Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/yyR_bm2tFETCOoTbXnAFeeitON0.roa
File: yyR_bm2tFETCOoTbXnAFeeitON0.roa (raw, json)
Hash identifier: zc9AebeibYNE5hrh/Z51f8xOiLrUGbG5oeYUypdYKDQ=
Subject key identifier: CB:24:7F:6E:6D:AD:14:44:C2:3A:84:DB:5E:70:05:79:E8:AD:38:DD
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 01855D3F157D2A9AE86F35F818129A0C91BD
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/yyR_bm2tFETCOoTbXnAFeeitON0.roa
Signing time: Thu 29 Dec 2022 09:38:13 +0000
ROA not before: Thu 29 Dec 2022 09:38:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212106
IP address blocks: 2a10:4646:60::/44 maxlen: 44
2a10:4646:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:3f:15:7d:2a:9a:e8:6f:35:f8:18:12:9a:0c:91:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Dec 29 09:38:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb247f6e6dad1444c23a84db5e700579e8ad38dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cf:77:1d:f4:6e:ef:97:44:ac:7e:98:12:be:
b3:93:5a:d8:fb:8b:f1:d4:47:e3:9f:69:bd:4d:4e:
cb:00:e9:82:9e:40:7b:54:88:cd:87:e7:bf:7d:ff:
4a:b5:44:01:d9:7e:e0:5f:7c:49:94:bd:8c:2b:04:
b6:df:fd:7b:28:d4:d2:d6:e5:93:96:8a:d5:6e:73:
73:64:9c:dd:ad:ca:90:f4:13:80:e6:b3:cc:aa:42:
8a:6e:f4:fd:1c:6b:33:e2:7b:b8:91:4b:2c:c2:bd:
00:9a:52:e0:0f:4f:84:b9:08:e9:fc:45:c7:25:46:
d3:13:9d:9c:bd:d7:b6:66:62:8f:8b:e9:57:be:c3:
04:66:9b:fa:fc:68:6d:fb:c2:8a:ce:66:cf:5c:61:
d9:f5:78:b8:a4:02:d2:88:57:f1:70:17:46:f2:59:
75:c4:55:fb:db:a2:16:5f:0e:43:ac:f6:c8:0a:9c:
6e:74:84:75:0d:fe:58:8c:11:7d:48:c4:0e:a9:52:
87:52:f5:b7:ef:26:91:23:b0:56:c9:a7:1c:19:82:
b4:02:8c:a5:a5:cd:ce:9b:4f:7f:83:9a:65:ad:d7:
87:61:09:be:30:6b:7a:cd:b9:4f:38:cd:93:45:35:
30:b5:a8:a5:43:20:ec:1e:99:ba:a9:c2:0b:45:7e:
6a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:24:7F:6E:6D:AD:14:44:C2:3A:84:DB:5E:70:05:79:E8:AD:38:DD
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/yyR_bm2tFETCOoTbXnAFeeitON0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:11::/48
2a10:4646:60::/44
Signature Algorithm: sha256WithRSAEncryption
6f:9e:16:d2:13:f4:1f:a4:df:8b:26:dc:d3:6b:01:5b:db:57:
d2:3b:42:de:59:a5:13:07:42:ab:1d:2d:9c:3a:eb:9e:05:9b:
31:84:5e:85:35:69:d5:69:fa:1a:fc:96:e2:6d:67:51:0e:b1:
7e:eb:c2:9b:fd:1b:6a:df:4d:1e:5c:df:4f:1b:9b:ec:5b:4c:
a8:4e:36:2d:3f:d1:bd:ca:99:1c:59:cc:64:28:b6:6a:55:32:
09:6c:3c:da:a7:72:41:fb:08:f8:b4:a6:84:a1:c7:00:6d:b5:
96:a2:61:b4:ee:2c:9c:79:4f:d9:ca:22:37:63:36:c5:fc:f3:
32:b3:be:5a:20:33:31:fc:0e:34:73:74:e0:6d:b8:f8:a8:99:
39:8f:01:ba:54:1f:05:1f:17:d6:35:86:1c:e6:21:22:2f:46:
ca:0e:82:7f:b3:dd:58:ed:af:a4:20:8b:34:4b:0f:66:8c:42:
4c:c4:56:ef:95:87:b6:d2:6b:a1:41:7f:80:e5:ee:49:83:38:
ee:f9:31:76:92:92:c7:ba:3a:3a:b9:85:09:c3:dc:a9:2c:7f:
87:fd:8f:7f:9a:a0:9c:43:90:14:6b:ce:2d:75:6e:c0:99:20:
6a:22:2d:8b:f5:66:02:9d:be:92:01:3e:29:63:06:2c:63:50:
19:43:1a:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVdPxV9KprobzX4GBKaDJG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjIxMjI5MDkzODEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjI0N2Y2ZTZkYWQxNDQ0YzIzYTg0ZGI1ZTcwMDU3OWU4YWQzOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr893HfRu75dErH6YEr6zk1rY+4vx
1Efjn2m9TU7LAOmCnkB7VIjNh+e/ff9KtUQB2X7gX3xJlL2MKwS23/17KNTS1uWT
lorVbnNzZJzdrcqQ9BOA5rPMqkKKbvT9HGsz4nu4kUsswr0AmlLgD0+EuQjp/EXH
JUbTE52cvde2ZmKPi+lXvsMEZpv6/Ght+8KKzmbPXGHZ9Xi4pALSiFfxcBdG8ll1
xFX726IWXw5DrPbICpxudIR1Df5YjBF9SMQOqVKHUvW37yaRI7BWyaccGYK0Aoyl
pc3Om09/g5plrdeHYQm+MGt6zblPOM2TRTUwtailQyDsHpm6qcILRX5q5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMskf25trRREwjqE215wBXnorTjdMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEveXlSX2JtMnRGRVRDT29UYlhuQUZlZWl0T04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhBGRgAR
AwcEKhBGRgBgMA0GCSqGSIb3DQEBCwUAA4IBAQBvnhbSE/QfpN+LJtzTawFb21fS
O0LeWaUTB0KrHS2cOuueBZsxhF6FNWnVafoa/JbibWdRDrF+68Kb/Rtq300eXN9P
G5vsW0yoTjYtP9G9ypkcWcxkKLZqVTIJbDzap3JB+wj4tKaEoccAbbWWomG07iyc
eU/ZyiI3YzbF/PMys75aIDMx/A40c3Tgbbj4qJk5jwG6VB8FHxfWNYYc5iEiL0bK
DoJ/s91Y7a+kIIs0Sw9mjEJMxFbvlYe20muhQX+A5e5Jgzju+TF2kpLHujo6uYUJ
w9ypLH+H/Y9/mqCcQ5AUa84tdW7AmSBqIi2L9WYCnb6SAT4pYwYsY1AZQxoU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-ams.rpki-client.org