Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yPnBz7SDCPQTemGwJs6SBbjmNgI.roa
File: yPnBz7SDCPQTemGwJs6SBbjmNgI.roa (raw, json)
Hash identifier: vOW6QX+kXVxxcv9uDyHWNY4Nmep/gBP10bUvsLPCQLQ=
Subject key identifier: C8:F9:C1:CF:B4:83:08:F4:13:7A:61:B0:26:CE:92:05:B8:E6:36:02
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10A3C139
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yPnBz7SDCPQTemGwJs6SBbjmNgI.roa
Signing time: Sat 01 Jan 2022 09:05:11 +0000
ROA not before: Sat 01 Jan 2022 09:05:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209710
IP address blocks: 2a0e:b107:340::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279167289 (0x10a3c139)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8f9c1cfb48308f4137a61b026ce9205b8e63602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:ca:f7:97:93:57:a4:2c:fa:08:2b:f3:09:
7a:07:cb:11:04:5f:14:a4:cc:f1:59:61:46:7f:12:
78:61:7e:b9:2b:29:db:19:2d:2e:dc:32:16:68:34:
86:f6:a8:3b:fd:27:27:d2:05:cd:90:0d:23:c6:0e:
87:b1:cf:47:e9:ed:aa:79:65:07:fd:5d:75:e8:7d:
0c:48:90:e4:67:72:7b:3b:da:89:68:0a:42:a1:5f:
84:46:e7:c7:20:a0:90:a0:18:7b:30:a0:52:dd:8a:
ed:ca:eb:8c:49:74:7a:a2:a7:dc:bb:22:91:8c:d5:
5d:14:0a:4d:6f:f8:8b:dc:80:53:9e:36:67:9c:99:
c1:ef:39:c8:41:56:b6:3d:67:f2:e4:87:de:d5:8d:
8d:a9:3e:3b:bf:04:a2:c7:74:c1:fa:6a:c2:5b:26:
6b:a3:15:aa:e3:85:90:ba:24:cd:5e:d8:52:1f:49:
ae:62:05:61:59:1e:48:7f:0a:5c:8e:ba:ad:31:75:
57:e7:91:2b:2f:a7:fe:d8:39:e9:df:92:9e:b3:bb:
45:84:49:7c:94:ed:c4:8a:34:6d:32:39:cd:9f:5c:
07:9b:e2:a6:52:6e:94:02:3a:3a:4d:7f:29:ff:2e:
c1:13:43:f2:99:e7:fa:da:62:2a:31:ce:8c:53:63:
0c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F9:C1:CF:B4:83:08:F4:13:7A:61:B0:26:CE:92:05:B8:E6:36:02
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yPnBz7SDCPQTemGwJs6SBbjmNgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:340::/44
Signature Algorithm: sha256WithRSAEncryption
23:ce:80:a5:f4:45:42:e9:09:c6:a0:7c:f8:c4:fb:2b:a6:50:
d1:48:04:42:08:96:ed:1d:4c:a2:f8:ec:cd:19:4e:e1:9e:51:
47:40:66:70:91:79:ba:56:35:5e:00:14:ab:17:e1:71:c7:b0:
24:bc:2f:3f:ce:81:a8:1e:0b:e6:ba:e8:b6:7f:93:7e:ec:14:
8f:39:a9:68:1c:5a:ee:0d:b1:19:b6:c1:2e:e5:b7:f0:54:d8:
c2:67:14:16:e5:67:ff:45:e4:f9:cf:56:4a:78:6f:f6:cb:5c:
0a:6a:89:32:74:b9:b4:e8:fa:37:76:ab:fd:8b:f9:04:96:9f:
0a:c2:13:cc:02:8c:4e:27:fa:ad:61:21:44:d3:2e:99:9d:d5:
62:da:f1:03:07:1c:b1:08:b3:94:70:06:6b:9d:8f:d1:76:9d:
f6:7b:36:95:c7:a2:9c:c8:b3:e7:19:9c:bd:f5:63:8f:9e:b3:
77:fe:60:ee:68:87:ec:53:98:de:28:25:f2:cc:5e:51:8d:4c:
14:4d:34:d3:76:31:9c:f0:6f:ac:2c:e3:b4:41:60:a3:26:d8:
04:36:b3:de:c5:88:22:e2:62:8c:99:3a:5a:79:4f:39:e2:7a:
a7:81:0a:4a:47:96:0d:1d:24:59:2f:52:44:5a:ec:47:c2:a1:
9c:89:11:18
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEKPBOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhmOWMxY2ZiNDgz
MDhmNDEzN2E2MWIwMjZjZTkyMDViOGU2MzYwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPxyveXk1ekLPoIK/MJegfLEQRfFKTM8VlhRn8SeGF+uSsp
2xktLtwyFmg0hvaoO/0nJ9IFzZANI8YOh7HPR+ntqnllB/1ddeh9DEiQ5Gdyezva
iWgKQqFfhEbnxyCgkKAYezCgUt2K7crrjEl0eqKn3LsikYzVXRQKTW/4i9yAU542
Z5yZwe85yEFWtj1n8uSH3tWNjak+O78Eosd0wfpqwlsma6MVquOFkLokzV7YUh9J
rmIFYVkeSH8KXI66rTF1V+eRKy+n/tg56d+SnrO7RYRJfJTtxIo0bTI5zZ9cB5vi
plJulAI6Ok1/Kf8uwRND8pnn+tpiKjHOjFNjDGUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTI+cHPtIMI9BN6YbAmzpIFuOY2AjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3lQbkJ6N1NEQ1BRVGVtR3dKczZTQmJqbU5nSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcDQDANBgkqhkiG9w0BAQsF
AAOCAQEAI86ApfRFQukJxqB8+MT7K6ZQ0UgEQgiW7R1MovjszRlO4Z5RR0BmcJF5
ulY1XgAUqxfhccewJLwvP86BqB4L5rrotn+TfuwUjzmpaBxa7g2xGbbBLuW38FTY
wmcUFuVn/0Xk+c9WSnhv9stcCmqJMnS5tOj6N3ar/Yv5BJafCsITzAKMTif6rWEh
RNMumZ3VYtrxAwccsQizlHAGa52P0Xad9ns2lceinMiz5xmcvfVjj56zd/5g7miH
7FOY3igl8sxeUY1MFE0003YxnPBvrCzjtEFgoybYBDaz3sWIIuJijJk6WnlPOeJ6
p4EKSkeWDR0kWS9SRFrsR8KhnIkRGA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-fra.rpki-client.org