Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/9b973d-1f2f-4c77-9dd0-1f732046b74c/1/nYmyfnyhf_u7xPtX6tZwlg4CMLo.roa
File: nYmyfnyhf_u7xPtX6tZwlg4CMLo.roa (raw, json)
Hash identifier: ZfXNMvHOHydBOIAy84zCNmTkZG+9LspH6fG67yAbgNA=
Subject key identifier: 9D:89:B2:7E:7C:A1:7F:FB:BB:C4:FB:57:EA:D6:70:96:0E:02:30:BA
Certificate issuer: /CN=df46d49cc34767f8d024aff295ad6a932e7915e0
Certificate serial: 01877567D4D720798E1C9720387AA6EF099B
Authority key identifier: DF:46:D4:9C:C3:47:67:F8:D0:24:AF:F2:95:AD:6A:93:2E:79:15:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/30bUnMNHZ_jQJK_yla1qky55FeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/9b973d-1f2f-4c77-9dd0-1f732046b74c/1/nYmyfnyhf_u7xPtX6tZwlg4CMLo.roa
Signing time: Wed 12 Apr 2023 12:19:11 +0000
ROA not before: Wed 12 Apr 2023 12:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60557
IP address blocks: 2001:678:cf0::/48 maxlen: 48
2001:678:ce8::/48 maxlen: 48
2001:678:cec::/48 maxlen: 48
2001:678:ce4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:67:d4:d7:20:79:8e:1c:97:20:38:7a:a6:ef:09:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df46d49cc34767f8d024aff295ad6a932e7915e0
Validity
Not Before: Apr 12 12:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d89b27e7ca17ffbbbc4fb57ead670960e0230ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c5:8e:45:79:23:15:b1:e5:6a:bd:44:96:f7:
89:59:76:8a:46:ce:c7:79:f6:19:fe:1f:89:c7:a3:
cf:58:91:28:e1:f8:ef:41:5a:9e:b0:17:99:76:d2:
d2:25:a8:dc:61:72:18:c5:e1:f5:40:49:ec:a9:96:
f7:71:db:22:b2:ce:d1:cb:27:fd:39:cb:15:65:92:
16:b5:da:75:40:ce:9b:de:68:68:ff:e0:f0:8b:e4:
90:ec:19:51:46:ca:90:c0:31:0b:ae:ef:6a:d6:a2:
dd:97:b3:23:a5:27:8c:04:e1:53:7c:6b:62:38:6a:
8f:82:eb:fb:2b:37:89:d7:ac:38:05:2a:d5:a6:c4:
16:4c:5d:f3:4f:79:33:7e:28:f3:26:3d:2f:4e:f9:
b7:24:85:c2:b8:a4:06:18:51:4a:f4:2a:b2:7f:98:
00:7d:7c:9d:66:64:0b:6f:12:a6:ff:84:8e:c3:1a:
1c:8c:b8:a8:3c:63:b2:e6:e1:1a:b7:cd:a7:69:26:
aa:c1:fa:a2:24:c2:0e:29:8d:99:a4:a0:6f:35:87:
25:51:8b:cd:91:01:de:66:ed:a5:d6:08:a6:73:8d:
c1:6b:28:8a:9f:48:20:4f:f0:dd:ca:12:52:a6:d9:
d9:9a:c2:a2:70:83:9f:3a:a3:51:73:48:f6:2d:4f:
10:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:89:B2:7E:7C:A1:7F:FB:BB:C4:FB:57:EA:D6:70:96:0E:02:30:BA
X509v3 Authority Key Identifier:
keyid:DF:46:D4:9C:C3:47:67:F8:D0:24:AF:F2:95:AD:6A:93:2E:79:15:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/30bUnMNHZ_jQJK_yla1qky55FeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9b973d-1f2f-4c77-9dd0-1f732046b74c/1/nYmyfnyhf_u7xPtX6tZwlg4CMLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9b973d-1f2f-4c77-9dd0-1f732046b74c/1/30bUnMNHZ_jQJK_yla1qky55FeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ce4::/48
