Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/yWyaOPmzWorJg3kleEX2WOz9TCI.roa
File: yWyaOPmzWorJg3kleEX2WOz9TCI.roa (raw, json)
Hash identifier: axL1l1OYgMiKRcIIFIO3KuRGUM530YeLQGC3Qr0zq2s=
Subject key identifier: C9:6C:9A:38:F9:B3:5A:8A:C9:83:79:25:78:45:F6:58:EC:FD:4C:22
Certificate issuer: /CN=da6099e7ff3a171bce3b6fe99ebb4d24cb85e461
Certificate serial: 01857070846E1580BC6275BE8D621EF7C1AC
Authority key identifier: DA:60:99:E7:FF:3A:17:1B:CE:3B:6F:E9:9E:BB:4D:24:CB:85:E4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2mCZ5_86FxvOO2_pnrtNJMuF5GE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/yWyaOPmzWorJg3kleEX2WOz9TCI.roa
Signing time: Mon 02 Jan 2023 03:05:00 +0000
ROA not before: Mon 02 Jan 2023 03:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8787
IP address blocks: 212.9.128.0/19 maxlen: 19
2a03:1f60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:84:6e:15:80:bc:62:75:be:8d:62:1e:f7:c1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da6099e7ff3a171bce3b6fe99ebb4d24cb85e461
Validity
Not Before: Jan 2 03:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c96c9a38f9b35a8ac98379257845f658ecfd4c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3f:db:7c:61:c8:92:3e:0f:03:36:a3:46:78:
24:65:d4:6f:de:69:6a:c6:95:86:0d:5e:9d:6c:dd:
b5:95:4b:f3:92:0e:67:c0:b4:98:93:1e:51:bf:cd:
df:d4:ad:0a:50:8c:c4:59:c2:cc:70:74:47:fb:21:
36:bd:02:d4:85:6c:69:e2:2d:37:c6:32:a3:e5:97:
d6:f0:8b:23:a8:f6:51:7b:4c:34:30:c3:96:b9:61:
b3:22:0c:01:ad:fd:b3:57:b5:fe:ef:0c:ff:0b:46:
99:4f:81:8b:10:8a:13:57:34:3c:31:45:79:4e:e5:
44:3b:d5:ee:5a:f2:03:33:57:33:eb:cd:0d:24:90:
9e:dd:33:50:9d:a1:e1:a3:4b:5d:25:63:3e:ee:73:
44:97:89:48:e0:7c:17:36:89:2d:10:f5:50:3f:bd:
b8:e7:44:79:9c:9e:92:c3:be:0b:14:4c:b3:74:c6:
5b:f3:00:7b:26:ee:af:77:86:c3:4c:9a:a2:ab:3a:
2e:30:93:69:14:4f:59:bb:45:d8:b1:ce:cb:ee:c4:
03:c7:94:49:b8:54:eb:ff:6e:85:56:49:b8:af:10:
c0:7c:13:71:3c:df:fe:3c:80:9a:19:d6:27:c3:e5:
f9:03:9e:9a:27:d1:ec:5d:58:fa:51:38:2c:a3:f1:
f6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:6C:9A:38:F9:B3:5A:8A:C9:83:79:25:78:45:F6:58:EC:FD:4C:22
X509v3 Authority Key Identifier:
keyid:DA:60:99:E7:FF:3A:17:1B:CE:3B:6F:E9:9E:BB:4D:24:CB:85:E4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2mCZ5_86FxvOO2_pnrtNJMuF5GE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/yWyaOPmzWorJg3kleEX2WOz9TCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/2mCZ5_86FxvOO2_pnrtNJMuF5GE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.9.128.0/19
IPv6:
2a03:1f60::/32
