Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/YpFB7rrjb0oqdLuoY5MWmRWN83k.roa
File: YpFB7rrjb0oqdLuoY5MWmRWN83k.roa (raw, json)
Hash identifier: C/Q40nO3MSOQnlnFhSFBue16uVi9AxfxoTrdXwYRsos=
Subject key identifier: 62:91:41:EE:BA:E3:6F:4A:2A:74:BB:A8:63:93:16:99:15:8D:F3:79
Certificate issuer: /CN=17972d43835cd6a66e54e5a5856ce57de282d43a
Certificate serial: 01856C0A300B05F3F7C2F656687E6EFCF9F0
Authority key identifier: 17:97:2D:43:83:5C:D6:A6:6E:54:E5:A5:85:6C:E5:7D:E2:82:D4:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5ctQ4Nc1qZuVOWlhWzlfeKC1Do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/YpFB7rrjb0oqdLuoY5MWmRWN83k.roa
Signing time: Sun 01 Jan 2023 06:34:45 +0000
ROA not before: Sun 01 Jan 2023 06:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205614
IP address blocks: 2001:67c:814::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:30:0b:05:f3:f7:c2:f6:56:68:7e:6e:fc:f9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17972d43835cd6a66e54e5a5856ce57de282d43a
Validity
Not Before: Jan 1 06:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=629141eebae36f4a2a74bba863931699158df379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cc:24:9b:07:d2:dd:d6:b8:60:d7:40:e0:4d:
bc:44:51:09:e7:c9:09:51:87:b4:4f:cf:06:bc:a0:
7c:bd:1f:f1:2c:0a:60:c2:42:e9:80:77:be:1c:2b:
1b:6f:13:29:8c:86:f2:f1:ea:d2:16:0f:15:5a:28:
bc:2f:d4:69:a0:06:94:e0:f1:88:e1:e5:d5:ca:9c:
02:37:5b:47:62:95:b7:b0:cb:48:43:f7:dc:24:ac:
80:90:70:a0:91:3e:c0:4e:a8:fc:a7:53:b5:3f:d8:
d0:c4:ad:83:c2:42:4e:b6:48:f9:21:3a:fd:8d:e3:
f4:32:1e:b8:8f:38:c7:e4:84:03:58:73:a9:83:03:
b5:20:2a:d0:5d:cb:16:95:dd:2d:31:ff:81:b2:a0:
f9:e7:40:45:24:ae:27:fc:7e:6a:39:aa:60:50:47:
ed:a7:67:29:37:da:18:6a:82:2c:04:a0:28:3b:5a:
3a:9a:25:2c:f7:ce:01:05:e7:a6:3d:5a:37:41:78:
a5:b9:12:9d:f8:8f:6c:78:af:aa:0e:67:90:75:4b:
82:c4:7e:62:3a:9e:07:08:59:b6:85:1c:4e:f3:0a:
d1:2c:94:8d:eb:a0:a5:42:21:5e:cf:f5:5b:76:61:
dc:85:f6:12:f5:3d:65:de:b0:98:1f:33:38:35:7c:
b4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:91:41:EE:BA:E3:6F:4A:2A:74:BB:A8:63:93:16:99:15:8D:F3:79
X509v3 Authority Key Identifier:
keyid:17:97:2D:43:83:5C:D6:A6:6E:54:E5:A5:85:6C:E5:7D:E2:82:D4:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5ctQ4Nc1qZuVOWlhWzlfeKC1Do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/YpFB7rrjb0oqdLuoY5MWmRWN83k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e992c4-fea6-4e9e-a29b-9095ecc87878/1/F5ctQ4Nc1qZuVOWlhWzlfeKC1Do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:814::/48
