Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/yrdDXVjVBClNiBJFKkKqFE5po_k.roa
File: yrdDXVjVBClNiBJFKkKqFE5po_k.roa (raw, json)
Hash identifier: LtxNzchWuXuKPLI6GmVBUsHvKDXxjN5r+3E4e71ibhc=
Subject key identifier: CA:B7:43:5D:58:D5:04:29:4D:88:12:45:2A:42:AA:14:4E:69:A3:F9
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01875B000C96A6B2ABA60DDF5F4ACE59489B
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/yrdDXVjVBClNiBJFKkKqFE5po_k.roa
Signing time: Fri 07 Apr 2023 09:15:42 +0000
ROA not before: Fri 07 Apr 2023 09:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24961
IP address blocks: 2a05:88c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5b:00:0c:96:a6:b2:ab:a6:0d:df:5f:4a:ce:59:48:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Apr 7 09:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cab7435d58d504294d8812452a42aa144e69a3f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:15:69:30:08:0c:e4:1e:83:e2:31:fe:d8:d4:
b4:64:9d:e0:46:3f:59:84:00:c0:df:b1:51:c9:87:
64:35:19:80:dd:f0:2b:74:af:c6:dd:20:45:8a:79:
95:c2:e6:b3:a1:12:5a:6d:75:2d:5a:ad:4d:36:5f:
7d:7d:1b:d6:5f:74:c3:4a:fc:ec:bc:c9:4a:fd:ba:
cc:0a:6b:cf:ea:95:fe:2b:c4:3d:67:fe:a9:c9:47:
f9:31:37:cc:57:a3:99:0d:f7:04:09:78:d0:f2:88:
de:69:46:26:95:38:e7:1a:70:ca:56:4d:f5:2a:fc:
6d:71:ad:ea:71:4a:b4:22:04:e7:0e:f2:c4:e5:27:
ea:92:61:20:df:24:c0:43:09:f4:d3:a4:07:93:3a:
e4:77:e6:4e:4d:53:b7:85:1d:14:55:6b:94:89:cf:
3f:64:14:bb:10:38:25:34:52:d6:d0:c8:07:1d:97:
c5:ef:ce:af:96:a7:4f:ab:6e:2b:73:0c:f7:8a:ac:
d2:9d:86:b3:f4:2d:f4:e5:fc:f6:aa:8f:53:1f:06:
34:cd:f5:37:3c:e1:a9:16:ac:84:c1:0f:07:c2:3f:
67:e7:e6:7a:c7:7d:cc:74:48:58:61:c7:a1:f5:f6:
b6:91:50:b2:c2:1b:fa:1e:7a:b0:6a:1d:27:74:8b:
2f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B7:43:5D:58:D5:04:29:4D:88:12:45:2A:42:AA:14:4E:69:A3:F9
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/yrdDXVjVBClNiBJFKkKqFE5po_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
cc:a2:31:30:63:4f:e0:bc:07:1f:1f:3e:79:13:07:4f:98:c8:
78:73:de:9c:de:46:e2:2c:b6:c8:34:23:09:98:b5:4e:48:b0:
50:af:0e:d5:67:46:6a:7a:2b:a8:51:29:0e:3b:06:f4:ad:94:
a5:70:3e:7e:62:50:59:b6:05:0c:16:1d:b0:a3:99:10:52:ff:
cc:07:89:4b:d8:db:52:00:44:c2:1d:80:4c:a2:f6:13:3f:62:
bb:83:ce:33:0b:b0:2b:b3:d9:ec:72:14:93:c1:df:d7:d8:b5:
ab:9e:be:3b:98:aa:01:fa:00:10:2b:c1:f9:44:5f:32:66:2b:
8c:44:de:2b:51:9d:4b:c0:4a:e3:f8:01:21:5c:a5:af:1c:fb:
d3:a2:a7:e2:1f:90:95:f6:26:4b:4a:58:8b:75:af:c4:32:3d:
85:81:06:df:b6:4e:6a:c4:fb:58:0b:50:3f:1a:e8:22:c0:9b:
81:e0:d2:60:00:5e:a2:2b:63:b4:6d:bf:3f:3f:7c:68:d2:d3:
f6:09:f3:c2:64:90:fb:cd:71:02:c0:ee:a4:09:50:f6:08:d5:
49:e3:93:66:78:dc:16:42:0c:c5:46:cb:75:04:ac:3c:ce:f2:
8c:71:67:bf:06:39:e5:6c:a3:4f:0d:10:22:6b:51:03:9f:03:
b4:c3:13:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYdbAAyWprKrpg3fX0rOWUibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwNDA3MDkxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI3NDM1ZDU4ZDUwNDI5NGQ4ODEyNDUyYTQyYWExNDRlNjlhM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRVpMAgM5B6D4jH+2NS0ZJ3gRj9Z
hADA37FRyYdkNRmA3fArdK/G3SBFinmVwuazoRJabXUtWq1NNl99fRvWX3TDSvzs
vMlK/brMCmvP6pX+K8Q9Z/6pyUf5MTfMV6OZDfcECXjQ8ojeaUYmlTjnGnDKVk31
Kvxtca3qcUq0IgTnDvLE5SfqkmEg3yTAQwn006QHkzrkd+ZOTVO3hR0UVWuUic8/
ZBS7EDglNFLW0MgHHZfF786vlqdPq24rcwz3iqzSnYaz9C305fz2qo9THwY0zfU3
POGpFqyEwQ8Hwj9n5+Z6x33MdEhYYceh9fa2kVCywhv6Hnqwah0ndIsvjQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMq3Q11Y1QQpTYgSRSpCqhROaaP5MB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEveXJkRFhWalZCQ2xOaUJKRktrS3FGRTVwb19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAzKIxMGNP4LwHHx8+eRMHT5jIeHPenN5G4iy2yDQj
CZi1TkiwUK8O1WdGanorqFEpDjsG9K2UpXA+fmJQWbYFDBYdsKOZEFL/zAeJS9jb
UgBEwh2ATKL2Ez9iu4POMwuwK7PZ7HIUk8Hf19i1q56+O5iqAfoAECvB+URfMmYr
jETeK1GdS8BK4/gBIVylrxz706Kn4h+QlfYmS0pYi3WvxDI9hYEG37ZOasT7WAtQ
PxroIsCbgeDSYABeoitjtG2/Pz98aNLT9gnzwmSQ+81xAsDupAlQ9gjVSeOTZnjc
FkIMxUbLdQSsPM7yjHFnvwY55WyjTw0QImtRA58DtMMTDg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:55:25 2025 by rpki-client