Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YKzf3gg8L4uwM1i4QZ2YQ1YtM4k.roa
File: YKzf3gg8L4uwM1i4QZ2YQ1YtM4k.roa (raw, json)
Hash identifier: szf9aAr2kuVIANWGu8KOhDDcUKqmCoreDTrwhONW1vs=
Subject key identifier: 60:AC:DF:DE:08:3C:2F:8B:B0:33:58:B8:41:9D:98:43:56:2D:33:89
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 09672AB8
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YKzf3gg8L4uwM1i4QZ2YQ1YtM4k.roa
Signing time: Fri 04 Mar 2022 10:01:55 +0000
ROA not before: Fri 04 Mar 2022 10:01:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208223
IP address blocks: 2a0e:8f02:f03d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157756088 (0x9672ab8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Mar 4 10:01:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60acdfde083c2f8bb03358b8419d9843562d3389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4b:89:de:92:65:93:34:33:4e:2d:c3:d2:67:
f6:0b:32:48:c1:31:96:da:84:d1:f4:21:c7:2b:c7:
32:69:40:c2:fb:a8:85:5e:6c:7d:a4:49:21:ec:0d:
e8:1a:bc:24:a1:c7:9b:06:cc:5d:9b:ab:13:0f:22:
23:3f:b6:ea:e8:e0:d3:27:f1:34:d7:e3:cf:aa:63:
9e:b3:f5:eb:88:5e:5a:4e:32:c4:1e:eb:a0:47:8b:
70:88:88:e1:8c:01:a8:51:82:bf:c1:02:e1:3e:50:
30:21:b2:00:74:82:6c:bb:56:c4:9a:10:81:05:0f:
34:7a:47:f8:32:bd:ff:34:7c:8f:a6:2d:a1:88:0b:
28:73:91:4f:77:93:7b:7e:ff:01:e8:20:a7:a1:e8:
8e:43:b1:aa:0d:3a:34:57:f7:34:f1:c3:c1:77:54:
ae:61:62:86:c5:f5:52:0a:fd:e1:60:3d:84:09:0d:
5d:73:1f:21:2b:ad:85:dd:0b:01:0f:cd:74:10:11:
07:f3:3f:da:5f:a0:f7:89:44:f4:9b:bf:41:5e:e4:
aa:ce:44:6a:aa:cf:90:cb:b8:80:e3:4e:f6:98:0f:
2d:7e:3c:18:6e:7d:ba:45:94:a9:69:b8:41:13:95:
cd:d3:dd:77:a5:7f:f9:35:ca:9e:fe:3d:5a:e8:05:
bc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AC:DF:DE:08:3C:2F:8B:B0:33:58:B8:41:9D:98:43:56:2D:33:89
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YKzf3gg8L4uwM1i4QZ2YQ1YtM4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f03d::/48
Signature Algorithm: sha256WithRSAEncryption
0d:e8:f2:42:11:a1:83:e7:77:70:97:f6:89:af:a6:e7:c8:9e:
a4:38:e6:c5:93:3e:8f:1c:24:2b:7e:2d:3e:40:4e:d6:07:3e:
9f:1e:79:25:35:af:75:f8:17:6d:da:34:29:6d:c8:79:78:b1:
6b:fb:d4:3b:2f:1e:ee:90:a1:10:33:af:67:29:fd:d9:1d:79:
d2:b5:2a:4f:93:d8:45:5d:a8:ac:a2:a1:2c:44:14:ab:9a:35:
32:df:f2:5c:de:80:2f:0a:8c:12:64:82:84:9b:59:a1:05:30:
da:ad:17:61:09:47:d1:b2:26:71:95:a5:b5:b9:e6:91:63:47:
c0:ec:bc:fb:e5:a4:b6:5e:6a:e6:b3:45:10:38:c5:6c:a1:1c:
01:0e:c1:06:93:f3:b8:78:d2:a7:a9:91:37:1c:5b:0d:d5:2d:
97:5c:47:40:2a:d0:66:85:f6:81:7d:fd:92:f7:dc:c1:74:76:
ab:5a:81:f4:a4:f7:07:c0:b1:46:29:f2:1b:39:a2:70:0f:1c:
ca:83:e6:de:7b:f4:0d:b8:99:b3:86:e1:f4:77:08:f4:19:47:
0a:a4:fd:ad:d9:dd:9a:05:3f:8f:e8:07:73:66:18:45:3f:ca:
b4:fd:71:d9:2c:9f:21:c4:05:13:5a:92:c6:19:9e:4e:43:de:
23:af:fa:87
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECWcquDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDMw
NDEwMDE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBhY2RmZGUwODNj
MmY4YmIwMzM1OGI4NDE5ZDk4NDM1NjJkMzM4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJLid6SZZM0M04tw9Jn9gsySMExltqE0fQhxyvHMmlAwvuo
hV5sfaRJIewN6Bq8JKHHmwbMXZurEw8iIz+26ujg0yfxNNfjz6pjnrP164heWk4y
xB7roEeLcIiI4YwBqFGCv8EC4T5QMCGyAHSCbLtWxJoQgQUPNHpH+DK9/zR8j6Yt
oYgLKHORT3eTe37/Aeggp6HojkOxqg06NFf3NPHDwXdUrmFihsX1Ugr94WA9hAkN
XXMfISuthd0LAQ/NdBARB/M/2l+g94lE9Ju/QV7kqs5EaqrPkMu4gONO9pgPLX48
GG59ukWUqWm4QROVzdPdd6V/+TXKnv49WugFvHUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRgrN/eCDwvi7AzWLhBnZhDVi0ziTAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L1lLemYzZ2c4TDR1d00xaTRRWjJZUTFZdE00ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwPTANBgkqhkiG9w0BAQsF
AAOCAQEADejyQhGhg+d3cJf2ia+m58iepDjmxZM+jxwkK34tPkBO1gc+nx55JTWv
dfgXbdo0KW3IeXixa/vUOy8e7pChEDOvZyn92R150rUqT5PYRV2orKKhLEQUq5o1
Mt/yXN6ALwqMEmSChJtZoQUw2q0XYQlH0bImcZWltbnmkWNHwOy8++Wktl5q5rNF
EDjFbKEcAQ7BBpPzuHjSp6mRNxxbDdUtl1xHQCrQZoX2gX39kvfcwXR2q1qB9KT3
B8CxRinyGzmicA8cyoPm3nv0DbiZs4bh9HcI9BlHCqT9rdndmgU/j+gHc2YYRT/K
tP1x2SyfIcQFE1qSxhmeTkPeI6/6hw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org