Signature Algorithm: sha256WithRSAEncryption
2e:23:b8:87:bd:8d:c0:c0:eb:76:56:a8:b0:0d:b5:7e:e0:fb:
a8:c4:e8:28:00:2e:7b:a8:86:6f:2b:b9:34:9b:19:2a:8a:d9:
76:43:1b:0e:ff:c8:94:ab:67:62:a0:8f:77:b6:d8:4e:fc:40:
d5:6d:4e:1c:b2:f7:7b:d5:7a:73:71:73:d8:9f:11:fe:9e:8c:
3e:15:f9:2e:a2:e9:d5:fd:b8:f3:95:78:33:e9:86:c0:0b:12:
27:26:7c:6b:a0:98:28:a8:32:8e:c9:14:65:b3:57:e0:29:e2:
8d:12:3a:59:af:04:97:03:38:f0:81:cd:03:dd:34:07:d9:92:
dc:e2:ad:a2:ab:a8:72:2e:48:6d:c1:a4:14:a9:dd:c8:94:67:
61:a1:50:26:c6:89:6f:8d:da:3d:c2:f7:5a:91:92:88:7b:29:
85:91:9f:07:0f:2d:b9:d7:b3:69:72:58:1e:3f:66:84:cb:a1:
b3:44:c5:d5:be:4f:f2:c9:d6:c3:29:f3:79:b2:4e:8a:9f:bb:
ad:41:90:75:ac:a0:25:ef:fd:13:ed:c8:6a:9f:69:69:27:85:
56:06:9b:4d:74:05:9d:ab:41:65:25:f7:23:2c:38:c9:1b:3a:
89:44:8d:6b:51:b3:59:a6:44:70:19:a8:75:54:77:1d:e3:44:
89:99:32:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsCjALBfP3wvZWaH5u/PnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTcyZDQzODM1Y2Q2YTY2ZTU0ZTVhNTg1NmNlNTdkZTI4
MmQ0M2EwHhcNMjMwMTAxMDYzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjkxNDFlZWJhZTM2ZjRhMmE3NGJiYTg2MzkzMTY5OTE1OGRmMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhswkmwfS3da4YNdA4E28RFEJ58kJ
UYe0T88GvKB8vR/xLApgwkLpgHe+HCsbbxMpjIby8erSFg8VWii8L9RpoAaU4PGI
4eXVypwCN1tHYpW3sMtIQ/fcJKyAkHCgkT7ATqj8p1O1P9jQxK2DwkJOtkj5ITr9
jeP0Mh64jzjH5IQDWHOpgwO1ICrQXcsWld0tMf+BsqD550BFJK4n/H5qOapgUEft
p2cpN9oYaoIsBKAoO1o6miUs984BBeemPVo3QXiluRKd+I9seK+qDmeQdUuCxH5i
Op4HCFm2hRxO8wrRLJSN66ClQiFez/VbdmHchfYS9T1l3rCYHzM4NXy0QQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGKRQe66429KKnS7qGOTFpkVjfN5MB8GA1UdIwQY
MBaAFBeXLUODXNamblTlpYVs5X3igtQ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVjdFE0TmMxcVp1Vk9XbGhXemxmZUtDMURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lOTkyYzQtZmVhNi00ZTllLWEyOWIt
OTA5NWVjYzg3ODc4LzEvWXBGQjdycmpiMG9xZEx1b1k1TVdtUldOODNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9lOTkyYzQtZmVhNi00ZTllLWEyOWItOTA5NWVjYzg3ODc4
LzEvRjVjdFE0TmMxcVp1Vk9XbGhXemxmZUtDMURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgU
MA0GCSqGSIb3DQEBCwUAA4IBAQAuI7iHvY3AwOt2VqiwDbV+4PuoxOgoAC57qIZv
K7k0mxkqitl2QxsO/8iUq2dioI93tthO/EDVbU4csvd71XpzcXPYnxH+now+Ffku
ounV/bjzlXgz6YbACxInJnxroJgoqDKOyRRls1fgKeKNEjpZrwSXAzjwgc0D3TQH
2ZLc4q2iq6hyLkhtwaQUqd3IlGdhoVAmxolvjdo9wvdakZKIeymFkZ8HDy2517Np
clgeP2aEy6GzRMXVvk/yydbDKfN5sk6Kn7utQZB1rKAl7/0T7chqn2lpJ4VWBptN
dAWdq0FlJfcjLDjJGzqJRI1rUbNZpkRwGah1VHcd40SJmTK6
-----END CERTIFICATE-----
Generated at Thu Apr 24 00:43:45 2025 by rpki-client