Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YEJq7DyNZPXbwZHDzsi_H2j2_5Y.roa
File: YEJq7DyNZPXbwZHDzsi_H2j2_5Y.roa (raw, json)
Hash identifier: dI4lOYLrwNMyh6342soczlp3M9MaIzBshg0x1T4ql4M=
Subject key identifier: 60:42:6A:EC:3C:8D:64:F5:DB:C1:91:C3:CE:C8:BF:1F:68:F6:FF:96
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184ED1AFD2079CE9A7F452B465803675599
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YEJq7DyNZPXbwZHDzsi_H2j2_5Y.roa
Signing time: Wed 07 Dec 2022 15:01:19 +0000
ROA not before: Wed 07 Dec 2022 15:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212164
IP address blocks: 2a0e:b107:1d20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:1a:fd:20:79:ce:9a:7f:45:2b:46:58:03:67:55:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 7 15:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60426aec3c8d64f5dbc191c3cec8bf1f68f6ff96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3c:b3:db:c7:ee:94:d1:f8:71:ae:3f:7a:0c:
1b:c7:2e:62:b5:6f:75:73:ba:13:7a:90:1e:e9:a5:
c8:7e:96:08:6e:6d:62:40:c8:2f:80:d7:49:15:ca:
ae:bc:8e:c4:da:5e:fb:32:ee:b9:cd:e8:31:f2:0b:
5a:09:a0:48:b0:ba:d2:21:8c:39:37:9c:75:ce:eb:
f7:43:5f:6a:04:8a:0c:9e:a7:52:25:c3:eb:df:8e:
3e:4b:61:5b:ae:ee:fb:a1:f0:11:06:36:c4:a0:11:
59:85:9f:e9:bc:f6:86:2f:93:18:36:21:cc:72:9c:
5a:40:c8:fe:51:93:89:a4:a5:77:f2:90:ef:3a:a4:
b5:ee:38:07:ac:be:6b:e4:00:e7:6e:68:88:21:3b:
89:35:1f:11:42:14:c9:cb:29:f4:93:db:e9:dd:a1:
80:46:5f:d9:ba:35:d7:28:dd:60:56:6c:d8:57:f7:
de:8b:8c:0e:4e:4e:e6:f9:bc:db:b6:8d:31:fb:b5:
25:60:f0:c9:f1:85:b2:7a:6a:9b:88:cb:5d:17:09:
da:ff:0c:6d:69:ef:8b:25:75:8d:ac:c4:3b:78:87:
49:f9:43:0f:4a:54:87:46:1d:d9:cb:cd:16:4d:82:
e8:bb:61:a1:fd:e0:98:d3:89:93:6b:ba:6e:fa:94:
b4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:42:6A:EC:3C:8D:64:F5:DB:C1:91:C3:CE:C8:BF:1F:68:F6:FF:96
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YEJq7DyNZPXbwZHDzsi_H2j2_5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d20::/48
Signature Algorithm: sha256WithRSAEncryption
30:ce:11:46:bf:13:e4:75:74:34:ac:f0:77:bf:f2:af:64:42:
7c:ff:91:da:62:53:a6:ad:19:a4:f8:5a:ec:63:61:e2:5c:21:
52:00:dc:c0:3c:bd:3c:d3:38:7f:7b:80:18:e0:d5:ed:0f:94:
11:ca:cb:9a:86:d2:d0:c9:02:9a:47:c8:65:91:ff:6c:5b:c1:
67:6a:52:2e:fc:b6:3a:7f:ed:03:c7:8d:a5:bf:ba:51:8f:f7:
87:d4:48:a4:38:93:6c:3d:38:8f:1f:69:bd:cf:47:57:d7:1e:
ae:d1:28:c1:12:a0:fe:2b:7d:44:81:de:c9:00:6f:d1:f7:cd:
40:6c:71:43:82:1f:1c:b3:f9:37:77:57:ad:48:38:83:52:74:
30:af:d9:3b:ba:4a:cc:ec:48:cc:06:f4:fa:dc:aa:39:39:b3:
10:3a:91:85:77:73:de:72:02:f5:bf:1e:31:a2:04:4a:ed:dd:
84:c4:7f:12:a7:d0:84:7e:8f:d1:c5:7b:cf:ef:36:82:7f:2d:
0a:64:0a:44:a4:59:0d:a5:5a:51:10:2d:c3:13:83:db:12:a1:
7a:c8:f3:ed:3d:2b:84:d7:2e:50:70:c7:f3:09:ad:26:7b:08:
25:ca:3a:39:c8:d1:d7:fa:d2:fe:17:2e:98:4e:d8:fa:30:5f:
57:a3:24:ae
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTtGv0gec6af0UrRlgDZ1WZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA3MTUwMTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQyNmFlYzNjOGQ2NGY1ZGJjMTkxYzNjZWM4YmYxZjY4ZjZmZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDyz28fulNH4ca4/egwbxy5itW91
c7oTepAe6aXIfpYIbm1iQMgvgNdJFcquvI7E2l77Mu65zegx8gtaCaBIsLrSIYw5
N5x1zuv3Q19qBIoMnqdSJcPr344+S2Fbru77ofARBjbEoBFZhZ/pvPaGL5MYNiHM
cpxaQMj+UZOJpKV38pDvOqS17jgHrL5r5ADnbmiIITuJNR8RQhTJyyn0k9vp3aGA
Rl/ZujXXKN1gVmzYV/fei4wOTk7m+bzbto0x+7UlYPDJ8YWyemqbiMtdFwna/wxt
ae+LJXWNrMQ7eIdJ+UMPSlSHRh3Zy80WTYLou2Gh/eCY04mTa7pu+pS0PQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGBCauw8jWT128GRw87Ivx9o9v+WMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWUVKcTdEeU5aUFhid1pIRHpzaV9IMmoyXzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx0g
MA0GCSqGSIb3DQEBCwUAA4IBAQAwzhFGvxPkdXQ0rPB3v/KvZEJ8/5HaYlOmrRmk
+FrsY2HiXCFSANzAPL080zh/e4AY4NXtD5QRysuahtLQyQKaR8hlkf9sW8FnalIu
/LY6f+0Dx42lv7pRj/eH1EikOJNsPTiPH2m9z0dX1x6u0SjBEqD+K31Egd7JAG/R
981AbHFDgh8cs/k3d1etSDiDUnQwr9k7ukrM7EjMBvT63Ko5ObMQOpGFd3PecgL1
vx4xogRK7d2ExH8Sp9CEfo/RxXvP7zaCfy0KZApEpFkNpVpREC3DE4PbEqF6yPPt
PSuE1y5QcMfzCa0mewglyjo5yNHX+tL+Fy6YTtj6MF9XoySu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org