Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yEfou_KA6N5sbmHV_83dVQUWgR0.roa
File: yEfou_KA6N5sbmHV_83dVQUWgR0.roa (raw, json)
Hash identifier: X4cVJqpK4tTeKLSYf5xzmu9b03ZlL+/RZNKZ9q3oP+c=
Subject key identifier: C8:47:E8:BB:F2:80:E8:DE:6C:6E:61:D5:FF:CD:DD:55:05:16:81:1D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184677AFF09561140FF0A8FE53E92D45CE2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yEfou_KA6N5sbmHV_83dVQUWgR0.roa
Signing time: Fri 11 Nov 2022 16:17:04 +0000
ROA not before: Fri 11 Nov 2022 16:17:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212270
IP address blocks: 2a0e:b107:1210::/44 maxlen: 48
2a0e:b107:f50::/44 maxlen: 48
2a0e:b107:1510::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:67:7a:ff:09:56:11:40:ff:0a:8f:e5:3e:92:d4:5c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 11 16:17:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c847e8bbf280e8de6c6e61d5ffcddd550516811d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1e:7e:3a:b2:e3:88:fc:53:95:b8:d7:da:eb:
f3:49:39:c6:ac:ee:ec:9e:e9:ed:e9:a6:1f:6d:19:
8f:a6:8b:7c:ce:76:19:f1:ad:11:e6:4c:c6:9b:dc:
9b:59:98:58:af:b3:f7:03:b1:e1:5f:b0:11:5b:ed:
6b:95:0c:e0:6a:eb:74:fd:84:de:1c:df:23:6d:de:
49:9a:16:9e:66:31:52:f1:89:d3:97:00:15:4e:48:
06:36:3f:1f:b3:3e:3a:1d:08:b8:af:3f:75:d9:9a:
f0:51:48:3f:0d:ce:6e:32:af:48:62:77:2c:7d:e1:
d5:d2:9c:6b:55:7e:5d:59:be:98:28:05:61:ef:a9:
7c:a9:85:d3:4d:d8:cd:3c:17:70:ac:22:56:39:d5:
d4:de:77:a5:0d:ea:20:1f:d6:b7:49:59:0b:32:da:
a0:80:a3:b2:23:47:68:fa:7a:96:18:f1:bb:b6:1c:
99:8b:2b:4b:9e:5e:9f:97:4d:a2:9c:99:1c:90:7a:
1a:fc:9b:6a:bc:89:a7:1f:79:12:6d:68:a8:57:98:
83:a4:b3:e1:1d:13:7b:58:4f:f7:23:7b:67:5b:24:
a4:85:6c:e1:b4:21:f7:1d:a9:d1:f2:52:8b:80:7c:
f1:97:6e:27:d9:f1:ef:ab:44:59:43:c5:8a:77:59:
a5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:47:E8:BB:F2:80:E8:DE:6C:6E:61:D5:FF:CD:DD:55:05:16:81:1D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yEfou_KA6N5sbmHV_83dVQUWgR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f50::/44
2a0e:b107:1210::/44
2a0e:b107:1510::/44
Signature Algorithm: sha256WithRSAEncryption
ad:d7:da:74:27:ee:d8:fb:b4:99:66:1d:14:f9:9d:3d:dd:01:
8c:91:58:db:0c:37:28:83:c5:23:39:2c:3f:a0:78:39:f2:2a:
56:0e:fe:f0:d1:0c:ad:f5:b5:fd:6a:3d:5b:5e:06:ed:54:06:
b8:35:13:77:0e:1b:1a:89:7f:65:54:53:0d:05:da:23:51:9e:
93:44:7a:3b:f1:12:d5:57:d0:6f:4c:91:49:e4:d7:55:f8:53:
00:2c:51:b4:84:a4:ca:07:d3:61:c9:0d:af:74:40:72:59:74:
9c:0a:02:73:8d:b3:31:d1:ef:f9:2f:95:f7:28:52:70:5c:c5:
64:8d:1d:4b:11:11:27:8b:8c:24:94:ea:18:ba:cc:07:7e:9e:
49:66:95:f5:b7:2c:d0:56:1e:43:a1:71:48:dc:4d:4c:01:89:
5b:2a:9c:2e:fc:39:97:35:75:f1:a6:a1:bd:61:6d:ba:35:84:
3d:78:8d:a3:9e:f0:65:ab:a8:ec:e9:ed:8a:b5:f6:4e:72:f5:
c0:ba:38:d3:e7:18:48:97:75:2b:30:35:ea:66:ea:4c:fb:d9:
fe:63:7a:dc:ae:9f:b9:2a:e6:c9:fc:de:58:fd:8c:70:21:9c:
a1:0b:7b:88:14:d1:c7:12:5b:b5:95:01:4d:a9:17:a5:b3:5a:
2b:09:5f:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRnev8JVhFA/wqP5T6S1FziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTExMTYxNzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ3ZThiYmYyODBlOGRlNmM2ZTYxZDVmZmNkZGQ1NTA1MTY4MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh5+OrLjiPxTlbjX2uvzSTnGrO7s
nunt6aYfbRmPpot8znYZ8a0R5kzGm9ybWZhYr7P3A7HhX7ARW+1rlQzgaut0/YTe
HN8jbd5JmhaeZjFS8YnTlwAVTkgGNj8fsz46HQi4rz912ZrwUUg/Dc5uMq9IYncs
feHV0pxrVX5dWb6YKAVh76l8qYXTTdjNPBdwrCJWOdXU3nelDeogH9a3SVkLMtqg
gKOyI0do+nqWGPG7thyZiytLnl6fl02inJkckHoa/JtqvImnH3kSbWioV5iDpLPh
HRN7WE/3I3tnWySkhWzhtCH3HanR8lKLgHzxl24n2fHvq0RZQ8WKd1mlxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMhH6LvygOjebG5h1f/N3VUFFoEdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveUVmb3VfS0E2TjVzYm1IVl84M2RWUVVXZ1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBw9Q
AwcEKg6xBxIQAwcEKg6xBxUQMA0GCSqGSIb3DQEBCwUAA4IBAQCt19p0J+7Y+7SZ
Zh0U+Z093QGMkVjbDDcog8UjOSw/oHg58ipWDv7w0Qyt9bX9aj1bXgbtVAa4NRN3
DhsaiX9lVFMNBdojUZ6TRHo78RLVV9BvTJFJ5NdV+FMALFG0hKTKB9NhyQ2vdEBy
WXScCgJzjbMx0e/5L5X3KFJwXMVkjR1LEREni4wklOoYuswHfp5JZpX1tyzQVh5D
oXFI3E1MAYlbKpwu/DmXNXXxpqG9YW26NYQ9eI2jnvBlq6js6e2KtfZOcvXAujjT
5xhIl3UrMDXqZupM+9n+Y3rcrp+5KubJ/N5Y/YxwIZyhC3uIFNHHElu1lQFNqRel
s1orCV/D
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org