2001:678:ce8::/48
2001:678:cec::/48
2001:678:cf0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:7a:53:11:a6:42:b2:16:ce:3b:57:fd:98:79:d2:d3:62:65:
07:92:e4:fb:db:de:e2:f5:76:2c:47:8f:3a:b3:87:fb:94:c2:
0b:f2:04:f1:9e:c8:1b:da:9c:b7:24:6d:5f:2d:90:02:89:d5:
6c:15:a3:d3:85:f3:d6:56:f3:56:e4:69:26:51:36:b0:b0:48:
45:46:66:f9:e7:40:6b:47:dd:a7:ce:1f:0e:79:f5:50:8f:dc:
b9:70:44:ae:19:64:4a:77:5d:74:57:5b:2f:7d:37:3f:19:dc:
a9:6c:b0:ce:9c:95:b6:27:99:6a:53:b4:26:07:13:98:4e:99:
58:72:82:34:02:49:da:4c:bc:9f:d4:77:04:78:21:81:e5:7f:
51:9c:0b:90:0f:8d:bf:c1:af:ec:8f:ce:71:2d:8f:92:57:e9:
f7:e0:ab:e7:38:5a:02:bd:f6:c5:15:9c:b0:22:8c:b6:1e:44:
f2:d3:f9:fd:32:5d:98:db:19:ae:9c:6e:27:7e:03:bf:a5:6c:
31:0c:ba:56:73:31:62:45:0e:70:cd:2b:35:c2:a9:83:44:f8:
ae:6d:c4:dc:39:ba:c6:2e:a8:97:37:bd:26:c9:24:2a:a4:6f:
33:26:06:5b:fd:21:e7:d5:28:1e:38:c1:cf:2a:e0:8c:17:28:
2a:74:f7:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYd1Z9TXIHmOHJcgOHqm7wmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNDZkNDljYzM0NzY3ZjhkMDI0YWZmMjk1YWQ2YTkzMmU3
OTE1ZTAwHhcNMjMwNDEyMTIxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg5YjI3ZTdjYTE3ZmZiYmJjNGZiNTdlYWQ2NzA5NjBlMDIzMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28WORXkjFbHlar1ElveJWXaKRs7H
efYZ/h+Jx6PPWJEo4fjvQVqesBeZdtLSJajcYXIYxeH1QEnsqZb3cdsiss7Ryyf9
OcsVZZIWtdp1QM6b3mho/+Dwi+SQ7BlRRsqQwDELru9q1qLdl7MjpSeMBOFTfGti
OGqPguv7KzeJ16w4BSrVpsQWTF3zT3kzfijzJj0vTvm3JIXCuKQGGFFK9Cqyf5gA
fXydZmQLbxKm/4SOwxocjLioPGOy5uEat82naSaqwfqiJMIOKY2ZpKBvNYclUYvN
kQHeZu2l1gimc43BayiKn0ggT/DdyhJSptnZmsKicIOfOqNRc0j2LU8QiwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ2Jsn58oX/7u8T7V+rWcJYOAjC6MB8GA1UdIwQY
MBaAFN9G1JzDR2f40CSv8pWtapMueRXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzBiVW5NTkhaX2pRSktfeWxhMXFreTU1RmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My85Yjk3M2QtMWYyZi00Yzc3LTlkZDAt
MWY3MzIwNDZiNzRjLzEvbllteWZueWhmX3U3eFB0WDZ0WndsZzRDTUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My85Yjk3M2QtMWYyZi00Yzc3LTlkZDAtMWY3MzIwNDZiNzRj
LzEvMzBiVW5NTkhaX2pRSktfeWxhMXFreTU1RmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAzk
AwcAIAEGeAzoAwcAIAEGeAzsAwcAIAEGeAzwMA0GCSqGSIb3DQEBCwUAA4IBAQCs
elMRpkKyFs47V/2YedLTYmUHkuT7297i9XYsR486s4f7lMIL8gTxnsgb2py3JG1f
LZACidVsFaPThfPWVvNW5GkmUTawsEhFRmb550BrR92nzh8OefVQj9y5cESuGWRK
d110V1svfTc/GdypbLDOnJW2J5lqU7QmBxOYTplYcoI0AknaTLyf1HcEeCGB5X9R
nAuQD42/wa/sj85xLY+SV+n34KvnOFoCvfbFFZywIoy2HkTy0/n9Ml2Y2xmunG4n
fgO/pWwxDLpWczFiRQ5wzSs1wqmDRPiubcTcObrGLqiXN70mySQqpG8zJgZb/SHn
1SgeOMHPKuCMFygqdPcH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:42 2025 by rpki-client