:f6:d5:11:
de:1f:02:cb:3b:e7:ae:83:6b:41:d5:3d:f5:2b:65:
e0:35:b9:8d:28:8a:3d:90:5b:ca:ae:c4:5e:78:d4:
65:3e:22:3c:84:ae:ea:55:92:3d:1f:78:3c:0d:49:
c9:c7:9b:e1:43:ef:32:9f:0c:db:27:72:2b:78:71:
91:10:31:eb:e0:5e:f2:59:e2:88:03:59:ce:24:9d:
4a:6e:11:1e:78:3a:e1:81:25:d5:05:20:2c:23:c5:
35:58:68:14:4b:10:3c:56:08:01:85:f1:b2:40:bc:
9a:42:97:6e:9f:02:eb:27:04:c4:97:51:de:31:f5:
4f:0a:f4:77:f9:cb:97:0c:88:11:aa:0d:31:6c:ee:
7d:a3:67:d5:7d:74:1d:b2:79:33:cd:07:f7:7b:05:
1c:c6:3e:af:45:1f:93:d9:bb:63:80:9d:02:f9:bc:
01:bd:f6:bb:94:60:c0:f4:0b:8e:99:3a:c7:5c:92:
78:32:81:87:03:77:4e:94:46:3a:a7:c8:b8:a6:84:
74:b8:65:56:62:0e:b8:c9:c0:b6:bd:c7:77:91:49:
6e:c8:20:84:c5:12:dd:83:0d:5c:2d:2e:5c:80:8a:
40:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C3:EB:1B:D6:81:02:9D:73:CC:04:C5:A6:7E:E5:67:18:5C:EE:41
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/ycPrG9aBAp1zzATFpn7lZxhc7kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:10:11:46:a0:8b:9a:21:2d:3a:58:b3:15:c3:08:27:76:1c:
07:09:a2:90:04:81:44:5a:0d:d7:1a:aa:9f:2c:9f:7b:8b:2e:
4f:7d:20:2a:9b:8c:fb:8e:61:6e:6b:35:2d:30:bd:3f:1f:f0:
fa:ff:7c:e6:6d:09:d8:ef:75:22:3e:a1:b8:1e:ce:ce:3c:e0:
18:93:c3:83:fb:5d:18:3d:c2:77:f5:da:ef:3e:4d:b1:ad:19:
97:24:ea:25:f6:47:cb:28:85:1f:e2:39:f4:e0:4a:9c:66:cb:
d9:87:59:0e:7b:a1:b4:4b:4e:4b:fe:93:5c:4a:c5:c8:e5:85:
5a:b3:e5:ee:45:61:48:45:74:ea:7d:07:c5:7a:be:d5:28:64:
98:77:d3:e3:12:4b:8d:61:30:aa:99:3e:98:1d:a0:ff:25:e5:
6c:5b:39:95:03:5c:d2:12:f5:80:a9:75:fe:da:8b:dd:3a:45:
d0:fa:c8:21:55:13:a5:0b:93:ee:07:0f:1a:29:eb:81:0d:e8:
75:bd:25:7d:f6:24:ab:60:97:0d:b5:f7:fd:48:fe:7d:69:a8:
79:d5:48:f5:c2:0b:f3:0d:88:2c:74:47:42:1d:98:f4:99:7a:
7d:cb:ce:66:07:38:da:9f:81:f9:8c:76:06:b6:0e:de:5a:fb:
97:6c:ac:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYP+j/hgreCXHxhOTXQKcN5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2FjY2VlZTM1ZmY4N2NkNjc4ZWY2YTkyMjYyY2VmY2U4
NDkyZGYwHhcNMjIxMDIyMDcxOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWMzZWIxYmQ2ODEwMjlkNzNjYzA0YzVhNjdlZTU2NzE4NWNlZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WaY23VsEBCQ7012wk4TYaaWFfDo
+ql6XpH21RHeHwLLO+eug2tB1T31K2XgNbmNKIo9kFvKrsReeNRlPiI8hK7qVZI9
H3g8DUnJx5vhQ+8ynwzbJ3IreHGREDHr4F7yWeKIA1nOJJ1KbhEeeDrhgSXVBSAs
I8U1WGgUSxA8VggBhfGyQLyaQpdunwLrJwTEl1HeMfVPCvR3+cuXDIgRqg0xbO59
o2fVfXQdsnkzzQf3ewUcxj6vRR+T2btjgJ0C+bwBvfa7lGDA9AuOmTrHXJJ4MoGH
A3dOlEY6p8i4poR0uGVWYg64ycC2vcd3kUluyCCExRLdgw1cLS5cgIpA9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMnD6xvWgQKdc8wExaZ+5WcYXO5BMB8GA1UdIwQY
MBaAFCTKzO7jX/h81njvapImLO/OhJLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAt
YTI5ZWIxMzllNzlkLzEveWNQckc5YUJBcDF6ekFURnBuN2xaeGhjN2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAtYTI5ZWIxMzllNzlk
LzEvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLSwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdhARRqCLmiEtOlizFcMIJ3YcBwmikASBRFoN1xqq
nyyfe4suT30gKpuM+45hbms1LTC9Px/w+v985m0J2O91Ij6huB7OzjzgGJPDg/td
GD3Cd/Xa7z5Nsa0ZlyTqJfZHyyiFH+I59OBKnGbL2YdZDnuhtEtOS/6TXErFyOWF
WrPl7kVhSEV06n0HxXq+1ShkmHfT4xJLjWEwqpk+mB2g/yXlbFs5lQNc0hL1gKl1
/tqL3TpF0PrIIVUTpQuT7gcPGinrgQ3odb0lffYkq2CXDbX3/Uj+fWmoedVI9cIL
8w2ILHRHQh2Y9Jl6fcvOZgc42p+B+Yx2BrYO3lr7l2ysBQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:24 2025 by rpki-client