Signature Algorithm: sha256WithRSAEncryption
87:9e:d6:6d:05:05:ad:6d:5c:36:b6:ee:ed:36:b9:d8:09:42:
48:58:18:32:ad:e5:1a:1b:a9:c8:93:e7:66:4e:14:3e:0b:f1:
02:eb:10:9d:9a:41:82:cf:6e:9d:ed:58:55:e0:ea:81:61:48:
6b:cb:fb:75:54:a4:ff:5a:01:a2:aa:df:b3:87:2d:61:04:17:
07:6b:09:57:27:02:4c:77:ab:04:fe:4f:b2:dd:bb:28:6d:3a:
bf:0d:85:41:11:ba:08:2d:0b:fb:f3:8b:14:83:41:ef:56:9d:
7c:51:c4:6b:db:87:3c:e6:10:59:c0:02:b7:02:34:eb:89:d1:
0d:49:15:e0:1d:b8:8c:9d:82:37:b2:86:b5:a3:0f:86:da:6d:
60:a6:96:55:34:d2:6d:21:d3:d3:88:d0:3e:72:28:5f:b6:71:
c1:8e:21:82:20:7a:2b:8b:f8:89:ef:35:f9:65:8f:96:b1:51:
75:86:e8:19:6c:07:84:cc:39:7f:ec:1a:50:42:e8:4c:f7:b2:
89:3d:f4:fb:80:41:99:d8:f0:49:77:9f:2a:51:ca:18:16:60:
c9:fb:2f:53:16:07:30:79:39:53:25:35:1f:82:d6:0a:e1:d7:
82:07:12:02:27:fe:af:7c:9a:da:c0:7f:81:f0:41:bc:b6:bf:
e9:e0:19:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcIRuFYC8YnW+jWIe98GsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjA5OWU3ZmYzYTE3MWJjZTNiNmZlOTllYmI0ZDI0Y2I4
NWU0NjEwHhcNMjMwMTAyMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTZjOWEzOGY5YjM1YThhYzk4Mzc5MjU3ODQ1ZjY1OGVjZmQ0YzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj/bfGHIkj4PAzajRngkZdRv3mlq
xpWGDV6dbN21lUvzkg5nwLSYkx5Rv83f1K0KUIzEWcLMcHRH+yE2vQLUhWxp4i03
xjKj5ZfW8IsjqPZRe0w0MMOWuWGzIgwBrf2zV7X+7wz/C0aZT4GLEIoTVzQ8MUV5
TuVEO9XuWvIDM1cz680NJJCe3TNQnaHho0tdJWM+7nNEl4lI4HwXNoktEPVQP724
50R5nJ6Sw74LFEyzdMZb8wB7Ju6vd4bDTJqiqzouMJNpFE9Zu0XYsc7L7sQDx5RJ
uFTr/26FVkm4rxDAfBNxPN/+PICaGdYnw+X5A56aJ9HsXVj6UTgso/H2BQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlsmjj5s1qKyYN5JXhF9ljs/UwiMB8GA1UdIwQY
MBaAFNpgmef/Ohcbzjtv6Z67TSTLheRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1DWjVfODZGeHZPTzJfcG5ydE5KTXVGNUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YzM3NDEtY2Y4Yy00ZDVkLWJiOGUt
NDU5ODY4OWQ1NTFlLzEveVd5YU9QbXpXb3JKZzNrbGVFWDJXT3o5VENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82YzM3NDEtY2Y4Yy00ZDVkLWJiOGUtNDU5ODY4OWQ1NTFl
LzEvMm1DWjVfODZGeHZPTzJfcG5ydE5KTXVGNUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AmAMA0E
AgACMAcDBQAqAx9gMA0GCSqGSIb3DQEBCwUAA4IBAQCHntZtBQWtbVw2tu7tNrnY
CUJIWBgyreUaG6nIk+dmThQ+C/EC6xCdmkGCz26d7VhV4OqBYUhry/t1VKT/WgGi
qt+zhy1hBBcHawlXJwJMd6sE/k+y3bsobTq/DYVBEboILQv784sUg0HvVp18UcRr
24c85hBZwAK3AjTridENSRXgHbiMnYI3soa1ow+G2m1gppZVNNJtIdPTiNA+cihf
tnHBjiGCIHori/iJ7zX5ZY+WsVF1hugZbAeEzDl/7BpQQuhM97KJPfT7gEGZ2PBJ
d58qUcoYFmDJ+y9TFgcweTlTJTUfgtYK4deCBxICJ/6vfJrawH+B8EG8tr/p4Bnw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:38 2025 by rpki-client