Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/yrAE6gqWmCVGhSNGtX2QUYMSCtI.roa
File: yrAE6gqWmCVGhSNGtX2QUYMSCtI.roa (raw, json)
Hash identifier: Gz7YAZ2O9g7IiYTMwwqbzzyfGLarUBBctGPZ9a4plQw=
Subject key identifier: CA:B0:04:EA:0A:96:98:25:46:85:23:46:B5:7D:90:51:83:12:0A:D2
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 01849FB42D46312617B0F14371D6CA23620B
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/yrAE6gqWmCVGhSNGtX2QUYMSCtI.roa
Signing time: Tue 22 Nov 2022 14:18:16 +0000
ROA not before: Tue 22 Nov 2022 14:18:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211603
IP address blocks: 2a0f:4d00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:b4:2d:46:31:26:17:b0:f1:43:71:d6:ca:23:62:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: Nov 22 14:18:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cab004ea0a96982546852346b57d905183120ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8e:fd:09:fd:1b:e2:47:e9:92:68:6d:a4:02:
5a:cf:2b:e6:b4:52:7d:22:12:d9:c7:59:7e:a8:32:
4f:a4:c4:5a:68:a0:32:44:25:eb:7c:6e:48:ef:0a:
65:78:f3:90:94:50:f6:b0:7d:98:7d:37:60:83:8a:
17:13:92:42:99:fd:e5:56:ea:19:fc:ae:9c:08:f0:
a6:bb:05:1b:61:b6:07:98:51:be:23:bd:41:29:ea:
6f:6e:34:80:82:40:60:1b:87:26:ab:6f:7e:38:e2:
be:8e:5c:19:8c:71:fe:80:4a:cc:8d:43:4c:a3:d1:
ac:1e:44:51:97:58:ca:89:93:2d:5a:ed:20:b0:76:
1c:8b:a6:af:40:a1:f8:b6:c7:33:b1:94:af:2e:56:
14:15:df:73:06:a4:c5:23:d8:ab:d0:35:59:de:b8:
ff:1a:ef:68:ef:71:82:c3:ce:32:b1:2b:60:87:1c:
ab:4b:4a:68:e1:25:63:86:16:98:c2:55:c8:15:92:
b9:28:27:e3:1f:ff:22:69:33:f4:60:55:51:c7:46:
40:ec:d9:16:ec:b8:d2:33:59:8a:94:a6:7c:33:0f:
e7:4a:f4:a7:c6:be:57:df:98:35:20:e1:a2:94:7e:
95:51:a8:a1:79:24:33:ec:08:8e:6a:03:7c:3d:7c:
e0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B0:04:EA:0A:96:98:25:46:85:23:46:B5:7D:90:51:83:12:0A:D2
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/yrAE6gqWmCVGhSNGtX2QUYMSCtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
66:ab:ce:60:89:2e:6e:d5:4f:b7:8f:ab:39:7e:03:45:97:7f:
06:7c:e3:a8:80:1c:f4:fc:5c:21:b0:65:87:a6:9e:23:fb:bb:
c4:43:d9:2b:bb:62:fa:14:18:08:e3:b9:71:12:41:7a:07:0f:
d2:69:38:47:66:c0:c6:d8:70:6b:a4:21:dc:60:1d:86:e3:4c:
31:2f:f2:d8:f7:f0:7d:56:71:15:7c:8f:3b:60:3b:51:39:ff:
77:16:9a:6c:73:7b:88:6d:5b:41:12:a8:12:77:96:a5:bf:f2:
aa:26:65:cf:54:2c:82:f2:fb:cd:02:e2:4c:36:cf:db:58:84:
76:7c:0f:7f:ed:11:36:b6:fc:8a:9b:f6:ea:2f:95:da:fd:c6:
f5:1c:fc:b3:42:2e:8a:a6:10:04:3c:dd:1f:2d:26:05:c9:97:
1b:d1:21:4c:f3:d6:88:3f:d5:b3:57:df:20:01:cc:fc:18:e0:
fe:cf:a6:56:e5:a5:97:0c:ef:d3:97:d4:6c:b3:33:f3:ea:6f:
5d:a0:c8:85:28:f0:06:75:19:6e:19:a6:cf:55:1e:87:9d:9c:
74:0b:5f:1e:90:9c:f7:7a:f4:14:1d:77:93:fa:23:ec:41:93:
80:be:e1:1a:be:bf:b6:39:62:e9:ce:2c:7e:cc:60:6d:95:0d:
0e:1b:37:f9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSftC1GMSYXsPFDcdbKI2ILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjIxMTIyMTQxODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIwMDRlYTBhOTY5ODI1NDY4NTIzNDZiNTdkOTA1MTgzMTIwYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY79Cf0b4kfpkmhtpAJazyvmtFJ9
IhLZx1l+qDJPpMRaaKAyRCXrfG5I7wplePOQlFD2sH2YfTdgg4oXE5JCmf3lVuoZ
/K6cCPCmuwUbYbYHmFG+I71BKepvbjSAgkBgG4cmq29+OOK+jlwZjHH+gErMjUNM
o9GsHkRRl1jKiZMtWu0gsHYci6avQKH4tsczsZSvLlYUFd9zBqTFI9ir0DVZ3rj/
Gu9o73GCw84ysStghxyrS0po4SVjhhaYwlXIFZK5KCfjH/8iaTP0YFVRx0ZA7NkW
7LjSM1mKlKZ8Mw/nSvSnxr5X35g1IOGilH6VUaiheSQz7AiOagN8PXzg9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMqwBOoKlpglRoUjRrV9kFGDEgrSMB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEveXJBRTZncVdtQ1ZHaFNOR3RYMlFVWU1TQ3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9NADAN
BgkqhkiG9w0BAQsFAAOCAQEAZqvOYIkubtVPt4+rOX4DRZd/BnzjqIAc9PxcIbBl
h6aeI/u7xEPZK7ti+hQYCOO5cRJBegcP0mk4R2bAxthwa6Qh3GAdhuNMMS/y2Pfw
fVZxFXyPO2A7UTn/dxaabHN7iG1bQRKoEneWpb/yqiZlz1QsgvL7zQLiTDbP21iE
dnwPf+0RNrb8ipv26i+V2v3G9Rz8s0IuiqYQBDzdHy0mBcmXG9EhTPPWiD/Vs1ff
IAHM/Bjg/s+mVuWllwzv05fUbLMz8+pvXaDIhSjwBnUZbhmmz1Ueh52cdAtfHpCc
93r0FB13k/oj7EGTgL7hGr6/tjli6c4sfsxgbZUNDhs3+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:03 2024 by rpki-client on console-ams.rpki-client.org