Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/YcPIjygfqWVwUp8zQ1g-4XSd1NI.roa
File: YcPIjygfqWVwUp8zQ1g-4XSd1NI.roa (raw, json)
Hash identifier: NKHUOLAo0CcR0hYOMeCIBjgbcsaZqgSUkEoyo0PDSyg=
Subject key identifier: 61:C3:C8:8F:28:1F:A9:65:70:52:9F:33:43:58:3E:E1:74:9D:D4:D2
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 01856F1DB226C06A0CE45202EFDD937F421A
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/YcPIjygfqWVwUp8zQ1g-4XSd1NI.roa
Signing time: Sun 01 Jan 2023 20:54:55 +0000
ROA not before: Sun 01 Jan 2023 20:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29063
IP address blocks: 2a01:8180:3000::/36 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b2:26:c0:6a:0c:e4:52:02:ef:dd:93:7f:42:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 20:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61c3c88f281fa96570529f3343583ee1749dd4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2c:cb:f0:d3:22:cb:eb:6f:d0:fc:50:88:8a:
94:96:1a:e3:07:ee:93:41:05:7c:d4:b9:84:7a:84:
3d:7c:3b:b2:82:02:b8:79:67:d8:19:24:44:b1:5f:
5b:a7:de:b0:d9:0b:e8:a5:83:da:0b:8c:86:b0:c9:
cc:93:8e:ed:a4:3f:69:c1:03:24:13:ed:57:65:c3:
65:c0:98:81:19:5b:5c:ba:68:b7:49:7b:eb:a6:b6:
03:cf:14:31:93:30:45:25:f3:3d:aa:db:b4:0a:ab:
f1:ec:d5:dd:d7:c7:0e:7e:6e:a1:b9:59:77:41:b0:
ca:eb:4a:e4:0a:5f:9f:5d:41:1c:e6:c9:05:80:a3:
f5:e0:e2:c1:01:1a:0e:57:77:41:68:e1:e3:f7:7d:
05:41:43:6b:ca:3e:f0:f2:a8:02:7b:88:b0:4c:5c:
38:69:64:36:0e:29:5a:df:b7:3e:8f:58:39:5b:fc:
53:98:82:03:d5:cb:a5:a5:94:fb:56:9c:26:9f:3c:
40:be:11:f2:37:9a:00:b2:e7:33:26:0a:e8:90:9f:
62:77:eb:df:b8:11:8f:38:46:9d:06:a6:81:d2:2c:
47:42:79:9c:ca:d9:53:a9:d3:38:f4:ab:ef:64:c7:
4a:c2:f9:9d:f5:e6:67:49:50:8b:3a:0d:64:1d:b7:
03:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C3:C8:8F:28:1F:A9:65:70:52:9F:33:43:58:3E:E1:74:9D:D4:D2
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/YcPIjygfqWVwUp8zQ1g-4XSd1NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:8180:3000::/36
Signature Algorithm: sha256WithRSAEncryption
15:40:e7:2f:b2:bc:7f:51:b7:4e:80:0c:fb:b4:ef:29:c1:4f:
97:78:69:11:c8:c2:22:52:51:24:9f:d4:f4:f3:3f:42:8b:df:
0c:60:4a:bd:03:ce:c8:a2:d5:03:98:eb:38:e4:d0:9e:8d:1c:
5e:dc:9f:ef:06:4b:e9:4f:e5:62:b8:3a:ef:2a:32:22:f2:b3:
09:37:ca:e3:f1:28:ac:04:11:bf:5c:0d:01:85:69:64:83:8d:
2e:59:aa:74:d9:b3:b2:14:c6:40:46:f7:d3:40:02:8e:2c:4c:
89:62:f2:55:29:16:39:da:77:21:9f:5c:1d:dc:f6:02:42:3b:
2c:dc:f0:cb:f4:a1:1e:1d:91:ec:11:f5:02:85:34:7f:08:1c:
71:80:f3:45:6e:37:59:54:21:9d:e4:3e:d4:2d:c7:8c:7b:d7:
96:5f:22:d3:81:0f:b2:c7:27:7b:f6:c9:14:f6:81:25:e5:14:
ea:15:f5:4c:56:2c:b9:57:65:52:c2:ec:2d:2b:c9:9a:5e:d0:
b3:1a:ef:6e:44:91:b2:a4:29:de:83:aa:dc:65:d0:83:73:9c:
ce:bb:f4:47:ff:e5:f8:8b:97:ed:7a:81:b8:44:64:22:0e:cf:
c4:61:ba:aa:9c:1a:b6:2b:a0:ab:b1:71:fa:5d:4f:9f:aa:07:
fb:1a:d3:19
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvHbImwGoM5FIC792Tf0IaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWRlNDkwZmY4NzRlOTY4OWNlY2Y3MjZjYmI0ZTJmNTFm
NmM3MzEwHhcNMjMwMTAxMjA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWMzYzg4ZjI4MWZhOTY1NzA1MjlmMzM0MzU4M2VlMTc0OWRkNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCzL8NMiy+tv0PxQiIqUlhrjB+6T
QQV81LmEeoQ9fDuyggK4eWfYGSREsV9bp96w2QvopYPaC4yGsMnMk47tpD9pwQMk
E+1XZcNlwJiBGVtcumi3SXvrprYDzxQxkzBFJfM9qtu0Cqvx7NXd18cOfm6huVl3
QbDK60rkCl+fXUEc5skFgKP14OLBARoOV3dBaOHj930FQUNryj7w8qgCe4iwTFw4
aWQ2Dila37c+j1g5W/xTmIID1culpZT7VpwmnzxAvhHyN5oAsuczJgrokJ9id+vf
uBGPOEadBqaB0ixHQnmcytlTqdM49KvvZMdKwvmd9eZnSVCLOg1kHbcDKQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGHDyI8oH6llcFKfM0NYPuF0ndTSMB8GA1UdIwQY
MBaAFJ1d5JD/h06Wic7Pcmy7Ti9R9scxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUt
Y2VjMzNiYTFiZGY1LzEvWWNQSWp5Z2ZxV1Z3VXA4elExZy00WFNkMU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUtY2VjMzNiYTFiZGY1
LzEvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgGBgDAw
DQYJKoZIhvcNAQELBQADggEBABVA5y+yvH9Rt06ADPu07ynBT5d4aRHIwiJSUSSf
1PTzP0KL3wxgSr0Dzsii1QOY6zjk0J6NHF7cn+8GS+lP5WK4Ou8qMiLyswk3yuPx
KKwEEb9cDQGFaWSDjS5ZqnTZs7IUxkBG99NAAo4sTIli8lUpFjnadyGfXB3c9gJC
Oyzc8Mv0oR4dkewR9QKFNH8IHHGA80VuN1lUIZ3kPtQtx4x715ZfItOBD7LHJ3v2
yRT2gSXlFOoV9UxWLLlXZVLC7C0ryZpe0LMa725EkbKkKd6Dqtxl0INznM679Ef/
5fiLl+16gbhEZCIOz8RhuqqcGrYroKuxcfpdT5+qB/sa0xk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:41:34 2025 by rpki-client