Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/yh0OPktlPmtIx0MyasAZk-uu8Mk.roa
File: yh0OPktlPmtIx0MyasAZk-uu8Mk.roa (raw, json)
Hash identifier: ZgNO8VZArvsjN0QupVmi2kCvUn5sHkLOckkuQYUVjnM=
Subject key identifier: CA:1D:0E:3E:4B:65:3E:6B:48:C7:43:32:6A:C0:19:93:EB:AE:F0:C9
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 0182C24AC33525852CF33F4742A88ED9C45D
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/yh0OPktlPmtIx0MyasAZk-uu8Mk.roa
Signing time: Sun 21 Aug 2022 21:24:15 +0000
ROA not before: Sun 21 Aug 2022 21:24:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203363
IP address blocks: 2a05:4140:700::/40 maxlen: 40
2a05:4140:800::/40 maxlen: 48
2a05:4140:600::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c2:4a:c3:35:25:85:2c:f3:3f:47:42:a8:8e:d9:c4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Aug 21 21:24:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca1d0e3e4b653e6b48c743326ac01993ebaef0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e2:bb:2b:35:52:85:9d:0f:3f:20:fe:08:99:
b8:cf:f4:34:c2:18:66:94:83:d2:22:1b:11:49:70:
3a:6b:ee:49:c4:87:7d:97:fb:89:fe:a1:e6:8c:5e:
7d:13:d3:5b:fa:30:34:c5:d4:f6:36:a3:4f:b7:d5:
79:77:b1:b8:50:69:f6:98:ef:43:f0:54:fd:a3:fc:
ff:24:fa:ad:11:02:fa:eb:7c:d2:c2:62:a0:8f:8f:
58:f3:5f:90:4a:5c:2f:85:b3:36:3c:12:5f:2d:3d:
80:ce:a0:7c:8b:ba:f7:71:5f:4c:d3:ca:38:8f:33:
5e:ef:91:e1:a7:85:9c:26:51:ac:67:7b:d9:fa:23:
70:e2:8d:a2:fb:82:9b:be:c6:63:00:c1:fd:ca:3e:
c4:39:bc:08:0d:b7:35:7d:80:dd:a1:bc:20:90:95:
79:2b:d4:98:c2:fc:ec:13:bd:8b:33:ce:80:a2:eb:
7d:ab:42:48:41:ba:c5:5d:86:4a:02:c2:3e:0f:9b:
77:c9:73:2a:93:b4:96:47:93:3f:79:87:1d:14:fd:
52:b8:f8:59:4f:f3:bd:57:22:e0:da:39:c5:d3:7b:
3d:7e:e9:83:eb:13:c3:0b:a5:db:9b:4f:67:7f:aa:
63:16:f9:81:a4:dc:53:4c:9e:7f:37:0f:d8:90:0b:
64:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1D:0E:3E:4B:65:3E:6B:48:C7:43:32:6A:C0:19:93:EB:AE:F0:C9
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/yh0OPktlPmtIx0MyasAZk-uu8Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:600::-2a05:4140:8ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:82:b4:8b:12:6c:42:73:73:3f:ac:c1:76:25:25:1d:7d:d8:
20:08:81:2c:4f:f4:c5:44:bc:e7:96:0b:01:b7:7b:d1:4e:3f:
06:fb:30:4e:3c:0b:86:6f:01:8b:c0:95:2d:fd:fc:ee:bc:7a:
74:92:a2:f2:ae:36:52:18:04:ae:00:0d:9c:f9:4b:4d:7a:8c:
1a:6c:44:59:9e:ef:65:c4:52:1b:e1:a5:4b:a4:dc:7b:ac:bb:
ea:da:58:04:c4:01:97:ac:ae:8a:f0:86:92:62:ed:d7:90:6d:
f9:d2:e3:50:5e:1d:98:d2:9d:0a:02:b9:b5:0e:f9:65:82:c4:
a3:fc:97:5a:fc:29:86:61:89:95:11:bc:3a:2f:a5:2b:23:4b:
b5:68:44:49:0d:33:01:17:d7:92:62:63:de:a6:07:47:64:33:
ac:95:da:26:37:58:83:22:33:64:b8:59:f7:2b:53:5b:f1:c3:
a6:cc:91:22:fd:f0:51:61:8f:06:2c:57:3c:3c:c5:9b:99:ba:
40:92:56:d5:51:19:84:ca:86:e1:19:e9:45:d4:74:7e:e4:4e:
48:db:4e:c3:fe:77:87:5e:72:c8:9d:9f:f7:d0:13:29:30:fe:
ff:c7:5d:71:f4:bb:ca:3f:ce:5a:a3:16:21:c9:27:bf:e1:4e:
f3:ba:17:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLCSsM1JYUs8z9HQqiO2cRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjIwODIxMjEyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFkMGUzZTRiNjUzZTZiNDhjNzQzMzI2YWMwMTk5M2ViYWVmMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuK7KzVShZ0PPyD+CJm4z/Q0whhm
lIPSIhsRSXA6a+5JxId9l/uJ/qHmjF59E9Nb+jA0xdT2NqNPt9V5d7G4UGn2mO9D
8FT9o/z/JPqtEQL663zSwmKgj49Y81+QSlwvhbM2PBJfLT2AzqB8i7r3cV9M08o4
jzNe75Hhp4WcJlGsZ3vZ+iNw4o2i+4KbvsZjAMH9yj7EObwIDbc1fYDdobwgkJV5
K9SYwvzsE72LM86Aout9q0JIQbrFXYZKAsI+D5t3yXMqk7SWR5M/eYcdFP1SuPhZ
T/O9VyLg2jnF03s9fumD6xPDC6Xbm09nf6pjFvmBpNxTTJ5/Nw/YkAtkuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFModDj5LZT5rSMdDMmrAGZPrrvDJMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEveWgwT1BrdGxQbXRJeDBNeWFzQVprLXV1OE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgEqBUFA
BgMGACoFQUAIMA0GCSqGSIb3DQEBCwUAA4IBAQAjgrSLEmxCc3M/rMF2JSUdfdgg
CIEsT/TFRLznlgsBt3vRTj8G+zBOPAuGbwGLwJUt/fzuvHp0kqLyrjZSGASuAA2c
+UtNeowabERZnu9lxFIb4aVLpNx7rLvq2lgExAGXrK6K8IaSYu3XkG350uNQXh2Y
0p0KArm1DvllgsSj/Jda/CmGYYmVEbw6L6UrI0u1aERJDTMBF9eSYmPepgdHZDOs
ldomN1iDIjNkuFn3K1Nb8cOmzJEi/fBRYY8GLFc8PMWbmbpAklbVURmEyobhGelF
1HR+5E5I207D/neHXnLInZ/30BMpMP7/x11x9LvKP85aoxYhySe/4U7zuhfK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:06 2023 by rpki-client on console-fra.rpki-client.org