Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yjp-q3WIUKd5MLY6YLy6rAYe7BE.roa
File: yjp-q3WIUKd5MLY6YLy6rAYe7BE.roa (raw, json)
Hash identifier: Km6ggIgfs8w1Y1fx5wQk6KXzW9VJtzb7Q0aNYulbHVg=
Subject key identifier: CA:3A:7E:AB:75:88:50:A7:79:30:B6:3A:60:BC:BA:AC:06:1E:EC:11
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01843916923C605708451A99F274191E28F2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yjp-q3WIUKd5MLY6YLy6rAYe7BE.roa
Signing time: Wed 02 Nov 2022 16:04:51 +0000
ROA not before: Wed 02 Nov 2022 16:04:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207556
IP address blocks: 2a0e:b100:101::/48 maxlen: 48
2a0e:b100:104::/48 maxlen: 48
2a0e:b100:100::/48 maxlen: 48
2a10:2f00:181::/48 maxlen: 48
2a0e:b100:103::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:39:16:92:3c:60:57:08:45:1a:99:f2:74:19:1e:28:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 2 16:04:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca3a7eab758850a77930b63a60bcbaac061eec11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7d:69:03:b6:c8:2b:21:97:bf:e6:aa:2a:ad:
5a:d2:8a:23:73:9e:fa:94:ff:e8:17:2a:10:49:8f:
fd:d0:f2:ed:03:ca:e7:41:09:77:6b:53:ea:81:46:
8a:02:5a:43:c0:43:8d:f3:67:4b:40:98:62:40:62:
d2:11:b5:35:96:2f:94:5e:da:47:4f:df:88:cf:31:
e0:52:df:37:f4:8d:0f:ef:9d:ca:30:c1:e7:20:39:
21:c0:46:a2:f7:49:6f:90:2b:82:6c:9e:11:b8:d8:
dd:17:71:4c:9c:94:b0:ef:fd:a1:26:cd:54:20:16:
43:52:ba:dd:82:b5:45:51:1c:59:11:d1:30:4f:73:
4c:eb:53:dc:40:21:17:81:15:69:4c:57:35:08:c4:
44:23:cf:c5:a8:e7:37:46:de:d2:ec:07:4f:bd:9c:
83:94:a3:c6:c5:25:8d:ba:ef:84:4e:81:7b:ff:3e:
cc:77:54:8e:24:8c:21:f9:67:57:4d:9f:0b:3e:4c:
df:8f:2a:89:a3:1d:57:5f:11:48:c4:ee:94:40:72:
4b:ed:6d:b1:68:e6:df:6a:7f:4b:82:77:4b:16:ac:
3f:07:1f:ec:3d:bc:b2:40:e5:27:8d:fd:1f:50:04:
f7:ea:72:14:d9:c5:bb:1c:b0:10:24:08:5e:32:44:
cd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3A:7E:AB:75:88:50:A7:79:30:B6:3A:60:BC:BA:AC:06:1E:EC:11
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yjp-q3WIUKd5MLY6YLy6rAYe7BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b100:100::/47
2a0e:b100:103::-2a0e:b100:104:ffff:ffff:ffff:ffff:ffff
2a10:2f00:181::/48
Signature Algorithm: sha256WithRSAEncryption
8c:29:04:49:c1:c3:76:80:bb:db:d1:b6:80:ac:15:d0:c2:17:
85:9d:a3:77:d2:ed:9b:0f:e6:fb:a4:90:37:bf:9f:a0:be:6e:
47:05:4b:9b:d9:21:32:73:6b:7b:8c:a0:5f:c5:fa:42:ca:74:
1a:7b:67:6d:c6:2f:81:9f:36:65:f5:f3:e5:18:32:93:63:fb:
52:b0:a4:0d:85:68:db:47:a4:a9:5d:44:9b:29:9d:e6:bb:fd:
99:52:45:79:f9:5e:9b:aa:6f:8f:a3:7c:62:a8:86:72:eb:d6:
39:8e:00:5e:7f:85:1b:92:f3:9c:e8:e9:01:6e:da:17:fa:2d:
1c:b0:87:61:40:13:ce:c1:0f:d0:a0:bb:c0:4f:b0:98:74:34:
5e:20:4d:0a:17:33:bd:36:28:49:f1:ac:a1:63:fa:fd:3c:bb:
0f:87:8b:e8:6d:3e:41:5b:89:cc:16:1b:b8:e6:f3:fb:99:4c:
35:f2:b9:35:51:18:21:49:98:3c:48:5f:05:c1:3c:65:ba:11:
77:de:36:3a:bc:59:c8:b5:c6:06:97:df:03:0d:5a:22:fc:a1:
da:f4:e2:94:d3:f0:38:08:96:94:cf:9c:8d:b6:c6:2e:2f:cc:
a6:80:f8:b7:e5:a4:2e:48:df:bc:27:fd:12:b6:76:af:cc:cf:
08:98:d0:d4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYQ5FpI8YFcIRRqZ8nQZHijyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTAyMTYwNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTNhN2VhYjc1ODg1MGE3NzkzMGI2M2E2MGJjYmFhYzA2MWVlYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj31pA7bIKyGXv+aqKq1a0oojc576
lP/oFyoQSY/90PLtA8rnQQl3a1PqgUaKAlpDwEON82dLQJhiQGLSEbU1li+UXtpH
T9+IzzHgUt839I0P753KMMHnIDkhwEai90lvkCuCbJ4RuNjdF3FMnJSw7/2hJs1U
IBZDUrrdgrVFURxZEdEwT3NM61PcQCEXgRVpTFc1CMREI8/FqOc3Rt7S7AdPvZyD
lKPGxSWNuu+EToF7/z7Md1SOJIwh+WdXTZ8LPkzfjyqJox1XXxFIxO6UQHJL7W2x
aObfan9LgndLFqw/Bx/sPbyyQOUnjf0fUAT36nIU2cW7HLAQJAheMkTNmQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMo6fqt1iFCneTC2OmC8uqwGHuwRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveWpwLXEzV0lVS2Q1TUxZNllMeTZyQVllN0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcBKg6xAAEA
MBIDBwAqDrEAAQMDBwAqDrEAAQQDBwAqEC8AAYEwDQYJKoZIhvcNAQELBQADggEB
AIwpBEnBw3aAu9vRtoCsFdDCF4Wdo3fS7ZsP5vukkDe/n6C+bkcFS5vZITJza3uM
oF/F+kLKdBp7Z23GL4GfNmX18+UYMpNj+1KwpA2FaNtHpKldRJspnea7/ZlSRXn5
Xpuqb4+jfGKohnLr1jmOAF5/hRuS85zo6QFu2hf6LRywh2FAE87BD9Cgu8BPsJh0
NF4gTQoXM702KEnxrKFj+v08uw+Hi+htPkFbicwWG7jm8/uZTDXyuTVRGCFJmDxI
XwXBPGW6EXfeNjq8Wci1xgaX3wMNWiL8odr04pTT8DgIlpTPnI22xi4vzKaA+Lfl
pC5I37wn/RK2dq/MzwiY0NQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:05 2023 by rpki-client on console-ams.rpki-client.org