Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/YPa9JxiizMRo44j80qnQqHwVDHw.roa
File: YPa9JxiizMRo44j80qnQqHwVDHw.roa (raw, json)
Hash identifier: H42YLMQQD/gvUCwdCc34mwBoawJwzEhSY0zrUfqo9Lo=
Subject key identifier: 60:F6:BD:27:18:A2:CC:C4:68:E3:88:FC:D2:A9:D0:A8:7C:15:0C:7C
Certificate issuer: /CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Certificate serial: 01856D41AE8706266FC750A098A157A8FF82
Authority key identifier: 9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/YPa9JxiizMRo44j80qnQqHwVDHw.roa
Signing time: Sun 01 Jan 2023 12:14:59 +0000
ROA not before: Sun 01 Jan 2023 12:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208882
IP address blocks: 2a0d:ff40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:ae:87:06:26:6f:c7:50:a0:98:a1:57:a8:ff:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Validity
Not Before: Jan 1 12:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60f6bd2718a2ccc468e388fcd2a9d0a87c150c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1e:a4:26:9a:65:fa:50:44:24:9c:6b:ab:3e:
bb:49:34:1d:63:53:69:11:99:ef:69:bd:1f:ed:5b:
f9:c8:e3:e4:33:1d:31:a6:4f:48:30:ad:4b:ed:6e:
89:a6:16:be:d9:c7:3b:cd:9a:30:82:49:ca:20:0d:
a0:ef:42:d3:f5:a9:74:5e:3b:96:2b:ea:ae:bc:35:
99:25:48:fb:0f:c5:24:63:b4:09:a1:35:ff:1b:b0:
3b:f3:05:04:c7:4f:2e:9d:36:fc:1b:ef:b7:e5:48:
e8:b1:0c:e6:70:aa:f0:33:55:a2:00:bc:82:cd:67:
32:45:0f:fc:a1:93:c8:1c:1a:d7:23:2f:33:ce:9c:
30:84:35:bc:58:05:2e:a5:24:56:4d:f4:c4:99:ac:
e5:87:66:86:a0:58:bc:29:3a:a9:47:aa:0e:4f:68:
e6:53:b3:50:75:af:fa:5c:86:a1:73:43:44:95:6e:
42:5e:88:90:5b:33:76:e0:3d:1c:ea:e1:ee:3b:5f:
f7:8a:67:66:d7:44:4e:8b:8a:6c:95:7e:e0:19:d9:
eb:d1:82:26:9a:7d:67:b3:e0:f8:fa:5d:01:2a:39:
f2:41:04:05:89:b1:23:25:65:d6:de:de:ba:6b:17:
6e:92:58:2e:f8:a8:ab:30:7f:d2:06:73:11:12:70:
fa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F6:BD:27:18:A2:CC:C4:68:E3:88:FC:D2:A9:D0:A8:7C:15:0C:7C
X509v3 Authority Key Identifier:
keyid:9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/YPa9JxiizMRo44j80qnQqHwVDHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
32:0c:84:c1:33:fe:98:60:6c:03:78:51:c5:bd:37:ae:30:68:
c1:0f:92:8f:0d:64:a8:ca:2b:6f:9d:3d:7c:55:82:c6:8b:42:
54:35:df:b7:50:be:02:fd:4a:ed:11:0c:83:6f:7c:10:4c:06:
65:dc:9e:4f:9b:57:b3:9f:87:40:eb:2f:7a:77:45:80:33:25:
7e:49:1b:ed:17:40:21:2e:78:a4:ed:be:7d:16:59:f4:3f:8c:
80:1e:fd:08:c0:0f:0e:c6:da:f8:36:57:f3:68:3f:af:d8:06:
e1:4c:d6:0a:80:32:b6:8b:47:c6:e4:e3:a3:e9:fd:7a:3b:42:
46:a9:61:e5:e5:34:d3:a7:28:aa:5e:2e:4f:7a:b9:16:a4:c7:
08:b8:bd:0f:56:0f:57:8b:29:34:67:e4:9b:5d:5a:de:f9:0e:
b0:ea:5b:7f:0d:35:50:96:80:4d:d5:7b:ca:49:f7:e0:87:34:
89:78:37:0f:f4:31:7c:10:ae:7e:53:a0:45:3f:12:f5:ee:8b:
a4:26:b4:be:88:15:d7:3b:cd:8c:18:74:23:e8:4e:57:db:2f:
12:dc:36:9d:a1:4e:e7:24:b4:9a:82:b9:1b:c2:04:5f:d8:e1:
ec:dd:9b:8f:2e:5c:18:a1:4a:91:a3:df:aa:68:c2:70:d0:f7:
9e:8e:05:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtQa6HBiZvx1CgmKFXqP+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTU2NzY3MjAxYzUwZjZiMmE5NTVkYjZhMWU2ZTAxMWRm
YTVkNDQwHhcNMjMwMTAxMTIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY2YmQyNzE4YTJjY2M0NjhlMzg4ZmNkMmE5ZDBhODdjMTUwYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlB6kJppl+lBEJJxrqz67STQdY1Np
EZnvab0f7Vv5yOPkMx0xpk9IMK1L7W6Jpha+2cc7zZowgknKIA2g70LT9al0XjuW
K+quvDWZJUj7D8UkY7QJoTX/G7A78wUEx08unTb8G++35UjosQzmcKrwM1WiALyC
zWcyRQ/8oZPIHBrXIy8zzpwwhDW8WAUupSRWTfTEmazlh2aGoFi8KTqpR6oOT2jm
U7NQda/6XIahc0NElW5CXoiQWzN24D0c6uHuO1/3imdm10ROi4pslX7gGdnr0YIm
mn1ns+D4+l0BKjnyQQQFibEjJWXW3t66axduklgu+KirMH/SBnMREnD6FQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGD2vScYoszEaOOI/NKp0Kh8FQx8MB8GA1UdIwQY
MBaAFJxVZ2cgHFD2sqlV22oebgEd+l1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgt
NDk2YmE4MjQ5MmNlLzEvWVBhOUp4aWl6TVJvNDRqODBxblFxSHdWREh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgtNDk2YmE4MjQ5MmNl
LzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAMgyEwTP+mGBsA3hRxb03rjBowQ+Sjw1kqMorb509
fFWCxotCVDXft1C+Av1K7REMg298EEwGZdyeT5tXs5+HQOsvendFgDMlfkkb7RdA
IS54pO2+fRZZ9D+MgB79CMAPDsba+DZX82g/r9gG4UzWCoAytotHxuTjo+n9ejtC
Rqlh5eU006coql4uT3q5FqTHCLi9D1YPV4spNGfkm11a3vkOsOpbfw01UJaATdV7
ykn34Ic0iXg3D/QxfBCuflOgRT8S9e6LpCa0vogV1zvNjBh0I+hOV9svEtw2naFO
5yS0moK5G8IEX9jh7N2bjy5cGKFKkaPfqmjCcND3no4FLg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:21 2025 by rpki-client