Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/yO8N8PXT214AamR0zl3SOZaO1bA.roa
File: yO8N8PXT214AamR0zl3SOZaO1bA.roa (raw, json)
Hash identifier: Jzyu/wGpGHusmJyiYAJIy2EfHyC6vWTEZUy8v/tMmBo=
Subject key identifier: C8:EF:0D:F0:F5:D3:DB:5E:00:6A:64:74:CE:5D:D2:39:96:8E:D5:B0
Certificate issuer: /CN=727309f110347cc61b8c27bbfbf10a6bfb408358
Certificate serial: 018570304790478220C99E3D0079506B3EDE
Authority key identifier: 72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/yO8N8PXT214AamR0zl3SOZaO1bA.roa
Signing time: Mon 02 Jan 2023 01:54:50 +0000
ROA not before: Mon 02 Jan 2023 01:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199351
IP address blocks: 2001:67c:1394::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:47:90:47:82:20:c9:9e:3d:00:79:50:6b:3e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=727309f110347cc61b8c27bbfbf10a6bfb408358
Validity
Not Before: Jan 2 01:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8ef0df0f5d3db5e006a6474ce5dd239968ed5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:21:c0:71:d6:8c:cd:87:41:c2:6b:8b:4d:6b:
b1:cc:b1:38:24:a9:30:47:20:6e:29:48:20:d8:79:
c8:eb:29:29:9f:31:f2:29:79:73:36:c0:e8:d4:a4:
48:b4:73:4b:11:d9:92:b0:a6:b9:fc:82:32:a4:c5:
b7:06:ba:33:2c:5e:6e:8d:6a:0b:81:b7:1c:2e:6d:
dd:7f:4c:6b:b3:79:92:f3:49:ed:64:af:fb:61:c5:
5b:ef:86:e3:28:ec:d1:d0:fe:e8:da:e2:9b:0d:a6:
d1:3e:7d:74:33:ca:1a:cc:03:69:42:6e:ea:72:07:
9f:3a:22:56:76:03:ce:d6:23:9b:53:f7:33:67:4e:
e6:58:10:75:4a:4c:41:c1:d1:c9:7d:17:da:39:3f:
6c:ad:3b:a6:a5:04:ad:83:1c:2d:df:d6:d5:42:c7:
98:70:0c:9d:b8:bf:40:7e:2b:27:fd:a2:9f:34:20:
a8:7b:34:ff:17:44:db:3d:ef:7e:b0:7f:e0:4c:86:
76:ea:e4:d6:58:42:e6:51:a2:ac:3e:c4:4b:52:91:
23:d0:85:d4:87:d0:0b:5d:10:39:ec:2d:35:a8:26:
26:bb:ff:a6:1a:fe:76:00:ea:1c:9f:01:f4:76:86:
e8:91:57:7c:a6:af:d1:fb:8b:f8:01:8c:bd:dd:9f:
37:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EF:0D:F0:F5:D3:DB:5E:00:6A:64:74:CE:5D:D2:39:96:8E:D5:B0
X509v3 Authority Key Identifier:
keyid:72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/yO8N8PXT214AamR0zl3SOZaO1bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1394::/48
Signature Algorithm: sha256WithRSAEncryption
8a:15:1c:d9:b8:14:e8:db:70:6a:d2:86:7d:cd:9a:9c:4d:8c:
48:e2:8a:23:6f:38:8b:cc:b4:77:f4:f6:76:90:96:33:c8:72:
a3:6f:89:b9:c2:c8:74:3f:4e:f3:fc:4a:3a:a7:47:70:01:14:
8a:4d:d8:12:aa:a7:7c:06:90:4d:aa:44:34:2e:a6:03:bf:d7:
c1:77:99:bb:77:63:90:c6:6d:00:fa:91:28:42:44:81:35:72:
90:d4:41:e8:cf:39:98:f7:7c:2d:9a:84:85:f4:c4:68:63:8f:
e1:2a:c0:36:8c:5c:9d:2d:6c:68:e2:b3:e7:ba:c0:8e:a3:af:
8c:69:2a:83:62:90:97:71:28:9b:35:16:19:a0:63:58:4e:0f:
97:5a:89:2f:ab:e3:d5:00:71:a5:4f:b3:03:52:d0:d5:a9:51:
dd:45:9a:a0:11:93:65:4a:58:8a:df:77:af:e1:81:70:60:d3:
99:1e:8e:c9:45:48:22:54:e8:9a:54:11:92:71:c8:9f:81:d5:
b2:1e:8a:e8:c9:7f:be:63:71:ec:64:fa:ef:9e:01:41:a3:bb:
26:14:bf:a6:b1:db:31:1a:05:50:77:8c:85:a7:31:0c:f3:f8:
7b:11:f1:ab:13:3e:f5:14:a0:7f:ff:e2:d1:63:4a:65:0f:a8:
9e:19:68:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwMEeQR4IgyZ49AHlQaz7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzMwOWYxMTAzNDdjYzYxYjhjMjdiYmZiZjEwYTZiZmI0
MDgzNTgwHhcNMjMwMTAyMDE1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVmMGRmMGY1ZDNkYjVlMDA2YTY0NzRjZTVkZDIzOTk2OGVkNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiHAcdaMzYdBwmuLTWuxzLE4JKkw
RyBuKUgg2HnI6ykpnzHyKXlzNsDo1KRItHNLEdmSsKa5/IIypMW3BrozLF5ujWoL
gbccLm3df0xrs3mS80ntZK/7YcVb74bjKOzR0P7o2uKbDabRPn10M8oazANpQm7q
cgefOiJWdgPO1iObU/czZ07mWBB1SkxBwdHJfRfaOT9srTumpQStgxwt39bVQseY
cAyduL9Afisn/aKfNCCoezT/F0TbPe9+sH/gTIZ26uTWWELmUaKsPsRLUpEj0IXU
h9ALXRA57C01qCYmu/+mGv52AOocnwH0dobokVd8pq/R+4v4AYy93Z83oQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMjvDfD109teAGpkdM5d0jmWjtWwMB8GA1UdIwQY
MBaAFHJzCfEQNHzGG4wnu/vxCmv7QINYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25NSjhSQTBmTVliakNlNy1fRUthX3RBZzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wMDg5MDktNzJlYS00NzkxLWE1YmYt
ZjIzMzQ2YmNjMjE3LzEveU84TjhQWFQyMTRBYW1SMHpsM1NPWmFPMWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wMDg5MDktNzJlYS00NzkxLWE1YmYtZjIzMzQ2YmNjMjE3
LzEvY25NSjhSQTBmTVliakNlNy1fRUthX3RBZzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBOU
MA0GCSqGSIb3DQEBCwUAA4IBAQCKFRzZuBTo23Bq0oZ9zZqcTYxI4oojbziLzLR3
9PZ2kJYzyHKjb4m5wsh0P07z/Eo6p0dwARSKTdgSqqd8BpBNqkQ0LqYDv9fBd5m7
d2OQxm0A+pEoQkSBNXKQ1EHozzmY93wtmoSF9MRoY4/hKsA2jFydLWxo4rPnusCO
o6+MaSqDYpCXcSibNRYZoGNYTg+XWokvq+PVAHGlT7MDUtDVqVHdRZqgEZNlSliK
33ev4YFwYNOZHo7JRUgiVOiaVBGSccifgdWyHoroyX++Y3HsZPrvngFBo7smFL+m
sdsxGgVQd4yFpzEM8/h7EfGrEz71FKB//+LRY0plD6ieGWhA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:39 2025 by rpki-client