Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/Y-PG11KOL57L3kN29n7u8EKyqBA.roa
File: Y-PG11KOL57L3kN29n7u8EKyqBA.roa (raw, json)
Hash identifier: lDYYH52cpg+3GkQY+qUhk/S3dw9Aimf+o3xOVSMkNbs=
Subject key identifier: 63:E3:C6:D7:52:8E:2F:9E:CB:DE:43:76:F6:7E:EE:F0:42:B2:A8:10
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 04B90C
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/Y-PG11KOL57L3kN29n7u8EKyqBA.roa
Signing time: Tue 21 Jun 2022 13:28:44 +0000
ROA not before: Tue 21 Jun 2022 13:28:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14478
IP address blocks: 2a0c:2f07:72::/48 maxlen: 48
2a0c:2f07:73::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309516 (0x4b90c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Jun 21 13:28:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63e3c6d7528e2f9ecbde4376f67eeef042b2a810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:83:ea:be:38:7e:eb:73:af:36:3e:66:15:b9:
25:92:7e:fb:05:50:70:98:7b:de:68:c5:42:40:59:
8d:66:4e:62:ff:99:8b:3c:8e:0a:20:b1:9a:7c:2e:
a9:e5:d3:17:b3:02:db:eb:15:91:e8:14:8f:f8:5f:
ac:79:80:d7:0c:7c:cf:3b:cb:28:94:7d:9a:35:5d:
e1:f1:42:96:50:6d:1a:d3:ba:49:18:a8:43:3b:2e:
96:8e:82:8f:a8:d3:53:06:42:3c:49:80:81:16:20:
dd:c6:bf:aa:9d:6f:61:12:24:77:17:cb:92:d6:8d:
c1:e2:ec:72:1c:76:a4:6e:00:6c:08:60:d9:a0:9d:
90:86:37:b8:e1:01:09:89:0d:a8:1a:ae:f1:68:3a:
c4:34:c5:c6:9c:f4:7c:36:8c:ee:98:14:9a:2e:b8:
99:c9:7e:4e:36:06:c9:76:dd:b0:a5:bd:34:f0:49:
bd:60:38:27:fd:dd:75:c3:6d:6f:27:39:ce:4a:67:
bb:1c:e7:c2:db:13:d4:e6:05:e2:7b:a9:fb:e5:d4:
d7:bc:ef:80:1c:3e:2d:67:bc:3f:4f:f4:08:11:41:
24:b6:70:5a:ba:9c:87:f8:00:01:7e:10:52:04:92:
c8:79:e2:cc:ca:fc:14:95:88:92:0a:34:72:cd:f0:
02:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E3:C6:D7:52:8E:2F:9E:CB:DE:43:76:F6:7E:EE:F0:42:B2:A8:10
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/Y-PG11KOL57L3kN29n7u8EKyqBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2f07:72::/47
Signature Algorithm: sha256WithRSAEncryption
34:e3:2f:69:28:bf:50:aa:d3:81:6b:79:50:3d:13:b7:e2:8d:
32:d8:0a:3d:a1:68:9b:33:a5:33:71:e0:c7:5c:9d:50:e8:29:
65:1c:67:48:29:cd:d6:69:da:26:5d:cc:47:a7:3e:10:51:f2:
5a:4b:b2:8a:32:ea:4c:1a:bb:eb:62:47:1a:e8:7a:d5:4c:ae:
04:d9:1c:c3:32:c5:64:73:15:61:40:36:0d:24:d2:0e:de:b5:
f8:12:27:1d:ab:eb:1d:0a:f4:56:24:c9:72:b7:be:f3:f6:7f:
30:72:88:ed:8b:59:5f:0f:db:e3:af:0b:50:6f:9b:7d:d8:41:
cd:c3:0e:c7:bc:cc:5d:6b:41:68:8d:37:a8:e3:a7:46:01:de:
9c:a4:25:43:07:ed:27:68:9e:30:64:f8:f6:99:e5:9f:c0:d2:
a4:45:a1:39:19:33:dd:26:fa:f8:bb:a6:c4:c5:e6:41:a3:74:
93:00:4d:8b:94:f1:35:71:22:5e:ea:f3:5c:bd:98:60:20:8c:
6d:e0:dc:64:7e:60:d7:59:76:a7:04:5b:1c:e9:d7:35:f0:96:
56:9e:95:b3:f5:3a:b4:8e:c4:22:0c:71:d1:a9:9e:5d:55:56:
fb:50:c6:1b:01:a3:46:d2:00:e1:fb:76:2d:77:a6:3e:61:36:
28:d0:32:79
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDBLkMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM2
OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3YjM4ZDMwHhcNMjIwNjIx
MTMyODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2M2UzYzZkNzUyOGUy
ZjllY2JkZTQzNzZmNjdlZWVmMDQyYjJhODEwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyoPqvjh+63OvNj5mFbklkn77BVBwmHveaMVCQFmNZk5i/5mL
PI4KILGafC6p5dMXswLb6xWR6BSP+F+seYDXDHzPO8solH2aNV3h8UKWUG0a07pJ
GKhDOy6WjoKPqNNTBkI8SYCBFiDdxr+qnW9hEiR3F8uS1o3B4uxyHHakbgBsCGDZ
oJ2Qhje44QEJiQ2oGq7xaDrENMXGnPR8NozumBSaLriZyX5ONgbJdt2wpb008Em9
YDgn/d11w21vJznOSme7HOfC2xPU5gXie6n75dTXvO+AHD4tZ7w/T/QIEUEktnBa
upyH+AABfhBSBJLIeeLMyvwUlYiSCjRyzfACzwIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFGPjxtdSji+ey95DdvZ+7vBCsqgQMB8GA1UdIwQYMBaAFDaR0pUBRdzqwAwM
pOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2LzEv
WS1QRzExS09MNTdMM2tOMjluN3U4RUt5cUJBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8y
YTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2LzEvTnBIU2xRRkYzT3JB
REF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgwvBwByMA0GCSqGSIb3DQEBCwUA
A4IBAQA04y9pKL9QqtOBa3lQPRO34o0y2Ao9oWibM6UzceDHXJ1Q6CllHGdIKc3W
adomXcxHpz4QUfJaS7KKMupMGrvrYkca6HrVTK4E2RzDMsVkcxVhQDYNJNIO3rX4
Eicdq+sdCvRWJMlyt77z9n8wcojti1lfD9vjrwtQb5t92EHNww7HvMxda0FojTeo
46dGAd6cpCVDB+0naJ4wZPj2meWfwNKkRaE5GTPdJvr4u6bExeZBo3STAE2LlPE1
cSJe6vNcvZhgIIxt4NxkfmDXWXanBFsc6dc18JZWnpWz9Tq0jsQiDHHRqZ5dVVb7
UMYbAaNG0gDh+3Ytd6Y+YTYo0DJ5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:51 2023 by rpki-client on console-fra.rpki-client.org