Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/yE8qUsmoc9LLlSp2XvG8uaiis_Y.roa
File: yE8qUsmoc9LLlSp2XvG8uaiis_Y.roa (raw, json)
Hash identifier: u696WfduK/tVArboUI276/1zh7Z+MaRq+W04axJk93s=
Subject key identifier: C8:4F:2A:52:C9:A8:73:D2:CB:95:2A:76:5E:F1:BC:B9:A8:A2:B3:F6
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 3A8479D7
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/yE8qUsmoc9LLlSp2XvG8uaiis_Y.roa
Signing time: Sat 01 Jan 2022 06:00:08 +0000
ROA not before: Sat 01 Jan 2022 06:00:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203833
IP address blocks: 2a00:11c0:38::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 981760471 (0x3a8479d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 06:00:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c84f2a52c9a873d2cb952a765ef1bcb9a8a2b3f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:7f:c5:e4:76:3f:7f:3d:be:c7:ab:dc:2d:73:
ea:9f:4d:11:8c:d4:7d:2f:24:e6:2e:0d:ae:52:2a:
9f:5e:69:21:f9:84:4f:2f:2e:d4:5b:ac:89:68:dd:
84:c9:7b:25:56:05:21:00:3e:50:1e:a5:84:68:ce:
04:32:2d:e9:09:e7:6e:80:81:69:d1:f0:09:c8:dc:
34:d2:56:29:0a:e7:92:7f:f6:1a:8d:1a:b2:a9:7a:
2b:2e:7b:38:60:67:4c:8d:17:74:62:85:5c:08:39:
70:22:91:03:80:ae:96:4e:16:f6:88:c0:9c:76:d9:
14:f7:cd:f7:dc:90:02:d8:99:7a:2b:c5:98:60:c9:
e7:5c:15:05:df:c0:8a:22:b4:6c:bb:2f:09:3c:c7:
b1:6e:b5:1d:01:23:59:1d:b3:ef:7c:1d:96:88:13:
22:b8:f9:51:67:5c:9d:ac:75:79:56:17:16:79:e8:
54:9c:26:83:0b:03:0d:29:46:c4:4b:ca:3f:2c:5f:
b7:d2:ba:77:aa:88:ca:3f:d8:00:2e:e9:b1:f0:91:
9e:48:53:a9:fa:d5:55:4b:45:d4:96:65:fc:41:64:
8e:93:d2:3b:02:b0:80:a2:dd:e0:a1:92:14:60:82:
8b:db:3a:4a:67:fe:45:6e:62:9b:be:00:44:c0:bc:
55:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4F:2A:52:C9:A8:73:D2:CB:95:2A:76:5E:F1:BC:B9:A8:A2:B3:F6
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/yE8qUsmoc9LLlSp2XvG8uaiis_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:11c0:38::/48
Signature Algorithm: sha256WithRSAEncryption
73:ed:dc:50:84:cc:1b:59:15:16:7d:db:2c:0b:d8:a9:62:47:
c2:e8:a3:e8:dc:72:5e:8b:ad:44:21:14:c5:81:7a:2c:f9:e9:
52:37:16:8b:4a:c3:04:1d:af:60:9e:69:3c:5c:b1:57:ef:7b:
69:35:dd:1c:e7:b4:75:d8:3a:7b:a0:8c:bc:ef:51:c8:98:37:
50:3f:47:97:c9:ed:c8:c9:9c:9f:5b:7b:f7:fd:f0:f7:76:7a:
58:62:32:7e:c8:74:66:a6:36:25:36:c5:9f:21:21:c0:32:b9:
41:37:68:85:b6:60:0c:ad:4f:7b:fb:e9:36:73:85:23:13:83:
a9:18:6c:f5:c5:71:8c:43:fb:ac:e7:9a:5f:db:07:68:66:e8:
33:4a:fc:5c:2f:3e:72:8f:84:29:db:99:0e:d0:d4:68:aa:f2:
e8:b2:99:74:33:62:97:96:19:85:f0:1e:66:ac:be:df:52:d9:
89:4d:c3:92:49:de:63:c9:3c:d0:6d:4b:3b:68:03:4c:6a:83:
2d:3a:77:c2:69:87:a0:c3:96:53:7c:19:5e:9b:c1:f1:97:4f:
46:72:e0:90:47:5c:b4:bd:f1:16:55:c1:1b:a2:28:47:6f:ed:
04:02:82:6e:73:53:f0:a3:38:39:ab:4d:44:c7:c8:81:2d:24:
99:43:9b:a0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEOoR51zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTM5YWZlYmFjZTg5OWE4ZWUwYmI0ZjhiYjQ0NzVmZTI0N2ExNTI4MB4XDTIyMDEw
MTA2MDAwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg0ZjJhNTJjOWE4
NzNkMmNiOTUyYTc2NWVmMWJjYjlhOGEyYjNmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPt/xeR2P389vser3C1z6p9NEYzUfS8k5i4NrlIqn15pIfmE
Ty8u1FusiWjdhMl7JVYFIQA+UB6lhGjOBDIt6QnnboCBadHwCcjcNNJWKQrnkn/2
Go0asql6Ky57OGBnTI0XdGKFXAg5cCKRA4Culk4W9ojAnHbZFPfN99yQAtiZeivF
mGDJ51wVBd/AiiK0bLsvCTzHsW61HQEjWR2z73wdlogTIrj5UWdcnax1eVYXFnno
VJwmgwsDDSlGxEvKPyxft9K6d6qIyj/YAC7psfCRnkhTqfrVVUtF1JZl/EFkjpPS
OwKwgKLd4KGSFGCCi9s6Smf+RW5im74ARMC8VX0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTITypSyahz0suVKnZe8by5qKKz9jAfBgNVHSMEGDAWgBSlOa/rrOiZqO4L
tPi7RHX+JHoVKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BUbXY2NnpvbWFqdUM3VDR1MFIxX2lSNkZTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvOThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8x
L3lFOHFVc21vYzlMTGxTcDJYdkc4dWFpaXNfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
OThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8xL3BUbXY2NnpvbWFq
dUM3VDR1MFIxX2lSNkZTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAEcAAODANBgkqhkiG9w0BAQsF
AAOCAQEAc+3cUITMG1kVFn3bLAvYqWJHwuij6NxyXoutRCEUxYF6LPnpUjcWi0rD
BB2vYJ5pPFyxV+97aTXdHOe0ddg6e6CMvO9RyJg3UD9Hl8ntyMmcn1t79/3w93Z6
WGIyfsh0ZqY2JTbFnyEhwDK5QTdohbZgDK1Pe/vpNnOFIxODqRhs9cVxjEP7rOea
X9sHaGboM0r8XC8+co+EKduZDtDUaKry6LKZdDNil5YZhfAeZqy+31LZiU3Dkkne
Y8k80G1LO2gDTGqDLTp3wmmHoMOWU3wZXpvB8ZdPRnLgkEdctL3xFlXBG6IoR2/t
BAKCbnNT8KM4OatNRMfIgS0kmUOboA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:19 2023 by rpki-client on console-ams.rpki-client.org